From ca2bb368d6cf89250687a693b9d2254112ef2469 Mon Sep 17 00:00:00 2001 From: nick-diamond Date: Wed, 11 Jun 2025 08:31:42 +0100 Subject: [PATCH 1/3] Create workflows directory --- .github/workflows/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 .github/workflows/.gitkeep diff --git a/.github/workflows/.gitkeep b/.github/workflows/.gitkeep new file mode 100644 index 0000000..e69de29 From f8929aba3a0db0e0a8e3004a01d81816c16fa38a Mon Sep 17 00:00:00 2001 From: nick-diamond Date: Wed, 11 Jun 2025 08:31:43 +0100 Subject: [PATCH 2/3] Add secret scanner workflow --- .github/workflows/secret-scanner.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/secret-scanner.yaml diff --git a/.github/workflows/secret-scanner.yaml b/.github/workflows/secret-scanner.yaml new file mode 100644 index 0000000..7acee4e --- /dev/null +++ b/.github/workflows/secret-scanner.yaml @@ -0,0 +1,16 @@ +name: "Secret Scanner" +on: + push: + pull_request: + +permissions: + contents: read + id-token: write + issues: write + pull-requests: write + +jobs: + secrets-scanner: + uses: arbor-education/gha.workflows/.github/workflows/secret-scanner-template.yaml@DOPS-12604-cicd-scanner + secrets: + JIRA_TOKEN: ${{ secrets.JIRA_TOKEN }} From 7782864c33fe3b47c2fd954b35d66c101d1d4978 Mon Sep 17 00:00:00 2001 From: nick-diamond Date: Wed, 11 Jun 2025 08:31:44 +0100 Subject: [PATCH 3/3] Add pre-commit config with secret scanner hook --- .pre-commit-config.yaml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..b0c4380 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,3 @@ +repos: + - repo: arbor-education/gha.workflows/.github/workflows/pre-commit-template.yaml + rev: v0.0.168