Remove "leaked" password. #10

	name: pipeline

	on:
	push:
	branches:
	- '*'

	jobs:
	security:
	name: gitleaks
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: gitleaks/gitleaks-action@v2
	env:
	GITHUB_TOKEN: ${{ github.token }}

	- name: Notify
	if: always()
	uses: ravsamhq/notify-slack-action@v1
	with:
	status: ${{ job.status }}
	notify_when: 'failure'
	notification_title: '{workflow} has {status_message}'
	message_format: ':warning: LEAKED SECRETS in {workflow} (<{repo_url}\|{repo}>)'
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

	build-check-push-image:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./application
	needs: [ security ]
	steps:
	- uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build and export to Docker
	uses: docker/build-push-action@v5
	id: build
	with:
	context: .
	load: true

	- name: Scan image
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: ${{ steps.build.outputs.imageid }}
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL'

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Push
	uses: docker/build-push-action@v5
	with:
	push: true
	tags: dvdty/branch-deploy-application:${{ github.sha }}

Provide feedback