Secret Scanning Rule

The following rule type is available for secret scanning.

`stacklok/secret_scanning` - Verifies that secret scanning is enabled for a given repository

Secret scanning is a feature that scans repositories for secrets and alerts the repository owner when a secret is found. To enable this feature in GitHub, you must enable it in the repository settings.

Note that this will not work as expected for private repositories unless you have GitHub Advanced Security enabled. If you still want to use this rule because you have a mixture of private and public repositories, enable the skip_private_repos flag.

For more information, see https://docs.github.com/en/github/administering-a-repository/about-secret-scanning

Entity

repository

Type

stacklok/secret_scanning

Rule parameters

None

Rule definition options

The stacklok/secret_scanning rule supports the following options:

enabled (boolean) - Whether secret scanning should be enabled for a given repository.
skip_private_repos (boolean) - If true, this rule will be marked as skipped for private repositories

stacklok/secret_scanning - Verifies that secret scanning is enabled for a given repository​

Entity​

Type​

Rule parameters​

Rule definition options​

`stacklok/secret_scanning` - Verifies that secret scanning is enabled for a given repository

Entity

Type

Rule parameters

Rule definition options