Skip to main content

Gitleaks

Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code.

🚀 Usage​

Add the following command to your CI configuration file:

fluentci run --wasm gitleaks detect

Commands​

NameDescription
setupInstall Gitleaks
detectDetect secrets in a repo

Code examples​

Add fluentci-pdk crate to your Cargo.toml:

[dependencies]
fluentci-pdk = "0.2.1"

Use the following code to call a module function:

use fluentci_pdk::dag;

// ...

dag().call(
"https://pkg.fluentci.io/[email protected]?wasm=1",
"detect",
vec![],
);

CI/CD Integration​

The following example shows how to integrate FluentCI with popular CI providers to detect secrets in your codebase using Gitleaks:

ci.yml
name: ci
on:
push:
branches:
- main
jobs:
tasks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Fluent CI
uses: fluentci-io/setup-fluentci@v5
with:
wasm: true
plugin: gitleaks
args: |
detect