ci: use extended regex for docs secret scan

2026-05-13 14:00:52 +10:00
parent 6aa78525c2
commit 313f7f1c21
1 changed files with 2 additions and 1 deletions
@@ -32,7 +32,8 @@ jobs:
          ! grep -R "Generate terraform inventory" docs/public docs/diagrams

          # Ensure no obvious secrets leaked
-          ! grep -R -i "password\|token\|api[_-]?key\|secret" docs/public || (echo "Secret-like string detected"; exit 1)
+          ! grep -R -E -i "password|token|api[_-]?key|secret" docs/public \
+            || (echo "Secret-like string detected"; exit 1)

      - name: Commit changes
        run: |