Skip to content

JamesDLD/azure-devops-secret-scanning

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
image
image
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
azure-pipelines.yml
azure-pipelines.yml
 
 
scan_azure_devops_secret.sh
scan_azure_devops_secret.sh
 
 
send_az_appinsights_event_telemetry.sh
send_az_appinsights_event_telemetry.sh
 
 
workbook.json
workbook.json
 
 

Repository files navigation

Introduction

In this article we will see how to scan all repos of an Azure DevOps project.

The secret scanning solution will respect the following guidelines:

  • 1 single DevOps pipeline per DevOps project that launches Gitleaks and sends its scan results to an Azure Application Insights.
  • This pipeline can be triggered manually for a spot check or through any supported scheduled triggers provided by Microsoft.
  • Developers are able to declare a secret as a false positive following Gitleaks procedure.
  • 1 Azure monitoring Workbook where you can find:
  1. An overview tab that displays the total number of secrets found
  2. A "Secrets" tab which gives more metrics such as
  • The secret trends -> number of secrets observed during each audit
  • Count of secrets per repository
  • A complete inventory of results exportable to Excel

alt text

About

Secret scanning for all repos of an Azure DevOps project

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages