Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DX: manage certificates with Makefile #8

Closed
wants to merge 5 commits into from
Closed

DX: manage certificates with Makefile #8

wants to merge 5 commits into from

Conversation

kaihendry
Copy link
Contributor

  • refactor: fetch token programmatically
  • refactor: generate all certificates via a makefile and remove .gitignore so we can see them

subnova
subnova requested changes Aug 1, 2023
View reviewed changes
Copy link
Collaborator

@subnova subnova left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit appears to remove all of our existing hooks - many of which are not related to secrets scanning. Furthermore, there are lots of other types of secret that we may accidentally commit beyond private keys. I'm happy for us to look to replace talisman that is producing many to many false positives, but not sure this is the right option to replace it. I've had success with https://github.com/Yelp/detect-secrets before.

subnova
subnova reviewed Aug 1, 2023
View reviewed changes
scripts/run.sh Outdated Show resolved Hide resolved
subnova
subnova reviewed Aug 1, 2023
View reviewed changes
README.md Outdated Show resolved Hide resolved
@kaihendry
Copy link
Contributor Author

kaihendry commented Aug 1, 2023
edited
Loading

I've made some changes, https://github.com/Yelp/detect-secrets has just way too many false positives.

detect-private-key seems like the sanest start. Else revert back to helm?

kaihendry added a commit that referenced this pull request Aug 2, 2023
@kaihendry
refactor: pre-commit hooks and apply comments on #8
20e4996
@kaihendry kaihendry mentioned this pull request Aug 2, 2023
Merged
@kaihendry kaihendry closed this Aug 2, 2023
@kaihendry kaihendry deleted the autotoken branch August 4, 2023 08:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@subnova subnova subnova requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kaihendry @subnova