Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gitguardian action #475

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

gitguardian action #475

wants to merge 2 commits into from

Conversation

sergiobeltranguerrero
Copy link
Member

No description provided.

@sergiobeltranguerrero sergiobeltranguerrero linked an issue May 19, 2024 that may be closed by this pull request
Include GitGuardian in the project #473
Open
@sergiobeltranguerrero
Copy link
Member Author

Implementing GitGuardian for Code Secret Protection

Benefits of Using GitGuardian

Implementing GitGuardian in our repository offers the following key benefits:

  1. Real-Time Secret Detection:
    • GitGuardian automatically scans our code for secrets such as API keys, credentials, and tokens that may have been inadvertently exposed.

image

  1. Prevention of Data Leaks:

    • By identifying and alerting on potential exposed secrets, we can prevent data leaks that could lead to unauthorized access and security breaches.

  2. Compliance and Security:

    • Keeping our repository free of secrets helps comply with security best practices and regulatory compliance policies, ensuring our organization follows appropriate standards for managing sensitive information.

  3. Centralized Incident Dashboard:

    • GitGuardian provides an intuitive dashboard where we can view and manage all security incidents detected in our repository. This enables us to monitor, investigate, and quickly resolve any issues related to secret exposure.

image

Instructions for Generating and Adding the GitGuardian API Key

To configure GitGuardian in this repository, we need an API key. Follow these steps to generate and add it to GitHub secrets:

  1. Create a GitGuardian Account:

    • If you don't already have one, sign up for a GitGuardian account and follow the instructions to create your account.

  2. Generate an API Key:

    • Once logged in to GitGuardian, go to the account settings section and look for the option to generate a new API key.
    • Give your API key a name for easy identification (e.g., "GitHub Actions API Key") and create the key.

  3. Add the API Key to GitHub Secrets:

    • Go to your repository on GitHub.
    • Navigate to the "Settings" tab of the repository.
    • In the left-hand menu, select "Secrets and variables" and then "Actions".
    • Click "New repository secret" to create a new secret.
    • Enter GITGUARDIAN_API_KEY as the name of the secret.
    • Paste the API key generated in GitGuardian into the value field and save the secret.

Once you've added the API key as a secret, it will be available for GitHub Actions workflows and allow GitGuardian to scan our code securely.

@sergiobeltranguerrero sergiobeltranguerrero self-assigned this May 19, 2024
@sergiobeltranguerrero sergiobeltranguerrero added Review Check or stud something Test labels May 19, 2024
@jvJUCA jvJUCA closed this Jun 3, 2024
@jvJUCA jvJUCA reopened this Jun 3, 2024
@jvJUCA jvJUCA closed this Jun 3, 2024
@jvJUCA jvJUCA reopened this Jun 3, 2024
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jun 3, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 3, 2024

⚠️ The tests have failed, @jvJUCA Please review the proposed changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sergiobeltranguerrero sergiobeltranguerrero

Labels
Review Check or stud something Test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Include GitGuardian in the project
2 participants
@sergiobeltranguerrero @jvJUCA