Skip to content
Snippets Groups Projects
Commit 4db5301a authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat(verbose): verbose is no longer the default

fixes #17

- verbose is no longer the default
- automatically enabled when $TRACE is set
- removed unused quick parameters (no longer supported)
parent ac83e343
No related branches found
No related tags found
No related merge requests found
...@@ -50,7 +50,7 @@ They use the following configuration. ...@@ -50,7 +50,7 @@ They use the following configuration.
| --------------------- | -------------------------------------- | ----------------- | | --------------------- | -------------------------------------- | ----------------- |
| `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks | `registry.hub.docker.com/zricethezav/gitleaks:latest` | | `image` / `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks | `registry.hub.docker.com/zricethezav/gitleaks:latest` |
| `rules` / `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks#configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project). | _none_ (uses default rules) | | `rules` / `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks#configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project). | _none_ (uses default rules) |
| `args` / `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose` | | `args` / `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | _none_ |
### Configuring Gitleaks rules ### Configuring Gitleaks rules
......
...@@ -19,20 +19,6 @@ ...@@ -19,20 +19,6 @@
{ {
"name": "GITLEAKS_ARGS", "name": "GITLEAKS_ARGS",
"description": "[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)", "description": "[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)",
"default": "--verbose",
"advanced": true
},
{
"name": "GITLEAKS_QUICK_ARGS",
"description": "[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches)",
"default": "--verbose",
"advanced": true
},
{
"name": "GITLEAKS_QUICK_DEPTH",
"description": "Number of commits to scan (on feature branches)",
"type": "number",
"default": "10",
"advanced": true "advanced": true
} }
] ]
......
...@@ -24,14 +24,7 @@ spec: ...@@ -24,14 +24,7 @@ spec:
default: '' default: ''
args: args:
description: '[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)' description: '[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches)'
default: --verbose default: ''
quick-args:
description: '[Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches)'
default: --verbose
quick-depth:
description: Number of commits to scan (on feature branches)
type: number
default: 10
--- ---
workflow: workflow:
rules: rules:
...@@ -81,8 +74,6 @@ variables: ...@@ -81,8 +74,6 @@ variables:
GITLEAKS_IMAGE: $[[ inputs.image ]] GITLEAKS_IMAGE: $[[ inputs.image ]]
GITLEAKS_ARGS: $[[ inputs.args ]] GITLEAKS_ARGS: $[[ inputs.args ]]
GITLEAKS_RULES: $[[ inputs.rules ]] GITLEAKS_RULES: $[[ inputs.rules ]]
GITLEAKS_QUICK_ARGS: $[[ inputs.quick-args ]]
GITLEAKS_QUICK_DEPTH: $[[ inputs.quick-depth ]]
# default production ref name (pattern) # default production ref name (pattern)
PROD_REF: /^(master|main)$/ PROD_REF: /^(master|main)$/
...@@ -242,7 +233,7 @@ gitleaks: ...@@ -242,7 +233,7 @@ gitleaks:
- install_gitleaks_rules - install_gitleaks_rules
- git config --global --add safe.directory "${CI_PROJECT_DIR}" - git config --global --add safe.directory "${CI_PROJECT_DIR}"
script: script:
- gitleaks detect ${TRACE+--log-level debug} --source . $gitleaks_rule_opts --report-path reports/gitleaks.native.json $GITLEAKS_ARGS - gitleaks detect ${TRACE+--verbose} --source . $gitleaks_rule_opts --report-path reports/gitleaks.native.json $GITLEAKS_ARGS
artifacts: artifacts:
name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
when: always when: always
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment