Skip to content

Commit

Permalink
checkin .env file for secrets testing
Browse files Browse the repository at this point in the history
  • Loading branch information
austimkelly committed Jan 11, 2024
1 parent c1300cc commit cdbc8b5
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ celerybeat.pid
*.sage.py

# Environments
.env
#.env
.venv
env/
venv/
Expand Down
2 changes: 1 addition & 1 deletion doc/ghas-checklist.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* [ ] Enable Secrets Scanning - See [Configure secrets scan](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories)
* [ ] Enabled Secrets Push Protection - See [Push protection for repositories](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/push-protection-for-repositories-and-organizations)
* [ ] Find & manage secret alerts - See [Manage secret alerts](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/managing-alerts-from-secret-scanning)
* [ ] Try to push a secret with push protection enabled
* [ ] Try to push a secret with push protection enabled - See [Using secret as a push protection on the command line](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/push-protection-for-repositories-and-organizations#using-secret-scanning-as-a-push-protection-from-the-command-line)
* [ ] Create a custom secret scanning pattern - [See Define Custom Patterns](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)
* [ ] Create an exclude pattern for files and folders - See [Excluding directories from secrets scanning alerts for users](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories#excluding-directories-from-secret-scanning-alerts-for-users)

Expand Down
31 changes: 31 additions & 0 deletions secrets/.env
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# .env
# These are fake credentials for testing purposes only.
# The don't reflect any key ever used by me or anyone else.


# Login with Amazon
AMAZON_OAUTH_CLIENT_ID=1234567890abcdef
AMAZON_OAUTH_CLIENT_SECRET=abcdef1234567890

# Amazon Web Services (AWS)
AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

# Azure
AZURE_STORAGE_ACCOUNT_KEY=1ZDzx9z/58wL9xJFpCNl3ZG1HaA2bsjk3jZGlG4gZs3OsVBK4Ch+5RlGnTtB5t+4MdIj0/IvnlAEXAMPLE==

# Google
GOOGLE_CLOUD_STORAGE_USER_ACCESS_KEY_ID=GOOGV7EEYBZV26OHE3I4
GOOGLE_CLOUD_STORAGE_ACCESS_KEY_SECRET=FLWq3kZ0yPvGfiCPJHMTIxaZBvXGCh+Jkf526YXsz6s=

# Shopify
SHOPIFY_APP_SHARED_SECRET=shpss_7fcb7fcb7fcb7fcb7fcb7fcb7fcb7fc

# Slack
SLACK_WORKFLOW_WEBHOOK_URL=https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

# Square
SQUARE_ACCESS_TOKEN=sq0atp-XXXXXXXXXXXXXXXXXXXXXXXXX

# CloudBees CodeShip
CODESHIP_CREDENTIAL=cs_1234567890abcdef

0 comments on commit cdbc8b5

Please sign in to comment.