Fix gitleaks configuration (#950)

treeverse · Dec 8, 2020 · 4ce4df1 · 4ce4df1
1 parent 68cdf0c
commit 4ce4df1
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 8 deletions.
diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml
@@ -11,6 +11,8 @@ jobs:
     steps:
       - name: Check-out code
         uses: actions/checkout@v2
+        with:
+          fetch-depth: '1'
       - name: Setup Go
         uses: actions/setup-go@v2
         with:
@@ -23,7 +25,7 @@ jobs:
         env:
           GOLANGCI_LINT_FLAGS: --out-format github-actions
       - name: gitLeaks
-        uses: zricethezav/gitleaks-action@v1.1.2
+        uses: zricethezav/gitleaks-action@v1.1.4
 
   test:
     name: Run Test Suite

diff --git a/.gitleaks.toml b/.gitleaks.toml
@@ -4,12 +4,11 @@ title = "gitleaks config"
     description = "AWS Manager ID"
     regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
     tags = ["key", "AWS"]
-        [[rules.allowlist]]
-            regex = '''(AKIAIOSFODNN7EXAMPLE|AKIAIO5FODNN7EXAMPLE|AKIA6HHRMQLJMDVXY6OR|AKIAIOSFODNN3EXAMPLE|AKIAIOSFODNS3EXAMPLE|AKIAIOSFOLAKEEXAMPLE|AKIAJ5SI5UWYOAXGHOXQ|AKIAJF2VSETNW3RTP3ZQ|AKIAJF4EV2DBC56IOAOQ|AKIAJIEMTME6UEVWXB2Q|AKIAJKKRUNSYM5MZSHDQ|AKIAJKLO4PDKEBQUDHYQ|AKIAJLQLVNL2XZ7EH6RQ|AKIAJNYOQZSWBSSXURPQ|AKIAJTZZYQTU5YGV4O3Q|AKIAJV3OAIYRIVODAQVQ|AKIAJVD5P3WTAFH7IN5Q|AKIAJXQPFV4FZH7UMMAQ|AKIAYRJJ6GNGCYQEPB7A).*'''
-            description = "ignore some aws keys"
+    [rules.allowlist]
+        description = "ignore some aws keys"
+        regex = '''(AKIAIOSFODNN7EXAMPLE|AKIAIO5FODNN7EXAMPLE|AKIA6HHRMQLJMDVXY6OR|AKIAIOSFODNN3EXAMPLE|AKIAIOSFODNS3EXAMPLE|AKIAIOSFOLAKEEXAMPLE|AKIAJ5SI5UWYOAXGHOXQ|AKIAJF2VSETNW3RTP3ZQ|AKIAJF4EV2DBC56IOAOQ|AKIAJIEMTME6UEVWXB2Q|AKIAJKKRUNSYM5MZSHDQ|AKIAJKLO4PDKEBQUDHYQ|AKIAJLQLVNL2XZ7EH6RQ|AKIAJNYOQZSWBSSXURPQ|AKIAJTZZYQTU5YGV4O3Q|AKIAJV3OAIYRIVODAQVQ|AKIAJVD5P3WTAFH7IN5Q|AKIAJXQPFV4FZH7UMMAQ|AKIAYRJJ6GNGCYQEPB7A).*'''
 
 [allowlist]
-	description = "Allowlisted files"
-	files = ['''^\.?gitleaks.toml$''',
-	'''(.*?)(jpg|gif|doc|pdf|bin)$''',
-	'''(go.mod|go.sum)$''']
+    description = "Allowlisted files"
+    files = [ '''^\.?gitleaks.toml$''', '''(.*?)(jpg|gif|doc|pdf|bin)$''', '''(go.mod|go.sum)$''']
+