From a41f3a461fd60eb7fa4871fcaa380ea2b4131384 Mon Sep 17 00:00:00 2001 From: Wayne Grant Date: Fri, 16 Jun 2023 10:14:34 +0100 Subject: [PATCH] feat: add secrets scanning --- .circleci/config.yml | 6 ++++++ .pre-commit-config.yaml | 5 +++++ 2 files changed, 11 insertions(+) create mode 100644 .pre-commit-config.yaml diff --git a/.circleci/config.yml b/.circleci/config.yml index dfe81a6..753fe1a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,6 +2,7 @@ version: 2.1 orbs: win: circleci/windows@2.4.0 + prodsec: snyk/prodsec-orb@1.0 defaults: &defaults parameters: @@ -182,6 +183,11 @@ workflows: version: 2 test_and_release: jobs: + - prodsec/secrets-scan: + name: Scan repository for secrets + context: + - snyk-bot-slack + channel: os-team-managed-alerts - lint: name: Lint context: nodejs-install diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..c9528f4 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.16.1 + hooks: + - id: gitleaks