-
Notifications
You must be signed in to change notification settings - Fork 12
/
SecretsBuildspec .yaml
25 lines (24 loc) · 993 Bytes
/
SecretsBuildspec .yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
---
version: 0.2
phases:
install:
commands:
# Installing Git Secret to check for passwords and other sensitive information in the repository
- echo Installing AWSLab Git-secrets - `pwd`
- git clone https://github.com/awslabs/git-secrets /opt/git-secrets
- echo AWSLab Git-secrets installation complete `date`
build:
commands:
# Running awslabs/git-secrets to check for passwords and other sensitive information to a git repository
- echo Starting awslabs/git-secrets scanning `date` in `pwd` for passwords and other sensitive information
- cd /opt/git-secrets
- make install
- cd ~
- git config --global credential.helper '!aws codecommit credential-helper $@'
- git config --global credential.UseHttpPath true
- git clone $CloneUrlHttp
- cd $REPOSITORY_NAME
- git secrets --install
- git secrets --register-aws
- git secrets --add 'password\s*=\s*.+'
- git secrets --scan -r .