By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps to developers.
Failure message should the rule fail
Secrets scanner was not detected in the repository pipelines. It is highly recommended to add one to prevent secrets leaks.
What SCMs is this rule eligible for
Github, Gitlab.
Will this rule work in local run
Eligible for local as well. same behavior.
What CI/CD platforms is this rule eligible for
Github Actions, GitlabCI, JFrog Pipelines.
Should this rule be enabled by default
No
Sample repos/orgs to test the rule
Example of how to integrate trivy
Name of the rule you'd like to add ensure-secrets-scanner
Describe the rule At least one pipeline in each repository should run a secrets scanner to prevent secrets leaks.
What triggers the rule If none of the following runs in the repo: trufflehog GitGuardian Gitleaks Trivy
Failure message should the rule fail Secrets scanner was not detected in the repository pipelines. It is highly recommended to add one to prevent secrets leaks.
What SCMs is this rule eligible for Github, Gitlab.
Will this rule work in local run Eligible for local as well. same behavior.
What CI/CD platforms is this rule eligible for Github Actions, GitlabCI, JFrog Pipelines.
Should this rule be enabled by default No
Sample repos/orgs to test the rule Example of how to integrate trivy