Secrets like API keys and credentials can create a huge security risk when they get leaked into remote git repositories. Secrets inside git repositories must be considered compromised and revoked immediately, this is why it is much better to detect secrets before they enter your repository. This tutorial runs through how to create a pre-push hook that will run after the ' git push' command and block the push if any commits contain secrets.
Links
Pre-Commit framework: https://pre-commit.com
Ggshield GitHub repository: https://github.com/gitguardian/ggshield
GitGuardian Dashboard: https://dashboard.gitguardian.com GitGuardian website: https://gitguardian.com
Timeline:
0:00-Intro
0:30-pre-commit vs pre-push git hooks
1:38-Installing pre-commit framework
2:24-Creating the pre-commit YAML file
4:19-Installing the pre-push git hook
5:00-Getting a GitGuardian API key
6:46-Creating your .gitignore file
7:35-Testing the pre-push hook
9:52-Ignoring secrets and files with GGShield
12:57-Wrapup
