Skip to content

Commit c5b7884

Browse files
AlldaAllda
committed
Add gitleaks detection
The gitleak detection is preconfigured for this repository and detects secrets in commits. The installation has to be done in contributor environment. This commit also decrypt public certificates. JIRA: ISV-1494, ISV-3273
1 parent bfcd297 commit c5b7884

18 files changed

+450
-1379
lines changed

.pre-commit-config.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
repos:
2+
- repo: https://github.com/zricethezav/gitleaks
3+
rev: v8.16.0
4+
hooks:
5+
- id: gitleaks

ansible/inventory/group_vars/operator-pipeline-prod.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ operator_pipeline_kubeconfig_prow_local_path: ../../vaults/prod/kubeconfig-prow
1616
operator_pipeline_github_bot_token: ../../vaults/prod/github-bot-token.txt
1717

1818
operator_pipeline_preflight_decryption_key_private_local_path: ../../vaults/prod/preflight-decryption-key-priv.gpg
19-
operator_pipeline_preflight_decryption_key_public_local_path: ../../vaults/prod/preflight-decryption-key-pub.gpg
19+
operator_pipeline_preflight_decryption_key_public_local_path: ../../vaults/prod/preflight-decryption-key-pub
2020

2121
pipelines_metrics_endpoint: http://pipeline-metrics.pipeline-metrics-prod
2222

ansible/inventory/group_vars/operator-pipeline.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ operator_pipeline_hydra_sso_client_id_local_path: ../../vaults/common/nonprod-hy
3535
operator_pipeline_hydra_sso_client_secret_local_path: ../../vaults/common/nonprod-hydra-sso-client-secret
3636

3737
operator_pipeline_preflight_decryption_key_private_local_path: ../../vaults/common/preflight-decryption-key-priv.gpg
38-
operator_pipeline_preflight_decryption_key_public_local_path: ../../vaults/common/preflight-decryption-key-pub.gpg
38+
operator_pipeline_preflight_decryption_key_public_local_path: ../../vaults/common/preflight-decryption-key-pub
3939

4040
operator_pipeline_gpg_key_path: ../../vaults/{{ env }}/operator-pipeline-gpg.key
4141
operator_pipeline_gpg_passphrase_path: ../../vaults/{{ env }}/operator-pipeline-gpg.passphrase

