Merge pull request #134 from aws/add_hooks_to_detect_secrets

saikiranakula-amzn · web-flow · commit b140f8470609 · 2022-01-31T09:49:27.000-08:00
fix: add hooks to detect secrets
diff --git a/.github/workflows/dotnet-core.yml b/.github/workflows/dotnet-core.yml
@@ -13,6 +13,16 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+    - name: Check for secrets leak on the repo
+      run: |
+          git clone https://github.com/awslabs/git-secrets.git target
+          cd target
+          sudo make install
+          echo "Git-secrets installation completed"
+          git secrets --register-aws --global
+          echo "Added aws secret templates"
+          git secrets --scan -r ../
+          echo "Repository scan completed"
     - name: Setup .NET Core
       uses: actions/setup-dotnet@v1
       with:
diff --git a/hooks/commit-msg b/hooks/commit-msg
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+git secrets --commit_msg_hook -- "$@"
diff --git a/hooks/pre-commit b/hooks/pre-commit
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+git secrets --pre_commit_hook -- "$@"
diff --git a/hooks/prepare-commit-msg b/hooks/prepare-commit-msg
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+git secrets --prepare_commit_msg_hook -- "$@"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+#!/usr/bin/env bash`
	`2`	`+git secrets --prepare_commit_msg_hook -- "$@"`