Merge branch 'fix/cleanup-job-git-strategy' into 'main'

Add GIT_STRATEGY: none to cleanup_feature job

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!28

.gitlab-ci.yml

@@ -33,10 +33,6 @@ kics:
 hadolint:
   allow_failure: true
 
-# secrets job - allow failure due to gitleaks false positive on s3_key attribute
-secrets:
-  allow_failure: true
-
 # Post-deployment integration tests template
 .integration_test_template: &integration_test_template
   stage: deploy  # Runs in deploy stage, but after deployment due to 'needs'
@@ -309,6 +305,7 @@ cleanup_feature:
   needs: []
   variables:
     NAMESPACE: orch-dev-namespace
+    GIT_STRATEGY: none  # No source needed, branch may be deleted
   before_script:
     - kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
   script:

.gitleaksignore

@@ -1,6 +1,7 @@
 # Gitleaks ignore file
 # https://github.com/gitleaks/gitleaks#gitleaksignore
 #
-# Note: secrets job set to allow_failure in .gitlab-ci.yml
 # False positive: s3_key is an attribute name in test assertions, not a secret
-# Protected by inline # gitleaks:allow comments in test_storage.py
+# These are historical commits - files have since been deleted or updated with inline comments
+7e68baed0886a3c928644cd01aa3b39f92d4f976:backend/tests/test_duplicate_detection.py:generic-api-key:154
+2f1891cf0126ec0e7d4c789d872a2cb2dd3a1745:backend/tests/unit/test_storage.py:generic-api-key:381