mirror of
https://gitlab.com/components/secret-detection.git
synced 2025-06-30 15:38:30 +02:00
Compare commits
18 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
ad30546fc4 | ||
|
|
e1192e05d1 | ||
|
|
54aa5f1aa9 | ||
|
|
d5021f7972 | ||
|
|
94147813a3 | ||
|
|
f945a715cd | ||
|
|
6f289fc315 | ||
|
|
5e5d5be4d6 | ||
|
646d0fcbbf | ||
|
|
d9f655a96a | ||
|
ef4d34b9d0 | ||
|
8f99a30c8d | ||
|
7c550c8951 | ||
|
836ee40654 | ||
|
ba13d696d1 | ||
|
c542bedf60 | ||
|
|
daa8e58fc6 | ||
|
72880a4924 |
6 changed files with 34 additions and 8 deletions
|
|
@ -1,5 +1,5 @@
|
||||||
include:
|
include:
|
||||||
component: gitlab.com/$CI_PROJECT_PATH/secret-detection@$CI_COMMIT_SHA
|
component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/secret-detection@$CI_COMMIT_SHA
|
||||||
|
|
||||||
stages: [test, release]
|
stages: [test, release]
|
||||||
|
|
||||||
|
|
@ -14,11 +14,13 @@ ensure-job-added:
|
||||||
script:
|
script:
|
||||||
- echo "Expect that a job named 'secret_detection' is added to the pipeline"
|
- echo "Expect that a job named 'secret_detection' is added to the pipeline"
|
||||||
- |
|
- |
|
||||||
route="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/jobs"
|
route="$CI_API_V4_URL/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/jobs"
|
||||||
count=`curl --silent $route | jq 'map(select(.name | contains("secret_detection"))) | length'`
|
count=`curl --silent $route | jq 'map(select(.name | contains("secret_detection"))) | length'`
|
||||||
if [ "$count" != "1" ]; then
|
if [ "$count" != "1" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
rules:
|
||||||
|
- if: ($CI_COMMIT_BRANCH || $CI_COMMIT_TAG) && $CI_SERVER_HOST =~ /gitlab.com/
|
||||||
|
|
||||||
# Ensure that a project description exists, because it will be important to display
|
# Ensure that a project description exists, because it will be important to display
|
||||||
# the resource in the catalog.
|
# the resource in the catalog.
|
||||||
|
|
@ -26,7 +28,7 @@ check-description:
|
||||||
image: badouralix/curl-jq
|
image: badouralix/curl-jq
|
||||||
script:
|
script:
|
||||||
- |
|
- |
|
||||||
route="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID"
|
route="$CI_API_V4_URL/projects/$CI_PROJECT_ID"
|
||||||
desc=`curl --silent $route | jq '.description'`
|
desc=`curl --silent $route | jq '.description'`
|
||||||
if [ "$desc" = "null" ]; then
|
if [ "$desc" = "null" ]; then
|
||||||
echo "Description not set. Please set a projet description"
|
echo "Description not set. Please set a projet description"
|
||||||
|
|
@ -34,6 +36,8 @@ check-description:
|
||||||
else
|
else
|
||||||
echo "Description set"
|
echo "Description set"
|
||||||
fi
|
fi
|
||||||
|
rules:
|
||||||
|
- if: $CI_SERVER_HOST =~ /gitlab.com/
|
||||||
|
|
||||||
# Ensure that a `README.md` exists in the root directory as it represents the
|
# Ensure that a `README.md` exists in the root directory as it represents the
|
||||||
# documentation for the whole components repository.
|
# documentation for the whole components repository.
|
||||||
|
|
|
||||||
1
CODEOWNERS
Normal file
1
CODEOWNERS
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
* @gitlab-org/secure/secret-detection
|
||||||
21
LICENSE
Normal file
21
LICENSE
Normal file
|
|
@ -0,0 +1,21 @@
|
||||||
|
MIT License
|
||||||
|
|
||||||
|
Copyright (c) 2023 GitLab Inc.
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is
|
||||||
|
furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all
|
||||||
|
copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
SOFTWARE.
|
||||||
|
|
@ -13,7 +13,7 @@ keyword.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
include:
|
include:
|
||||||
- component: gitlab.com/gitlab-components/secret-detection/secret-detection@<VERSION>
|
- component: gitlab.com/components/secret-detection/secret-detection@<VERSION>
|
||||||
```
|
```
|
||||||
|
|
||||||
where `<VERSION>` is the latest released tag or `main`.
|
where `<VERSION>` is the latest released tag or `main`.
|
||||||
|
|
@ -24,7 +24,7 @@ If you are converting the configuration to use components and want to leverage t
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
include:
|
include:
|
||||||
- component: gitlab.com/gitlab-components/secret-detection/secret-detection@main
|
- component: gitlab.com/components/secret-detection/secret-detection@main
|
||||||
rules:
|
rules:
|
||||||
- if: $SECRET_DETECTION_DISABLED == "true" || $SECRET_DETECTION_DISABLED == "1"
|
- if: $SECRET_DETECTION_DISABLED == "true" || $SECRET_DETECTION_DISABLED == "1"
|
||||||
when: never
|
when: never
|
||||||
|
|
@ -40,7 +40,7 @@ This assumes `SECRET_DETECTION_DISABLED` variable is already defined in `.gitlab
|
||||||
| ----- | ------------- | ----------- |
|
| ----- | ------------- | ----------- |
|
||||||
| `stage` | `test` | The stage where you want the job to be added. |
|
| `stage` | `test` | The stage where you want the job to be added. |
|
||||||
| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Override the name of the Docker registry providing the default images (proxy). |
|
| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Override the name of the Docker registry providing the default images (proxy). |
|
||||||
| `image_tag` | `5` | Override the default version of the `secrets` analyzer image. |
|
| `image_tag` | `7` | Override the default version of the `secrets` analyzer image. |
|
||||||
| `image_suffix` | `""` | Suffix added to the image name. If set to -fips, [FIPS-enabled images](https://docs.gitlab.com/ee/user/application_security/secret_detection/#use-fips-enabled-images) are used for scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
|
| `image_suffix` | `""` | Suffix added to the image name. If set to -fips, [FIPS-enabled images](https://docs.gitlab.com/ee/user/application_security/secret_detection/#use-fips-enabled-images) are used for scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
|
||||||
|
|
||||||
### Variables
|
### Variables
|
||||||
|
|
|
||||||
BIN
logo.png
Normal file
BIN
logo.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 2.5 KiB |
|
|
@ -5,7 +5,7 @@ spec:
|
||||||
image_prefix:
|
image_prefix:
|
||||||
default: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
|
default: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
|
||||||
image_tag:
|
image_tag:
|
||||||
default: '5'
|
default: '7'
|
||||||
image_suffix:
|
image_suffix:
|
||||||
default: ""
|
default: ""
|
||||||
---
|
---
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue