Snippets Groups Projects

doc: update contribute with template link [skip-ci]

Cédric OLIVIER authored 1 year ago

0b81318f

0b81318f 1 year ago

Name	Last commit	Last update
.gitlab
templates
.gitignore
.gitlab-ci.yml
.releaserc.yml
CHANGELOG.md
CONTRIBUTING.md
DCO.txt
LICENSE.txt
README.md
SECURITY.md
bumpversion.sh
gitleaks.r2.yml
kicker.json
logo.png
post-release.sh
renovate.json

GitLab CI template for Gitleaks

This project implements a GitLab CI/CD template to detect and prevent hardcoded secrets in your Git repository with Gitleaks.

When run on the master branch, Gitleaks will audit all commits from all branches.

When run on other branches, Gitleaks will run a quick analysis on the current branch.

Usage

In order to include this template in your project, add the following to your gitlab-ci.yml:

include:
  - project: 'to-be-continuous/gitleaks'
    ref: '2.1.1'
    file: '/templates/gitlab-ci-gitleaks.yml'

`gitleaks` jobs configuration

Those jobs trigger a Gitleaks analysis (either on the complete repository, either on the current branch). They use the following configuration.

Name	description	default value
`GITLEAKS_IMAGE`	The Docker image used to run Gitleaks	`registry.hub.docker.com/zricethezav/gitleaks:latest`
`GITLEAKS_RULES`	Gitleaks configuration rules to use (you may also provide your own `.gitleaks.toml` configuration file in your project).	none (uses default rules)
`GITLEAKS_ARGS`	Options for a full Gitleaks analysis (on master or develop branches)	`--verbose`

Configuring Gitleaks rules

Here is how this GitLab CI template chooses the Gitleaks rules to use:

It first looks for a .gitleaks.toml file at the root of your project repository.
If not found, it uses the .toml file specified with the $GITLEAKS_RULES variable.
If not specified, [default Gitleaks rules] (https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml) are used.