Add gitleaks repo scan and submit github security scanning alert - Githubissues

rog-golang-buddies / golang-template-repository

Kickstarter repository for a golang service

Apache License 2.0

17 stars 7 forks source link

Add gitleaks repo scan and submit github security scanning alert #10

Closed haani-niyaz closed 2 years ago

haani-niyaz commented 2 years ago

Change

Contains the github workflow to:

Run gitleaks secret scanning on repo
On detection, submit Github security alert

Closes #3 .

Considerations

GH actions for gitleaks requires licensing for organization repositories as per https://github.com/marketplace/actions/gitleaks#do-i-need-a-license-key therefore this has been somewhat hand crafted.

Sample results

Can be viewed here https://github.com/haani-niyaz/gitleaks-gh-action-sample/actions/runs/2532666777

Screen Shot 2022-06-21 at 6 32 23 pm

Security alert can be viewed from Security (tab) -> Code scanning alerts (menu option).

haani-niyaz commented 2 years ago

@shukra-in-spirit, pre-commit white-space error fixed.