https://github.com/cds-snc/github-secret-scanning

GitHub secret scanning alert service
https://github.com/cds-snc/github-secret-scanning

aws github-secrets python

Last synced: 6 months ago
JSON representation

GitHub secret scanning alert service

• Host: GitHub
• URL: https://github.com/cds-snc/github-secret-scanning
• Owner: cds-snc
• License: mit
• Created: 2023-02-10T15:14:08.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2024-04-12T14:39:22.000Z (almost 2 years ago)
• Last Synced: 2024-04-12T21:12:14.695Z (almost 2 years ago)
• Topics: aws, github-secrets, python
• Language: HCL
• Homepage: https://github-secret-scanning.alpha.canada.ca/docs
• Size: 361 KB
• Stars: 3
• Watchers: 12
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Github secret scanning alert service :microscope: :warning:

This repo holds the API and infrastructure code for the [Github secret scanning alert service](https://docs.github.com/en/developers/overview/secret-scanning-partner-program#create-a-secret-alert-service).

When GitHub detects our registered secrets in public repositories, it will send an alert to this service.  The detected secret will be logged and an alarm triggered so the impacted team can take action.

## Local development

1. Start the [devcontainer](https://code.visualstudio.com/docs/devcontainers/containers).

1. Make a copy of `api/.env.example` and name it `api/.env`.

1. Run `cd api && make dev` and access on `localhost:8000`.

Your requests to the API will need an `X-CloudFront-Header` with the value you set in the `api/.env` file for `CLOUDFRONT_HEADER`:

```sh

curl http://localhost:8000/version \

    -H "X-CloudFront-Header: some-secret-value"

```

Alternatively, you can set `CLOUDFRONT_HEADER=localhost` to disable this check.