From 74b9f4388b0716063360eec7e91bb43084461a28 Mon Sep 17 00:00:00 2001 From: Guilhem Martin <guilhem.martin@orange.fr> Date: Fri, 3 Sep 2021 10:14:53 +0000 Subject: [PATCH] doc: add GITLEAKS_RULES explainations --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b081971..98836ef 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,15 @@ They use the following configuration. | Name | description | default value | | --------------------- | -------------------------------------- | ----------------- | | `GITLEAKS_IMAGE` | The Docker image used to run Gitleaks | `zricethezav/gitleaks:latest` | -| `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks/wiki/Configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project) | _none_ (uses default rules) | +| `GITLEAKS_RULES` | Gitleaks [configuration rules](https://github.com/zricethezav/gitleaks#configuration) to use (you may also provide your own `.gitleaks.toml` configuration file in your project). | _none_ (uses default rules) | | `GITLEAKS_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a full Gitleaks analysis (on master or develop branches) | `--verbose` | | `GITLEAKS_QUICK_ARGS` | [Options](https://github.com/zricethezav/gitleaks/wiki/Options) for a quick Gitleaks analysis (on feature branches) | `--verbose` _(audit on the current branch)_ | | `GITLEAKS_QUICK_DEPTH` | Number of commits to scan (on feature branches) | `10` | + +### Configuring Gitleaks rules + +Here is how this GitLab CI template chooses the Gitleaks rules to use: + +1. It first looks for a `.gitleaks.toml` file at the root of your project repository. +2. If not found, it uses the `.toml` file specified with the `$GITLEAKS_RULES` variable. +3. If not specified, [default Gitleaks rules] (https://github.com/zricethezav/gitleaks/blob/master/config/default.go) are used. -- GitLab