I am attempting to manually setup truffleHog in GitLab CI to scan my GitLab repo for secrets. I think I’ve misconfigured my job. My guess would be the file path I’m passing to trufflehog is wrong, as the job runs quick and ends with a “job succeeded” despite the fact I have a dummy text file with “—-BEGIN PGP PRIVATE KEY BLOCK—–” and “EAACEdEose0cBA23456gfde4567hgf” to test whether or not it’s working as expected.
.gitlab-ci.yml looks like:
stages: - secrets trufflehog: stage: secrets image: python:3-alpine script: - apk add --no-cache git - pip install trufflehog - adduser -S truffleHog - trufflehog --entropy true "file://$PWD"
Any suggestions where I might be going wrong?