ci: improve secret scanning and test coverage

[KaramelBytes]

Description

This PR enhances our CI pipeline with improved secret scanning and test coverage:

• Added a custom .gitleaks.toml configuration to reduce false positives
• Updated GitHub Actions workflow with proper token permissions
• Improved test coverage reporting with Codecov integration
• Fixed TOML syntax issues in the Gitleaks configuration

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

Testing

• Unit tests pass (go test ./...)
• Race detector clean (go test -race ./...)
• Linter passes (golangci-lint run)
• Manual testing completed
  • Verified Gitleaks runs locally without false positives
  • Confirmed workflow passes in the PR checks

Checklist

• Code follows project style guidelines
• Self-review completed
• Documentation updated
• CHANGELOG.md updated

Additional Notes

• This PR addresses the failing secret scanning in our CI pipeline
• The new Gitleaks configuration properly ignores common false positives like "token" in documentation
• Test coverage reporting is now more comprehensive