Skip to content

Secret scanning does not get my already marked false positives and accepted ones from devguard #7

Description

@timbastin

Currently the secret scanning never authenticates itself inside the git hook to a devguard instance. We should change that.

I think we should:

  1. Store org, project and asset in vscode settings so that one can commit the configured devguard connection
  2. Add the devguard token to the vscode secret store (already done) AND to the keyring of the os device (devguard-scanner auth)
  3. Use the --print-token flag of the auth command (I just added it) to retrieve the token in the git pre-commit hook and forward it to docker
docker run --rm -e DEVGUARD_TOKEN="$(devguard-scanner auth --print-token --assetName org/project/asset --apiUrl https://api.devguard.org)" devguard-scanner secret-scanning --token=$DEVGUARD_TOKEN...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions