From 945628258b56b6f0fc017dde86fbb6fcfa92e02b Mon Sep 17 00:00:00 2001
From: "lois.postula" <lois.postula@foresightmining.com>
Date: Wed, 30 Aug 2023 18:07:12 +0200
Subject: [PATCH] feat: implement gitleaks

---
 .github/workflows/gitleaks.yaml | 19 +++++++++++++++++++
 .pre-commit-config.yaml         |  5 +++++
 Makefile                        | 29 +++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+)
 create mode 100644 .github/workflows/gitleaks.yaml
 create mode 100644 .pre-commit-config.yaml
 create mode 100644 Makefile

diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/gitleaks.yaml
new file mode 100644
index 0000000..86a3d83
--- /dev/null
+++ b/.github/workflows/gitleaks.yaml
@@ -0,0 +1,19 @@
+name: gitleaks
+on:
+  pull_request:
+  push:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 4 * * *" # run once a day at 4 AM
+jobs:
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..bc5fc95
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,5 @@
+repos:
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.18.0
+    hooks:
+      - id: gitleaks
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..c516c0d
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,29 @@
+.PHONY: precommit_setup precommit_install precommit_update precommit_run precommit_staged
+# Install pre-commit tooling
+precommit_setup:
+	@echo "Setting up pre-commit..."
+	pip install pre-commit
+
+# Install the hooks
+precommit_install: precommit_setup
+	@echo "Installing pre-commit hooks..."
+	pre-commit install
+
+# Update the hooks to the latest versions
+precommit_update: precommit_setup
+	@echo "Updating pre-commit hooks..."
+	pre-commit autoupdate
+
+# Run all hooks against all the files
+precommit_run:
+	@echo "Running pre-commit hooks..."
+	pre-commit run --all-files
+
+# Run all hooks against staged files
+precommit_staged:
+	@echo "Running pre-commit hooks against staged files..."
+	pre-commit run --files $$(git diff --name-only --cached)
+
+# Your other Makefile targets
+# ...
+setup: precommit_setup precommit_update precommit_install