Snippets Groups Projects

2 years ago
02233358

doc(links): repair broken links · 02233358
Pierre Smeyers authored 2 years ago

02233358

History

doc(links): repair broken links
Pierre Smeyers authored 2 years ago

README.md 1.78 KiB

GitLab CI template for Gitleaks

This project implements a generic GitLab CI template for Gitleaks.

When run on the master branch, Gitleaks will audit all commits from all branches.

When run on other branches, Gitleaks will run a quick analysis on the current branch.

Usage

In order to include this template in your project, add the following to your gitlab-ci.yml:

include:
  - project: 'to-be-continuous/gitleaks'
    ref: '2.1.0'
    file: '/templates/gitlab-ci-gitleaks.yml'

`gitleaks` jobs configuration

Those jobs trigger a Gitleaks analysis (either on the complete repository, either on the current branch). They use the following configuration.

Name	description	default value
`GITLEAKS_IMAGE`	The Docker image used to run Gitleaks	`zricethezav/gitleaks:latest`
`GITLEAKS_RULES`	Gitleaks configuration rules to use (you may also provide your own `.gitleaks.toml` configuration file in your project).	none (uses default rules)
`GITLEAKS_ARGS`	Options for a full Gitleaks analysis (on master or develop branches)	`--verbose`

Configuring Gitleaks rules

Here is how this GitLab CI template chooses the Gitleaks rules to use:

It first looks for a .gitleaks.toml file at the root of your project repository.
If not found, it uses the .toml file specified with the $GITLEAKS_RULES variable.
If not specified, [default Gitleaks rules] (https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml) are used.