search

GitGuardian / ggshield

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
https://gitguardian.com
MIT License
1.59k stars 139 forks source link

add ability to customize GITGUARDIAN PRERECEIVE MESSAGE #861

Closed Renizmy closed 3 months ago

Renizmy commented 4 months ago

Hello,

The main idea is to be able to customize the remediation message For example to set custom links to internal documentation . Maybe it could be better to set in the yaml configuration file, what do you think ?

agateau-gg commented 4 months ago

Hi @Renizmy, thanks for this contribution!

This is an interesting idea, I am forwarding it to our product-owners.

agateau-gg commented 4 months ago

Hi again!

We like your idea, but using an environment variable makes it difficult to set a multi-line message. We think it would be better to store this message in the configuration file. It could be added as secret.prereceive-remediation-message. One can then define the message in the global configuration file (~/.gitguardian.yaml) like this:

version: 2
secret:
  prereceive-remediation-message: |
    A multiline
    remediation
    message

To do so you would need to add a prereceive_remediation_message field to the SecretConfig class, and then use it from the current code as config.user_config.secret.prereceive_remediation_message.

Do you feel like doing this?

Renizmy commented 4 months ago

Indeed, the multi-line in an environnement variable is not a good idea .. Thank you for this information, here is the change

Renizmy commented 3 months ago

Hi, What do you think about it ?