issues
search
NASA-AMMOS
/
slim
Software Lifecycle Improvement & Modernization
https://nasa-ammos.github.io/slim/
Apache License 2.0
25
stars
9
forks
source link
Starter kits for DCO and credential scanning
#27
Closed
riverma
closed
2 years ago
riverma
commented
2 years ago
Purpose
To automatically ensure that contributors to a repo have "signed-off" on their developer certificate of origin (DCO) when pushing to a GitHub repo
To automatically check if secrets/credentials (especially AWS ones) are not inadvertently committed to a repo (on the client side)
Proposed Changes
[ADD] Starter kit for DCO "sign-offs"
[ADD] Starter kit for secrets/credential scanning during Git commits
Issues
26
Testing
DCO scanner example:
https://github.com/riverma/terraformly/pull/3
git-secrets
tested locally on machine successfully
Purpose
Proposed Changes
Issues
26
Testing
git-secrets
tested locally on machine successfully