Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: update trg-8-03.md, introduce TruffleHog #950

Merged
merged 8 commits into from
Aug 28, 2024
Merged

docs: update trg-8-03.md, introduce TruffleHog #950

merged 8 commits into from
Aug 28, 2024

Conversation

RoKrish14
Copy link
Contributor

@RoKrish14 RoKrish14 commented Jun 27, 2024
edited
Loading

Description

This PR introduces TruffleHog as a new open source tool for secret scanning to be used alongside native Github Secret scanning. This is being enforced as a replacement to the existing GitGuardian (commercial) tool.

Example workflow:

  1. https://github.com/eclipse-tractusx/bpdm/blob/main/.github/workflows/trufflehog.yml
  2. https://github.com/eclipse-tractusx/demand-capacity-mgmt/blob/main/.github/workflows/trufflehog.yml

Please note: The TRG checks continues for 24.08 under GitGuardian for secret scanning.
The teams who have already implemented TruffleHog, can also be considered for the TRG checks.

NOTE: Please do not merge this PR until the August release

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

@RoKrish14 RoKrish14 requested review from carslen and evegufy June 27, 2024 12:17
@RoKrish14 RoKrish14 self-assigned this Jun 27, 2024
@RoKrish14 RoKrish14 requested review from FaGru3n and matbmoser July 1, 2024 13:37
This was referenced Jul 29, 2024
Merged
Closed
Closed
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Closed
@RoKrish14
Copy link
Contributor Author

NOTE: Please do not merge this PR until the August release

@matbmoser
Copy link
Contributor

@RoKrish14 you could have placed it as a draft then

@RoKrish14 RoKrish14 marked this pull request as draft August 1, 2024 09:12
@tom-rm-meyer-ISST
Copy link
Contributor

@eclipse-tractusx/automotive-tractusx-committers please review

tom-rm-meyer-ISST
tom-rm-meyer-ISST previously approved these changes Aug 8, 2024
View reviewed changes
Copy link
Contributor

@tom-rm-meyer-ISST tom-rm-meyer-ISST left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please reformat table (accept suggestion). Rest is great, thanks!

docs/release/trg-8/trg-8-03.md Outdated Show resolved Hide resolved
@ndr-brt ndr-brt mentioned this pull request Aug 8, 2024
Merged
ndr-brt
ndr-brt reviewed Aug 8, 2024
View reviewed changes
docs/release/trg-8/trg-8-03.md Outdated
uses: actions/checkout@v3
with:
fetch-depth: 0 # Ensure full clone for pull request workflows
ref: ${{ github.head_ref }} # Fetch specific branch/commit for pull requests
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this gives error when the PR is opened from a fork (example), it can be removed, as checkout automatically picks up the PR's branch

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @ndr-brt: Yes, you are right, thanks for notifying. I have made the changes.

@evegufy evegufy marked this pull request as ready for review August 9, 2024 11:17
@evegufy evegufy changed the title docs: Update trg-8-03.md docs: update trg-8-03.md, introduce TruffleHog Aug 14, 2024
@evegufy
Copy link
Contributor

evegufy commented Aug 14, 2024

@RoKrish14 are you still integrating review comments?

@danielmiehle
Copy link
Contributor

@RoKrish14 Are you still working on this issue? I think we have a consensus on how we want to proceed here. Please get back by the end of next week, otherwise we would create a new PR for this topics. Thank you!

@RoKrish14
Copy link
Contributor Author

@evegufy and @danielmiehle : Apologies for the delay as I was on vacation.
Making the necessary changes right away :)

tom-rm-meyer-ISST
tom-rm-meyer-ISST approved these changes Aug 26, 2024
View reviewed changes
Copy link
Contributor

@tom-rm-meyer-ISST tom-rm-meyer-ISST left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for the updates!

@RoKrish14 RoKrish14 merged commit d1eaaf7 into main Aug 28, 2024
5 checks passed
@RoKrish14 RoKrish14 deleted the TRG-8-03.md branch August 28, 2024 11:04
This was referenced Sep 10, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tom-rm-meyer-ISST tom-rm-meyer-ISST tom-rm-meyer-ISST approved these changes

@ndr-brt ndr-brt ndr-brt approved these changes

@carslen carslen Awaiting requested review from carslen

@evegufy evegufy Awaiting requested review from evegufy

@SebastianBezold SebastianBezold Awaiting requested review from SebastianBezold

@Siegfriedk Siegfriedk Awaiting requested review from Siegfriedk

@matbmoser matbmoser Awaiting requested review from matbmoser

@FaGru3n FaGru3n Awaiting requested review from FaGru3n

Assignees

@RoKrish14 RoKrish14

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@RoKrish14 @matbmoser @tom-rm-meyer-ISST @evegufy @danielmiehle @ndr-brt @FaGru3n