ansible/vaults/common/preflight-decryption-key-pub

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
-----BEGIN PGP PUBLIC KEY BLOCK-----
2+
3+
mQINBGFSHhQBEADCTsMrW7o46xnkxv3DLaL+WOX74s+reqRwlhR7t0kjaZDTvsh/
4+
Islcum/6URabApEveRyi8jfMHRGqdRCtOjtaLmm2lKQzFt8ICe8KfNIhZBIhkoMu
5+
d0j6CTpUcCQ9hYfSleqRWST9FKY36aPxn9KG3mByzz0Ya8Yo9E6tODo4nZIRCn9o
6+
EZvhSFJhJRT8Bn8e4He/nvbJOv6wux1kRSbQT3RavA3evZtVzz2PCrSBxlcGnCQ6
7+
8Ij/Zgtn9tNj66XNrPWJzSWLrPICJcocT29xOIOF9CYB3MYo9ak+q1c4Q1Ei1RmJ
8+
TvQMI5WqfD8wfywWVIPqUP+01E+v7qgn5BBCHhI4y5nTeYaW96tGYiWIL9t8eE5g
9+
OGoSvo7sp9BzmKE6AMiKaBFl5+ZqVEmuS5HiFc8OwMR8xrYfVku+UUmxprxPByXb
10+
drgoG7pzU+EM7EoeQoZJ0GCd+pnFEACjJCHQLT9u9Gd71UNmpJS+sXYDwpIXjddY
11+
jDRjur1sviydVep9i8rtBkqzWMqyGrYCGkZXoWGauJptIJ5GwBIllt7Jpf6DgjNR
12+
nKgRILh7PeZGm0aduIqq1XoCiijco9j1RZuat1IaLxnWGlIZ7cXAbWJfi+IsPV+N
13+
6c7B+EZljjqvKMjaV4AdMjVBALetBRe88rH3r3l/W6fGJYDU5T+MUwqDBQARAQAB
14+
tDlQcmVmbGlnaHQgVHJpZ2dlciA8cHJlZmxpZ2h0LXRyaWdnZXItbm8tcmVwbHlA
15+
cmVkaGF0LmNvbT6JAk4EEwEIADgWIQRu96rOKJ5RiV24N1UAPFA0EKTp1AUCYVIe
16+
FAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAAPFA0EKTp1E9fEAC34ODG
17+
VUjBvBGEDpWWTs8MHuE35ISloiH3KZ6GSBZB1OxtWXnbK8xvVbIdun+W5dPaj+qB
18+
IuMK+ONehpuJyt39PONvwWzu6mArI3mtjE40MFYfl2MPkdMDpr7NmeseD9brlJhw
19+
27OmX7QSkEu5T5CQ96XcXOL+ZoQSARD7am1yJcobdvn+U1b9uwiOA+2EbQYm1gaR
20+
0a+TOCr0tS8akePou0c9t6DQe/4d4b1bbIyAe8DgpqGVtoew28G8Jb2E3HKXIlKY
21+
8jBR2HI5eEisWtFQ6ZCZmHxy7KZW7eEQZqXxBnH9Qv3mkJ4O7mLEszkMNCJUPM+U
22+
nknVZbPrFIDAjg1PvT/QYfiGayHarsBIKRr5WbCbCxPEU4ygCBeuQ3LsNwRuOIX/
23+
TB36li7WKts8PK0ZkcQgVVBEzA9FZhUcju5nvKAS8jG/nKm/zROBvNIcfIQ9iOPm
24+
N/jCBRxHKs/SKfF2rVEG9cHbXdPNVT432iz7izjb7LCcVuD+eujroYP0jjQ2nL5F
25+
Urayyw4/kVRGgPy7ssnO2pkA/h+SQmrVNbf0eakbYu/Of/nvj1ADTG12QTQWGaIc
26+
GMkndeSFrVH4UBBCpberd8b/BtYuUqP5rgtkleFYRNy5fRfFxA2Ije9iaobdal5k
27+
Sdvn1ZeJjD+py5kBo+sNePiXYlQnRyYH63fFQLkCDQRhUh4UARAAvisu17ZpOeh5
28+
YGdejPz3qtz/baBrh3Fw1B29L+LSIUgp1Rli3Jk66QgvYMVVabD3qpj3IhKNy9O8
29+
o2Veb2uL/AgkjDrBLEnxbdCBlSndi6He+MyuPazAY1PjIQrJTv/fLdsWBaO+pjHI
30+
H0stScLQtTK0I1ntc9TciGKXeFQ46Z39bDGuM+6Z3D5YJd8t5NZmJyZUGfu2rPP3
31+
C2+nkuPI7LnvkM0XDl5+aKeYxV5MTFBF9RBg22mGea339HbXLlhv2xIFD9MZLD5t
32+
oUkzCOOFOWz7P6o59cpWCae2C1Q/d/Cb5ar5aQppfuqqN2qNHTr28gkkxGNsmpK7
33+
flMOnlXUKEbuwf5Wy+na7DtbryZ6rzTkRr96KvbOpx4NTGTHQt+ruSQYyypHsUm+
34+
GQMfF4kAXOQmviJIBwcsmIXNemDS9x2Nj0bzAbgOyaOsvEnW2SdVx/jTyEra1dwl
35+
+wX9Eek0GXzuKFb17dwKO32RYvR2fl5oIEeMvu1cp8SRjtXF1+/5887amyBstgO6
36+
A9t575DOrmlcUjd9GGTTUCrixoHzZIbbhmB17/doA9t6/X5VfY2qGn+QWIQ7T9S4
37+
VwQQsQ+GD4m0go+DYU/PYjGr0u0pIKRGnvAwZvBxMeSH0aUl9xx/iNhJA8iQp2Jv
38+
UvZrQydnB7DuZqxICNKrQDYR5guZSi8AEQEAAYkCNgQYAQgAIBYhBG73qs4onlGJ
39+
Xbg3VQA8UDQQpOnUBQJhUh4UAhsMAAoJEAA8UDQQpOnUwGgQAJ44zWU7cdzXpK8B
40+
5gMPM8Wpdu6zQZzVpvd5eXjzFFu1yO1XUYeU+s8GGy7QRrEh6g1dsK4fcmAv9IZX
41+
aPH+E0pXBDXUJQmXkwMy+hdMCbuupfZ6c+03mAwLHhZJFciGocepJkE/fHqVrzxw
42+
cCbbLTFRzUS37ecLQWs23xGIXKCMlIeQW0D7/PXxMZa7GRzZXVx5G5cNwO7BG66F
43+
upG/sDGfCys3Pgbq3rKX8srMN8DS1ydQekwbpQz66hP001l8Y1xPA7/WhXit/urv
44+
Qvlb884aje3JW3VoBDlWQ4mCYpCm1LiTuPF457EBFQLNexXQGBAQj1HImb/tBCyN
45+
2GGMdh2+vo4SPM1K9Wz/jbFlfbL48MivfYHznnXKy7gXPqHiylJkUU0YQlUivs6j
46+
E6rzRi2JTpMPg7C2n2LOev7kvIexS98MDRVzYYM9DCFEj1ynRR5m/yEbVT0FSceA
47+
IYG2yO83yv3gJVUmbSJEKqt7Ekse5yXguNZ2wjfuUjKdJSQlTFCYPQhFy7+BKeph
48+
PUsEPLjLn9DpXkytyiOhGg9/k4spXMT6lv22uF8JWrxu/oaClAyWuK78f8QII7Gv
49+
vO6/NvBudCljUZGS0NrfW2Zmhcl5/193apbHbgh/u6TqvNfd2xWl1Wz9257mP4MK
50+
q2ZORRm5Mw4W36E4xivwLf7KiHVL
51+
=jLOe
52+
-----END PGP PUBLIC KEY BLOCK-----

ansible/vaults/common/preflight-decryption-key-pub.gpg

Lines changed: 0 additions & 163 deletions
This file was deleted.

0 commit comments

Comments
 (0)