-
Notifications
You must be signed in to change notification settings - Fork 27
/
.gitleaks.toml
26 lines (24 loc) · 1.22 KB
/
.gitleaks.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
title = "Maistra Envoy gitleaks configuration"
# The following rule lists all affected files and folders
# to account for all known files so any additions can be flagged.
# To be complete each file should have a regexp to identify
# the specific key in question (todo).
[[rules]]
description = "PRIVATE KEY CHECK PATHS"
regex = '''-----BEGIN ((EC|PGP|DSA|RSA|OPENSSH) )?PRIVATE KEY( BLOCK)?-----'''
tags = ["key"]
[rules.allowlist]
description = "test files"
paths = [
'''^test/common/grpc/service_key.json$''',
'''^test/common/quic/envoy_quic_proof_source_test.cc$''',
'''^test/extensions/filters/http/jwt_authn/test_common.h$''',
'''^contrib/cryptomb/private_key_providers/test/config_test.cc$''',
'''^contrib/sxg/filters/http/test/filter_test.cc$''',
'''^test/extensions/transport_sockets/tls/test_data/(.*?).(pem|key)$''',
'''^test/extensions/transport_sockets/tls/ocsp/test_data/(.*?).(pem|key)$''',
'''^test/config/integration/certs/(.*?).(pem|key)$''',
'''^contrib/cryptomb/private_key_providers/test/test_data/(.*?).(pem|key)$''',
'''^examples/_extra_certs/(.*?).(pem|key)$''',
'''^examples/(.*?)(yaml)$''',
]