This repository has been archived by the owner on Apr 18, 2024. It is now read-only.
Override default gitleaks configuration #2
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ivankalitaonefootball
force-pushed
the
fix-default-gitleaks-config
branch
from
65b642f
to
806477d
Compare
I override the default gitleaks configuration by a configuration provided by this repository so we can have more control over the default gitleaks rules applied to all the motain repositories. Set the valid default to config-path. Config path input of github action is actually the path to additional gitleaks configuration. I set it to .of/security/gitleaks.toml by default and changed the description.
ivankalitaonefootball
force-pushed
the
fix-default-gitleaks-config
branch
from
806477d
to
501ad46
Compare
| @@ -1,106 +0,0 @@ | |||
| title = "gitleaks config" | |||
There was a problem hiding this comment.
This file was not used at all 🤷
| required: false | ||
| default: '.github/.gitleaks.toml' |
There was a problem hiding this comment.
This path does not exist on our repositories, instead, we use .of/security/gitleaks.toml, so I changed it.
| @@ -0,0 +1,174 @@ | |||
| title = "gitleaks config" | |||
There was a problem hiding this comment.
|
Closing because there was some misinterpretation of how we wanted to use Gitleaks, |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Override default gitleaks configuration
We use default gitleaks rules. These rules sometimes have some flaws, e.g. we have a lot of false positives for the Twitter Client IDs because of the default Twitter rules (more information). To fix this problem I override the default gitleaks rules with the rules provided by this repository (
/gitleaks.toml).Also, I set a reasonable default (
.of/security/gitleaks.toml) for theconfig-pathinput argument and fix its description to reflect the fact that it's not the main configuration file but an additional config.Questions
v1.6.0-of-customor update all the repositories to use the new version of motain/gitleaks-action