feat: add betterleaks support as better/faster alternative

# GitLab CI template for Gitleaks

# GitLab CI template for Gitleaks / betterleaks

This project implements a GitLab CI/CD template to detect and prevent hardcoded secrets in your 

Git repository with [Gitleaks](https://github.com/zricethezav/gitleaks/wiki).

You could also use [betterleaks](https://github.com/betterleaks/betterleaks) *"A Better Secrets Scanner built for configurability and speed"* by Zach Rice; he's the same guy who originally wrote Gitleaks.

## Usage

This template can be used both as a [CI/CD component](https://docs.gitlab.com/ci/components/#use-a-component)

Once the secrets have been rotated or confirmed as false positives, you can mark the findings as resolved by adding a [`.gitleaksignore` file](https://github.com/gitleaks/gitleaks/blob/master/README.md#gitleaksignore) to your repository. It should contain one fingerprint per line as reported in the job log.

## Choose engine `gitleaks` or `betterleaks`

Just choose the Docker image in the config below

## `gitleaks` jobs configuration

Those jobs trigger a Gitleaks analysis (either on the complete repository, either on the current branch).

| Input / Variable | Description                            | Default value     |

| --------------------- | -------------------------------------- | ----------------- |

| `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks  | `docker.io/zricethezav/gitleaks:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-GITLEAKS_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-GITLEAKS_IMAGE) |

| `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks / betterleaks  | `docker.io/zricethezav/gitleaks:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-GITLEAKS_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-GITLEAKS_IMAGE) <br/> `ghcr.io/betterleaks/betterleaks:latest` <br/> [![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-BETTERLEAKS_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-BETTERLEAKS_IMAGE) |

| `rules` / `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks#configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project). | _none_ (uses default rules) |

| `args` / `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose --redact` |

  "variables": [

    {

      "name": "GITLEAKS_IMAGE",

      "description": "The Docker image used to run Gitleaks",

      "description": "The Docker image used to run Gitleaks / betterleaks (official image: `ghcr.io/betterleaks/betterleaks:latest`)",

      "default": "docker.io/zricethezav/gitleaks:latest"

    },

    {

        log_info "Full branch analysis (\\e[33;1m${CI_COMMIT_SHA}\\e[0m and ancestors)"

        log_opts="${CI_COMMIT_SHA}"

      fi

    - gitleaks git ${TRACE+--log-level debug} $gitleaks_rule_opts --log-opts "$log_opts" --platform gitlab --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .

    - | 

      if command -v betterleaks > /dev/null; then

        log_info "Using betterleaks" 

        GITLEAKS_CMD=betterleaks

      else

        log_info "Using gitleaks"

        GITLEAKS_CMD=gitleaks

      fi

    - $GITLEAKS_CMD git ${TRACE+--log-level debug} $gitleaks_rule_opts --log-opts "$log_opts" --platform gitlab --report-path reports/gitleaks.native.json $GITLEAKS_ARGS .

  artifacts:

    name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"

    when: always