Bump zricethezav/gitleaks from v7.6.1 to v8.0.4 (#2188)

* Bump zricethezav/gitleaks from v7.6.1 to v8.0.4

Bumps zricethezav/gitleaks from v7.6.1 to v8.0.4.

---
updated-dependencies:
- dependency-name: zricethezav/gitleaks
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing command for after 8.x

* better regex

* better verbose

* remove file

* fixed logic

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>

Dockerfile

@@ -19,7 +19,7 @@ FROM mvdan/shfmt:v3.4.1 as shfmt
 FROM accurics/terrascan:1.12.0 as terrascan
 FROM hadolint/hadolint:latest-alpine as dockerfile-lint
 FROM assignuser/chktex-alpine:v0.1.1 as chktex
-FROM zricethezav/gitleaks:v7.6.1 as gitleaks
+FROM zricethezav/gitleaks:v8.0.4 as gitleaks
 FROM garethr/kubeval:0.15.0 as kubeval
 FROM ghcr.io/awkbar-devops/clang-format:v1.0.2 as clang-format
 FROM scalameta/scalafmt:v3.2.1 as scalafmt

Dockerfile-slim

@@ -25,7 +25,7 @@ FROM mvdan/shfmt:v3.4.1 as shfmt
 FROM accurics/terrascan:1.12.0 as terrascan
 FROM hadolint/hadolint:latest-alpine as dockerfile-lint
 FROM assignuser/chktex-alpine:v0.1.1 as chktex
-FROM zricethezav/gitleaks:v7.6.1 as gitleaks
+FROM zricethezav/gitleaks:v8.0.4 as gitleaks
 FROM garethr/kubeval:0.15.0 as kubeval
 FROM ghcr.io/assignuser/lintr-lib:0.3.0 as lintr-lib
 FROM ghcr.io/awkbar-devops/clang-format:v1.0.2 as clang-format

lib/functions/buildFileList.sh

@@ -316,8 +316,12 @@ function BuildFileList() {
     FILE_ARRAY_EDITORCONFIG+=("${FILE}")
     # jscpd also runs an all files
     FILE_ARRAY_JSCPD+=("${FILE}")
+    # Need to make sure we dont check the secrets paterns
+    # for secrets, as it will pop!
+    if [ "${BASE_FILE}" != ".gitleaks.toml" ]; then
       # GitLeaks also runs an all files
       FILE_ARRAY_GITLEAKS+=("${FILE}")
+    fi
 
     #######################
     # Get the shell files #

lib/linter.sh

@@ -869,7 +869,7 @@ LINTER_COMMANDS_ARRAY['DOCKERFILE_HADOLINT']="hadolint -c ${DOCKERFILE_HADOLINT_
 LINTER_COMMANDS_ARRAY['EDITORCONFIG']="editorconfig-checker -config ${EDITORCONFIG_LINTER_RULES}"
 LINTER_COMMANDS_ARRAY['ENV']="dotenv-linter"
 LINTER_COMMANDS_ARRAY['GITHUB_ACTIONS']="actionlint -config-file ${GITHUB_ACTIONS_LINTER_RULES}"
-LINTER_COMMANDS_ARRAY['GITLEAKS']="gitleaks -q -c ${GITLEAKS_LINTER_RULES} --no-git -p"
+LINTER_COMMANDS_ARRAY['GITLEAKS']="gitleaks detect --no-git -c ${GITLEAKS_LINTER_RULES} -v -s"
 LINTER_COMMANDS_ARRAY['GHERKIN']="gherkin-lint -c ${GHERKIN_LINTER_RULES}"
 LINTER_COMMANDS_ARRAY['GO']="golangci-lint run -c ${GO_LINTER_RULES}"
 LINTER_COMMANDS_ARRAY['GOOGLE_JAVA_FORMAT']="java -jar /usr/bin/google-java-format"