From 15f17b28e4fe0761af2f1b1b23784a1906371cd8 Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Sun, 19 Nov 2023 21:02:21 +0100
Subject: [PATCH] feat: automated secrets check for the repository

---
 .pre-commit-config.yaml                   | 4 ++++
 .secretsignore                            | 6 ++++++
 knowledge base/detect-secrets.placeholder | 3 +++
 knowledge base/gitleaks.placeholder       | 4 ++++
 knowledge base/ripsecrets.placeholder     | 3 +++
 knowledge base/trufflehog.placeholder     | 3 +++
 6 files changed, 23 insertions(+)
 create mode 100644 .secretsignore
 create mode 100644 knowledge base/detect-secrets.placeholder
 create mode 100644 knowledge base/gitleaks.placeholder
 create mode 100644 knowledge base/ripsecrets.placeholder
 create mode 100644 knowledge base/trufflehog.placeholder

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index ae15baf..d97cc0f 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -24,6 +24,10 @@ repos:
       - id: check-yaml
         args:
           - --allow-multiple-documents
+  - repo: https://github.com/sirwart/ripsecrets
+    rev: v0.1.7
+    hooks:
+      - id: ripsecrets
   - repo: https://github.com/adrienverge/yamllint
     rev: v1.33.0
     hooks:
diff --git a/.secretsignore b/.secretsignore
new file mode 100644
index 0000000..2351ad6
--- /dev/null
+++ b/.secretsignore
@@ -0,0 +1,6 @@
+[secrets]
+PASSWORD
+s.WVDAitOTTTfcjlklwk8AADDs
+90E08830BC1AAD225E657AD4FBE638B3D8E50C9E
+5FA04ABEBFBC5089E50EDEB43198B4895BCA2136
+7710BA0643CC022B92544181FF2EAC2A290CDC0E
diff --git a/knowledge base/detect-secrets.placeholder b/knowledge base/detect-secrets.placeholder
new file mode 100644
index 0000000..5597559
--- /dev/null
+++ b/knowledge base/detect-secrets.placeholder	
@@ -0,0 +1,3 @@
+https://github.com/Yelp/detect-secrets
+
+alternatives: gitleaks, ripsecrets, trufflehog
diff --git a/knowledge base/gitleaks.placeholder b/knowledge base/gitleaks.placeholder
new file mode 100644
index 0000000..59b9e2c
--- /dev/null
+++ b/knowledge base/gitleaks.placeholder	
@@ -0,0 +1,4 @@
+https://gitleaks.io/
+https://github.com/gitleaks/gitleaks
+
+alternatives: detect-secrets, ripsecrets, trufflehog
diff --git a/knowledge base/ripsecrets.placeholder b/knowledge base/ripsecrets.placeholder
new file mode 100644
index 0000000..36abbd3
--- /dev/null
+++ b/knowledge base/ripsecrets.placeholder	
@@ -0,0 +1,3 @@
+https://github.com/sirwart/ripsecrets
+
+alternatives: detect-secrets, gitleaks, trufflehog
diff --git a/knowledge base/trufflehog.placeholder b/knowledge base/trufflehog.placeholder
new file mode 100644
index 0000000..cf4cbaa
--- /dev/null
+++ b/knowledge base/trufflehog.placeholder	
@@ -0,0 +1,3 @@
+https://github.com/trufflesecurity/trufflehog
+
+alternatives: detect-secrets, gitleaks, ripsecrets