Secret Scanning Gitlab Component

The secret-scanning workflow is designed to identify sensitive information such as API keys, passwords, and other secrets within your codebase. By integrating secret scanning into your CI/CD pipeline, developers can proactively prevent the accidental exposure of confidential data, enhancing the overall security posture of the application.

The secret-scanning component accepts the following inputs:

Name	Description	Required	Default Value
`api_url`	The DevGuard API URL	No	`https://api.devguard.org`
`asset_name`	Name of the asset to scan	Yes
`token`	API token for authenticating with DevGuard	Yes
`scan_stage`	The stage where the scan is run	No	`test`
`runner_tags`	The runner tags used to select appropriate CI runners.	No	`""`

Usage Example:

Here's an example of how to call this component:

GitLab Components Reference
GitHub Workflows Reference
DevGuard Reference

Secret Scanning Gitlab Component#

Usage Example:#

Related Documentation#

Have feedback? We want to hear from you!

Secret Scanning Gitlab Component

Usage Example:

Related Documentation