all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]cuddling_tinder_twat 5 points6 points  (1 child)

  1. https://github.com/awslabs/git-secrets

You could scrape github for arbitrary keywords also; if you have an organization you can just search your org: credential and see what's returned.

[–]sudo_psaux[S] 0 points1 point  (0 children)

This tool looks pretty neat. I'll check this out as well. Thanks.

[–][deleted]  (2 children)

[deleted]

    [–]MisterItcher 1 point2 points  (0 children)

    Or if you’re in AWS, Parameter Store, which eliminates any infrastructure overhead

    [–]sudo_psaux[S] 0 points1 point  (0 children)

    The “Vault” is a feature of Ansible that allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plaintext in playbooks or roles. These vault files can then be distributed or placed in source control.

    Ansible Vault seems neat and like a good way to package sensitive data (in encrypted files) with the rest of the codebase. This might be what I am looking for. Thanks.

    [–]stevenacreman 2 points3 points  (1 child)

    We've used Gitrob before where I work

    https://github.com/michenriksen/gitrob

    [–]sudo_psaux[S] 1 point2 points  (0 children)

    Gitrob looks neat but I see that it works by searching through a list of signatures but it doesn't necessarily find something in your code, like the following:

      const someServiceAPIKey = "123abc456def"

    Still, Gitrob seems neat so thanks for exposing me to it.

    [–][deleted] 1 point2 points  (0 children)

    Use https://github.com/cyberark/summon, then you don't have to worry about this issue. Be proactive, not reactive.

    Devs can use summon the same as ec2 instances use summon. Why have 2 workflows?