fix bug, remove temp data and improve scan secret for git repo function

.gitallowed

@@ -0,0 +1,5 @@
+# Gitleaks allowed patterns - false positives
+# These are secret detection patterns used in git-secrets configuration, not actual secrets
+
+BEGIN.*PRIVATE.*KEY
+git secrets --add --global

.github/workflows/security.yml

@@ -0,0 +1,130 @@
+name: 🔒 Security & Quality Checks
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+
+jobs:
+  secret-scan:
+    name: 🔐 Secret Detection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run gitleaks scan
+        uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  shellcheck:
+    name: 🐚 Shell Script Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run shellcheck
+        uses: ludeeus/action-shellcheck@master
+        with:
+          scandir: '.'
+          severity: warning
+          format: gcc
+
+  shfmt:
+    name: 🎨 Shell Code Formatting
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install shfmt
+        run: |
+          curl -sS https://webi.sh/shfmt | sh
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Check shell formatting
+        run: shfmt -i 4 -bn -ci -sr -d .
+
+  lint:
+    name: 📋 Linting & Validation
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Validate shell scripts
+        run: |
+          set +e
+          errors=0
+
+          for script in $(find . -name '*.sh' -type f ! -path './.git/*' ! -path './.github/*'); do
+            if ! bash -n "$script" 2>&1; then
+              echo "❌ Syntax error in $script"
+              errors=$((errors + 1))
+            fi
+          done
+
+          if [ $errors -gt 0 ]; then
+            echo "🚨 Found $errors shell scripts with syntax errors"
+            exit 1
+          fi
+          echo "✅ All shell scripts have valid syntax"
+
+  readme-check:
+    name: 📖 README Validation
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Verify README content
+        run: |
+          # Check if README mentions security or has a link to SECURITY.md
+          if grep -q "security\|SECURITY" README.md; then
+            echo "✅ README references security documentation"
+          else
+            echo "⚠️  README should reference SECURITY.md"
+          fi
+
+          # Check for hardcoded credentials (basic check)
+          if grep -rE "password\s*=|token\s*=|secret\s*=|key\s*=" README.md | grep -v "^[[:space:]]*#" | grep -v "xxxx" | grep -v "example"; then
+            echo "🚨 README may contain hardcoded credentials"
+            exit 1
+          fi
+          echo "✅ README validation passed"
+
+  security-summary:
+    name: 📊 Security Summary
+    runs-on: ubuntu-latest
+    needs: [secret-scan, shellcheck, shfmt, lint, readme-check]
+    if: always()
+    steps:
+      - name: Generate security report
+        run: |
+          echo "## 🔒 Security Check Summary" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Check | Status |" >> $GITHUB_STEP_SUMMARY
+          echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY
+          echo "| Secret Detection | ${{ needs.secret-scan.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Shell Analysis | ${{ needs.shellcheck.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Code Formatting | ${{ needs.shfmt.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Linting | ${{ needs.lint.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| README Check | ${{ needs.readme-check.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "See [Security Policy](SECURITY.md) for details." >> $GITHUB_STEP_SUMMARY
+
+      - name: Fail if security checks failed
+        if: |
+          needs.secret-scan.result == 'failure' ||
+          needs.shellcheck.result == 'failure' ||
+          needs.shfmt.result == 'failure' ||
+          needs.lint.result == 'failure' ||
+          needs.readme-check.result == 'failure'
+        run: |
+          echo "🚨 Security checks failed"
+          exit 1

.gitignore

@@ -1,2 +1,4 @@
 services/tmp.sh
-service/temp.sh
+service/temp.sh
+# Testing scan secret files
+test-private-key-demo.txt

.gitleaksignore

@@ -0,0 +1,9 @@
+# Gitleaks ignore file for false positives
+# These are secret detection patterns, not actual secrets
+
+# Allow secret detection patterns in docker.sh
+services/docker.sh:98:BEGIN.*PRIVATE.*KEY
+services/docker.sh:*:RUN git secrets --add --global
+
+# Allow patterns used for git-secrets configuration
+**/*.sh:*:git secrets --add

