From 32e2d37dd347d9ad519c973af7334587f51e20d6 Mon Sep 17 00:00:00 2001
From: Klagarge <remi@heredero.ch>
Date: Tue, 15 Apr 2025 21:36:31 +0200
Subject: [PATCH] feat(ci): add Gitleaks job for secret scanning

Signed-off-by: Klagarge <remi@heredero.ch>
---
 .gitlab-ci.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b0acd34..ebb33f1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -96,4 +96,12 @@ dast:
   script:
     - echo "Waiting for the app to start on http://app:5000"
     - timeout 60 bash -c 'until curl -s http://app:5000; do echo "Waiting..."; sleep 3; done'
-    - zap-full-scan.py -t http://app:5000 -I
\ No newline at end of file
+    - zap-full-scan.py -t http://app:5000 -I
+
+gitleaks:
+  stage: test
+  image:
+    name: zricethezav/gitleaks:latest
+    entrypoint: [""]
+  script:
+      - gitleaks dir -v --redact=75 .