fix(ci): replace flaky gitleaks-action with direct binary install
frontend-ci / typecheck (push) Successful in 14s
frontend-ci / lint (push) Successful in 14s
frontend-ci / secrets-scan (push) Successful in 4s
frontend-ci / sast (push) Successful in 6s
frontend-ci / fs-scan (push) Failing after 38s
frontend-ci / build (push) Has been cancelled
frontend-ci / image-scan (push) Has been cancelled
frontend-ci / push (push) Has been cancelled
frontend-ci / typecheck (push) Successful in 14s
frontend-ci / lint (push) Successful in 14s
frontend-ci / secrets-scan (push) Successful in 4s
frontend-ci / sast (push) Successful in 6s
frontend-ci / fs-scan (push) Failing after 38s
frontend-ci / build (push) Has been cancelled
frontend-ci / image-scan (push) Has been cancelled
frontend-ci / push (push) Has been cancelled
gitleaks/gitleaks-action@v2 has a license-key check that fails on some Gitea runners. Switch to downloading and running the gitleaks binary directly — same scan, no action wrapper, no license dependency.
This commit is contained in:
@@ -39,7 +39,12 @@ jobs:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: gitleaks/gitleaks-action@v2
|
||||
- name: Install and run gitleaks
|
||||
run: |
|
||||
GL_VERSION=8.18.4
|
||||
curl -sSL "https://github.com/gitleaks/gitleaks/releases/download/v${GL_VERSION}/gitleaks_${GL_VERSION}_linux_x64.tar.gz" \
|
||||
| tar xz -C /tmp gitleaks
|
||||
/tmp/gitleaks detect --redact --no-banner --verbose --source .
|
||||
|
||||
sast:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
Reference in New Issue
Block a user