From 2a15273e8363541eeff0f044910b684dafe60fa8 Mon Sep 17 00:00:00 2001
From: Jarun Madhesh <124247136+cb-jarunmadhesh@users.noreply.github.com>
Date: Thu, 31 Jul 2025 16:26:41 +0530
Subject: [PATCH] Add GitHub Actions workflow for secret scanning and configure
 pre-commit hook for Gitleaks

Signed-off-by: Jarun Madhesh <124247136+cb-jarunmadhesh@users.noreply.github.com>
---
 .github/workflows/secret-scan.yml | 10 ++++++++++
 .pre-commit-config.yaml           |  5 +++++
 2 files changed, 15 insertions(+)
 create mode 100644 .github/workflows/secret-scan.yml
 create mode 100644 .pre-commit-config.yaml

diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml
new file mode 100644
index 0000000..85e4fe5
--- /dev/null
+++ b/.github/workflows/secret-scan.yml
@@ -0,0 +1,10 @@
+name: CB Secret PR Scan
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  SecretScanning:
+    uses: chargebee/cb-secrets-scanner/.github/workflows/cb-secret-scan.yml@main
+    secrets: inherit 
\ No newline at end of file
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..93d4c32
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,5 @@
+repos:
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.18.4
+    hooks:
+      - id: gitleaks
\ No newline at end of file