Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: reenable gitleaks #81

Merged
merged 1 commit into from
Jul 14, 2023
Merged

build: reenable gitleaks #81

merged 1 commit into from
Jul 14, 2023

Conversation

goncalo-frade-iohk
Copy link
Contributor

It seems .gitleaksignore is experimental and doesn't work so well, so we are going to use the common way that is comment //gitleaks:allow. We could also try to use .gitconfig.toml file to apply rules for test but this comment seems more appropriate.

@atala-dev
Copy link
Contributor

atala-dev commented Jul 14, 2023

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 1 0 0.08s
✅ EDITORCONFIG editorconfig-checker 2 0 0.04s
⚠️ REPOSITORY devskim yes 6 1.01s
✅ REPOSITORY dustilock yes no 0.05s
✅ REPOSITORY gitleaks yes no 1.48s
✅ REPOSITORY git_diff yes no 0.02s
✅ REPOSITORY secretlint yes no 4.17s
✅ REPOSITORY syft yes no 0.46s
✅ REPOSITORY trivy yes no 6.05s
✅ YAML prettier 1 0 0.49s
✅ YAML v8r 1 0 2.82s
✅ YAML yamllint 1 0 0.27s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@hamada147
Copy link
Contributor

Unfortunately you will have to add the comment on every line that has the gitleaks

@goncalo-frade-iohk goncalo-frade-iohk force-pushed the feature/fix-gitleaks branch 2 times, most recently from 058e9ef to f28679e Compare July 14, 2023 11:07
It seems .gitleaksignore is experimental and doesn't work so well, so we are going to use .gitleaks.toml file to configure our allow list
Copy link
Contributor

@hamada147 hamada147 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@goncalo-frade-iohk goncalo-frade-iohk merged commit dab7960 into main Jul 14, 2023
@goncalo-frade-iohk goncalo-frade-iohk deleted the feature/fix-gitleaks branch July 14, 2023 16:07
hamada147 added a commit that referenced this pull request May 20, 2024
Co-authored-by: Ahmed Moussa <[email protected]>
Signed-off-by: Goncalo Frade <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants