Files
Kill_LIFE/.github/workflows/secret_scan.yml
T
Clément SAILLANT 124906d084 feat: Add comprehensive CI/CD workflows and badges for compliance, security, and quality assurance
- Introduced multiple guides for workflows including Evidence Pack Validation, Incident Response, Model Validation, Performance & HIL, Release Signing, SBOM Validation, Secret Scanning, and Supply Chain Attestation.
- Created dynamic badges for each workflow to reflect their status and compliance.
- Implemented a checklist for validating CI/CD workflows and evidence packs.
- Developed scripts for building firmware, testing, collecting evidence, and generating audit reports.
- Added tools for generating community, documentation, quality, and security badges based on various reports.
- Established endpoints for dynamic badges to be integrated into documentation and README files.
- Enhanced the overall structure and traceability of CI/CD processes with evidence packs and automated checks.
2026-02-19 08:58:10 +01:00

25 lines
620 B
YAML

name: Secret Scanning
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
secret_scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Scan secrets (Gitleaks)
run: |
gitleaks detect --source . --report docs/secret-scan-report.json --exit-code 0
- name: Scan secrets (TruffleHog)
run: |
trufflehog filesystem . --json > docs/trufflehog-report.json || true
- name: Upload reports
uses: actions/upload-artifact@v3
with:
name: secret-scan
path: docs/secret-scan-report.json