.pre-commit-config.yaml

@@ -0,0 +1,55 @@
+# Pre-commit configuration
+# Install: brew install pre-commit && pre-commit install
+
+repos:
+  # Shell script linting
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.9.0.5
+    hooks:
+      - id: shellcheck
+        name: 🐚 Lint shell scripts
+        args: ['--severity=warning']
+        stages: [commit]
+
+  # Shell script formatting
+  - repo: https://github.com/scop/pre-commit-shfmt
+    rev: v3.7.0-1
+    hooks:
+      - id: shfmt
+        name: 🎨 Format shell scripts
+        args: ['-i', '2', '-bn', '-ci', '-sr']
+        stages: [commit]
+
+  # Trailing whitespace and file fixes
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: trailing-whitespace
+        name: 📝 Trim trailing whitespace
+        stages: [commit]
+      - id: end-of-file-fixer
+        name: 📝 Fix end of file
+        stages: [commit]
+      - id: check-yaml
+        name: ✅ Validate YAML
+        stages: [commit]
+      - id: check-added-large-files
+        name: 📦 Check for large files
+        args: ['--maxkb=1000']
+        stages: [commit]
+      - id: detect-private-key
+        name: 🔑 Detect private keys
+        stages: [commit]
+
+  # Secret detection using gitleaks
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.18.2
+    hooks:
+      - id: gitleaks
+        name: 🔐 Detect secrets with gitleaks
+        entry: gitleaks detect --source . --verbose
+        language: golang
+        stages: [commit]
+
+default_language_version:
+  python: python3

.vscode/settings.json

@@ -0,0 +1,22 @@
+{
+  "shellformat.effectiveLanguages": [
+    "shellscript",
+    "dockerfile",
+    "dotenv",
+    "hosts",
+    "jvmoptions",
+    "ignore",
+    "gitignore",
+    "properties",
+    "spring-boot-properties",
+    "azcli",
+    "bats"
+  ],
+  "shellformat.flag": "-i 4 -bn -ci -sr",
+  "[shellscript]": {
+    "editor.defaultFormatter": "foxundermoon.shell-format",
+    "editor.formatOnSave": true,
+    "editor.tabSize": 4,
+    "editor.insertSpaces": true
+  }
+}

CHANGELOG.md

@@ -0,0 +1,65 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0] - 2025-12-15
+
+### Added
+- 🎯 Initial release with core functionality
+- 🔐 Security scanning capabilities with git-secrets Docker integration
+- 📦 Docker utilities (MongoDB, MySQL clients, git-secrets image builder)
+- 🔧 Git utilities (peco-based tools for interactive selection)
+- 🗄️ Terraform utilities
+- ☸️ Kubernetes utilities
+- 🎪 Service utilities (CI/CD, console editors, cURL, Git, Jenkins)
+- 🔒 Security policy and documentation (SECURITY.md)
+- ✅ Automated CI/CD pipeline with secret detection, shellcheck, and formatting checks
+- 📋 Pre-commit hooks for local development security
+
+### Security
+- 🔐 Gitleaks integration for secret detection
+- 🐚 Shellcheck validation for all shell scripts
+- 🎨 Code formatting standardization with shfmt
+- 📝 Pre-commit hooks for preventing credential leaks
+- 📖 Comprehensive security policy in SECURITY.md
+
+### Documentation
+- 📚 Complete README with setup instructions
+- 🔒 SECURITY.md with vulnerability reporting guidelines
+- 📖 Inline documentation in functions
+- 💡 Usage examples for all major functions
+
+### Quality
+- ✅ Shell script linting and validation
+- 🎨 Consistent code formatting
+- 📋 Pre-commit configuration for development
+- 🔄 GitHub Actions CI/CD pipeline
+
+---
+
+## Versioning Policy
+
+- **v0.x.y**: Pre-release versions with potential breaking changes
+- **v1.0.0+**: Stable versions following semantic versioning
+- All releases are tagged with Git tags and available via Homebrew
+
+## Security Updates
+
+For security-related changes and updates, please see [SECURITY.md](SECURITY.md).
+
+## Contributing
+
+Before contributing, please review:
+1. [SECURITY.md](SECURITY.md) - Security policies
+2. [README.md](README.md) - Project overview
+3. Our CI/CD checks run automatically on pull requests
+
+## Support
+
+For issues or questions:
+1. Check existing issues and discussions
+2. Review [SECURITY.md](SECURITY.md) for security concerns
+3. See GitHub Actions logs for CI/CD failures

LICENSE

@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.