在 .gitlab-ci.yml 中配置 Secret 检测，如果该文件不存在则创建此文件

.gitlab-ci.yml

@@ -5,17 +5,11 @@
 # Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
 # Note that environment variables can be set in several places
 # See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
-
-# container_scanning:
-#   variables:
-#     DOCKER_IMAGE: ...
-#     DOCKER_USER: ...
-#     DOCKER_PASSWORD: ...
 stages:
 - release
 - test
 variables:
-  CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE
+  CI_APPLICATION_REPOSITORY: "$CI_REGISTRY_IMAGE"
   CI_APPLICATION_TAG: ai-beta
 release-image:
   image: docker:24.0.6
@@ -31,10 +25,9 @@ release-image:
     sed "s/latest/$CI_APPLICATION_TAG/g" Dockerfile > Dockerfile.tmp
     docker build . --pull -f Dockerfile.tmp -t $IMAGE_TAG
     docker push $IMAGE_TAG
-
 container_scanning:
   needs:
   - release-image
-
 include:
 - template: Jobs/Container-Scanning.gitlab-ci.yml
+- template: Security/Secret-Detection.gitlab-ci.yml