diff --git a/templates/gitlab-ci-gitleaks.yml b/templates/gitlab-ci-gitleaks.yml index 2b78e7208144b0c4f817c6c4ace642d655fd2d95..45254f97c117fb50f198953d1e6e8470f806c114 100644 --- a/templates/gitlab-ci-gitleaks.yml +++ b/templates/gitlab-ci-gitleaks.yml @@ -18,6 +18,7 @@ variables: GITLEAKS_IMAGE: "zricethezav/gitleaks:latest" GITLEAKS_ARGS: "--verbose" GITLEAKS_QUICK_DEPTH: "10" + GITLEAKS_QUICK_ARGS: "--verbose" # default production ref name (pattern) PROD_REF: '/^(master|main)$/' @@ -209,7 +210,7 @@ gitleaks: - mkdir -p ./gitleaks - install_gitleaks_rules script: - - gitleaks ${TRACE+--debug} --path=. $gitleaks_rule_opts --report=./gitleaks/gitleaks-report.json $GITLEAKS_ARGS + - gitleaks detect ${TRACE+--log-level debug} --source . $gitleaks_rule_opts --report-path ./gitleaks/gitleaks-report.json $GITLEAKS_ARGS artifacts: name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" when: always @@ -228,7 +229,7 @@ gitleaks-quick: variables: GIT_DEPTH: "${GITLEAKS_QUICK_DEPTH}" script: - - gitleaks ${TRACE+--debug} --path=. $gitleaks_rule_opts --report=./gitleaks/gitleaks-report.json --depth=${GITLEAKS_QUICK_DEPTH} $GITLEAKS_QUICK_ARGS + - gitleaks detect ${TRACE+--log-level debug} --source . $gitleaks_rule_opts --report-path ./gitleaks/gitleaks-report.json --log-opts="-n ${GITLEAKS_QUICK_DEPTH}" $GITLEAKS_QUICK_ARGS rules: # exclude merge requests - if: $CI_MERGE_REQUEST_ID