From 964007e008566dbbace6d425667a0ebb7f36113f Mon Sep 17 00:00:00 2001
From: Wayne Grant <wayne.grant@snyk.io>
Date: Thu, 15 Jun 2023 14:08:16 +0100
Subject: [PATCH] feat: add secrets scanning

---
 .circleci/config.yml    | 6 ++++++
 .pre-commit-config.yaml | 5 +++++
 2 files changed, 11 insertions(+)
 create mode 100644 .pre-commit-config.yaml

diff --git a/.circleci/config.yml b/.circleci/config.yml
index b43bf30d..87ad15de 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -2,6 +2,7 @@ version: 2.1
 
 orbs:
   win: circleci/windows@2.4.0
+  prodsec: snyk/prodsec-orb@1.0
 
 defaults: &defaults
   parameters:
@@ -111,6 +112,11 @@ workflows:
   version: 2
   test_and_release:
     jobs:
+      - prodsec/secrets-scan:
+          name: Scan repository for secrets
+          context:
+            - snyk-bot-slack
+          channel: os-team-managed-alerts
       - lint:
           name: Lint
           context: nodejs-install
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 00000000..c9528f47
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,5 @@
+repos:
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.16.1
+    hooks:
+      - id: gitleaks