Skip to content

Commit f71de66

Browse files
fix(ci): replace gitleaks-action with container-based gitleaks
gitleaks-action@v2 requires a paid license for org repos. Switch to running gitleaks from the dev-toolchain container instead. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 4a0cc18 commit f71de66

1 file changed

Lines changed: 8 additions & 3 deletions

File tree

.github/workflows/ci.yml

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,13 @@ jobs:
3131
steps:
3232
- name: Checkout repository
3333
uses: actions/checkout@v4
34+
with:
35+
fetch-depth: 0
3436

3537
- name: Run gitleaks
36-
uses: gitleaks/gitleaks-action@v2
37-
env:
38-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
38+
run: |
39+
docker run --rm \
40+
-v "$(pwd):/workspace" \
41+
-w /workspace \
42+
ghcr.io/devrail-dev/dev-toolchain:v1 \
43+
gitleaks detect --source . --report-format json --report-path /tmp/gitleaks-results.json

0 commit comments

Comments
 (0)