As I described in a pull request I created, the developer should use git-secrets to prevent the inadvertent committing of credentials into the repository. Besides, it is preferable if we can detect the accidental disclosure in our CI/CD process.
I found that the trufflehog action is useful to achieve the above detection. We can find the example in aws/elb-doctor.
As I described in a pull request I created, the developer should use
git-secrets
to prevent the inadvertent committing of credentials into the repository. Besides, it is preferable if we can detect the accidental disclosure in our CI/CD process.I found that the
trufflehog
action is useful to achieve the above detection. We can find the example in aws/elb-doctor.