Merge pull request #878 from esthertitilayo-dev/fix/754-contracts-add… #555
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Secret Scanning | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| schedule: | |
| - cron: '0 0 * * *' # Daily scan | |
| jobs: | |
| gitleaks: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run gitleaks | |
| uses: gitleaks/gitleaks-action@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_ENABLE_COMMENTS: false | |
| # GitHub Advanced Security secret scanning alerts | |
| # This relies on GitHub's built-in secret scanning | |
| # Enable it in repository settings: Settings > Security > Secret scanning | |
| secret-scanning-alerts: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Check secret scanning status | |
| run: | | |
| echo "GitHub Advanced Security secret scanning is enabled at the repository level." | |
| echo "Alerts are automatically routed based on security policy settings." | |
| echo "" | |
| echo "To configure alert routing:" | |
| echo "1. Go to Repository Settings > Security > Secret scanning" | |
| echo "2. Configure alert notifications and push protection" |