From 1acd7cb990d429f7710a3797612c6a78470972ef Mon Sep 17 00:00:00 2001
From: Matt Peake <7741049+peakematt@users.noreply.github.com>
Date: Mon, 9 Oct 2023 12:39:19 -0400
Subject: [PATCH] Add gitleaks scan to CI

---
 .circleci/config.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8ab65c744a1..eb17342c272 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,5 +1,8 @@
 version: 2.1
 
+orbs:
+  secops: apollo/circleci-secops-orb@2.0.0
+
 jobs:
   # Filesize:
   #   docker:
@@ -109,3 +112,12 @@ workflows:
                 - vite
                 - vite-swc
                 # -browser-esm would need a package publish to npm/CDNs
+  security-scans:
+    jobs:
+      - secops/gitleaks:
+          context:
+            - platform-docker-ro
+            - github-orb
+            - secops-oidc
+          git-base-revision: <<#pipeline.git.base_revision>><<pipeline.git.base_revision>><</pipeline.git.base_revision >>
+          git-revision: << pipeline.git.revision >>