Skip to content
Snippets Groups Projects
Commit 14d4381e authored by Pierre SMEYERS's avatar Pierre SMEYERS
Browse files

Merge branch '1-gitleaks-fails-with-message-object-not-found' into 'master'

Resolve "gitleaks fails with message "object not found""

Closes #1

See merge request Orange-OpenSource/tbc/gitleaks!1
parents 913eb40c 0b2c51ef
No related branches found
No related tags found
No related merge requests found
...@@ -27,4 +27,5 @@ They use the following configuration. ...@@ -27,4 +27,5 @@ They use the following configuration.
| `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks | `zricethezav/gitleaks:latest` | | `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks | `zricethezav/gitleaks:latest` |
| `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks/wiki/Configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project) | _none_ (uses default rules) | | `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks/wiki/Configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project) | _none_ (uses default rules) |
| `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose` | | `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose` |
| `GITLEAKS_QUICK_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches) | `--verbose --depth=10` _(audit on the current branch with a depth of 10)_ | | `GITLEAKS_QUICK_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches) | `--verbose` _(audit on the current branch)_ |
| `GITLEAKS_QUICK_DEPTH` | Number of commits to scan (on feature branches) | `10` |
...@@ -23,7 +23,14 @@ ...@@ -23,7 +23,14 @@
{ {
"name": "GITLEAKS_QUICK_ARGS", "name": "GITLEAKS_QUICK_ARGS",
"description": "[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches)", "description": "[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches)",
"default": "--verbose --depth=10", "default": "--verbose",
"advanced": true
},
{
"name": "GITLEAKS_QUICK_DEPTH",
"description": "Number of commits to scan (on feature branches)",
"type": "number",
"default": "10",
"advanced": true "advanced": true
} }
] ]
......
...@@ -17,7 +17,8 @@ variables: ...@@ -17,7 +17,8 @@ variables:
# Default Docker image (can be overriden) # Default Docker image (can be overriden)
GITLEAKS_IMAGE: "zricethezav/gitleaks:latest" GITLEAKS_IMAGE: "zricethezav/gitleaks:latest"
GITLEAKS_ARGS: "--verbose" GITLEAKS_ARGS: "--verbose"
GITLEAKS_QUICK_ARGS: "--verbose --depth=10" GITLEAKS_QUICK_DEPTH: "10"
GITLEAKS_QUICK_ARGS: "--verbose"
# default production ref name (pattern) # default production ref name (pattern)
PROD_REF: '/^master$/' PROD_REF: '/^master$/'
# default integration ref name (pattern) # default integration ref name (pattern)
...@@ -200,6 +201,8 @@ gitleaks: ...@@ -200,6 +201,8 @@ gitleaks:
- name: "$CI_REGISTRY/orange-opensource/tbc/tools/tracking:master" - name: "$CI_REGISTRY/orange-opensource/tbc/tools/tracking:master"
command: ["--service", "gitleaks", "1.1.0"] command: ["--service", "gitleaks", "1.1.0"]
stage: test stage: test
variables:
GIT_DEPTH: 0
before_script: before_script:
- *gitleaks-scripts - *gitleaks-scripts
- install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
...@@ -222,8 +225,10 @@ gitleaks: ...@@ -222,8 +225,10 @@ gitleaks:
# quick analysis on dev branches # quick analysis on dev branches
gitleaks-quick: gitleaks-quick:
extends: gitleaks extends: gitleaks
variables:
GIT_DEPTH: "${GITLEAKS_QUICK_DEPTH}"
script: script:
- gitleaks ${TRACE+--debug} --path=. $gitleaks_rule_opts --report=./gitleaks/gitleaks-report.json $GITLEAKS_QUICK_ARGS - gitleaks ${TRACE+--debug} --path=. $gitleaks_rule_opts --report=./gitleaks/gitleaks-report.json --depth=${GITLEAKS_QUICK_DEPTH} $GITLEAKS_QUICK_ARGS
rules: rules:
# exclude merge requests # exclude merge requests
- if: $CI_MERGE_REQUEST_ID - if: $CI_MERGE_REQUEST_ID
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment