Gitleaks Action provides a simple way to run Gitleaks in your CI/CD pipeline.
This repository is here to support the Gitleaks action with all the updates from Gitleaks source project. With the new 2.0 version of gitleaks/gitleaks-action GitHub Action they went to a commercial licence.
name: gitleaks
on: [push,pull_request]
jobs:
gitleaks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: gitleaks-action
uses: dhsathiya/gitleaks-action@master
name: gitleaks
on: [push,pull_request]
jobs:
gitleaks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: gitleaks-action
uses: dhsathiya/gitleaks-action@master
with:
config-path: security/.gitleaks.toml
> The `config-path` is relative to your GitHub Worskpace
You must use actions/checkout before the gitleaks-action step. If you are using actions/checkout@v2 you must specify a commit depth other than the default which is 1.
ex:
steps:
- uses: actions/checkout@v2
with:
fetch-depth: '0'
- name: gitleaks-action
uses: dhsathiya/gitleaks-action@master
using a fetch-depth of '0' clones the entire history. If you want to do a more efficient clone, use '2', but that is not guaranteed to work with pull requests.
Gitleaks Project: https://github.com/zricethezav/gitleaks Source: https://github.com/gitleaks/gitleaks-action