Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DERCBOT-1327] Git hooks - Gitleaks #1820

Merged
merged 3 commits into from
Jan 14, 2025
Merged

[DERCBOT-1327] Git hooks - Gitleaks #1820

merged 3 commits into from
Jan 14, 2025

Conversation

assouktim
Copy link
Contributor

@assouktim assouktim commented Jan 10, 2025
edited by Benvii
Loading

Git hook to detect secrets such as passwords, API keys and tokens in git repositories.

Breaking change

For deployment using RAW secrets stored in mongo database or calling the Gen AI Orchestrator using raw secret (which is not advised for obvious security reasons), the format of the secret is changed key containing the secret value was previously named api_key.value is now named api_key.secret.

NB : We have not updated the existing data, as we consider that only developers use Raw-type secrets (which are subject to code refactoring)

@assouktim assouktim self-assigned this Jan 10, 2025
@assouktim assouktim force-pushed the feature/dercbot-1327 branch from 83a9844 to aaadd6c Compare January 13, 2025 09:29
Benvii
Benvii requested changes Jan 13, 2025
View reviewed changes
Copy link
Member

@Benvii Benvii left a comment
edited by assouktim
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR 👍️

Missing :

Can you also add to the main README.md how to setup this hook / pre-commit, so that new developers will have the documentation.

gen-ai/orchestrator-server/src/main/python/server/.pre-commit-config.yaml Show resolved Hide resolved
Benvii
Benvii requested changes Jan 14, 2025
View reviewed changes
Copy link
Member

@Benvii Benvii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry I forgot one point, can you add to the main README.md that this project uses pre-commit ?

I agree that this README.md should have more content, we can start with this :)
Otherwise developers will forgot to enable the pre-commit hook.

Benvii
Benvii approved these changes Jan 14, 2025
View reviewed changes
Copy link
Member

@Benvii Benvii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍️

@Benvii Benvii merged commit ad893e1 into theopenconversationkit:master Jan 14, 2025
@Benvii Benvii deleted the feature/dercbot-1327 branch January 14, 2025 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rkuffer rkuffer rkuffer approved these changes

@Benvii Benvii Benvii approved these changes

Assignees

@assouktim assouktim

Labels
enhancement
Projects
CreditMutuelArkea backlog
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@assouktim @Benvii @rkuffer