fix(ci): replace flaky gitleaks-action with direct binary install
frontend-ci / typecheck (push) Successful in 14s
frontend-ci / lint (push) Successful in 14s
frontend-ci / secrets-scan (push) Successful in 4s
frontend-ci / sast (push) Successful in 6s
frontend-ci / fs-scan (push) Failing after 38s
frontend-ci / build (push) Has been cancelled
frontend-ci / image-scan (push) Has been cancelled
frontend-ci / push (push) Has been cancelled
frontend-ci / typecheck (push) Successful in 14s
frontend-ci / lint (push) Successful in 14s
frontend-ci / secrets-scan (push) Successful in 4s
frontend-ci / sast (push) Successful in 6s
frontend-ci / fs-scan (push) Failing after 38s
frontend-ci / build (push) Has been cancelled
frontend-ci / image-scan (push) Has been cancelled
frontend-ci / push (push) Has been cancelled
gitleaks/gitleaks-action@v2 has a license-key check that fails on some Gitea runners. Switch to downloading and running the gitleaks binary directly — same scan, no action wrapper, no license dependency.
This commit is contained in:
@@ -39,7 +39,12 @@ jobs:
|
|||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
- uses: gitleaks/gitleaks-action@v2
|
- name: Install and run gitleaks
|
||||||
|
run: |
|
||||||
|
GL_VERSION=8.18.4
|
||||||
|
curl -sSL "https://github.com/gitleaks/gitleaks/releases/download/v${GL_VERSION}/gitleaks_${GL_VERSION}_linux_x64.tar.gz" \
|
||||||
|
| tar xz -C /tmp gitleaks
|
||||||
|
/tmp/gitleaks detect --redact --no-banner --verbose --source .
|
||||||
|
|
||||||
sast:
|
sast:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
Reference in New Issue
Block a user