torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve gitleaks download process in code analysis workflow by adding error handling for invalid downloads and ensuring proper extraction of the archive.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m37s
Details

Browse Source
This commit is contained in:
Torsten Schulz (local)
2025-12-20 15:12:27 +01:00
parent 6fda6ebad0
commit dd21174f1d
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.gitea/workflows/code-analysis.yml
View File

@@ -43,6 +43,12 @@ jobs:
- name: gitleaks (Secrets Scanning) - name: gitleaks (Secrets Scanning)
run: | run: |
curl -sSL https://github.com/gitleaks/gitleaks/releases/latest/download/gitleaks_linux_x64.tar.gz \ curl -sSL -L https://github.com/gitleaks/gitleaks/releases/latest/download/gitleaks_linux_x64.tar.gz -o gitleaks.tar.gz
| tar -xz gitleaks if [ ! -s gitleaks.tar.gz ] || file gitleaks.tar.gz | grep -q "HTML"; then
echo "Error: Downloaded file is not a valid archive"
exit 1
fi
tar -xzf gitleaks.tar.gz 2>/dev/null || tar -xf gitleaks.tar.gz || (echo "Failed to extract archive" && exit 1)
chmod +x gitleaks
./gitleaks detect --source . --no-git --redact --exit-code 1 ./gitleaks detect --source . --no-git --redact --exit-code 1
rm -f gitleaks.tar.gz