We've used a handful of secret-scanning tools during our manual reviews: whispers, gitleaks, git secrets. Let's create a CI include template that leverages one or more of these tools.
Description
Description
Details
Details
- Other Assignee
- sbassett
Title | Reference | Author | Source Branch | Dest Branch | |
---|---|---|---|---|---|
Add security template that scans secrets | repos/security/gitlab-ci-security-templates!15 | mstyles | secret-seeker | main |
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | sbassett | T342177 [EPIC] Application Security Pipeline Components for Gitlab - Phase 2 Work | |||
Resolved | Mstyles | T343255 Add secret-scanning options to Gitlab CI includes |
Event Timeline
Comment Actions
mstyles opened https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/merge_requests/15
Draft: Add security template that scans secrets
Comment Actions
sbassett merged https://gitlab.wikimedia.org/repos/security/gitlab-ci-security-templates/-/merge_requests/15
Add security template that scans secrets