This section assumes you already used Onboardbase CLI in your project, check the installation
Onboardbase aims to remove the need for env files, hardcoded secrets, and copy-pasted credentials to make your life as a developer much easier. With Onboardbase scan, we can scan your code base for secrets that are 'spilling' over i.e that are not managed by Onboardbase.
$ onboardbase scan
Now you should have the list of detected secrets spilled in your codebase. Please remove them and proceed to continue managing your secrets with Onboardbase
.onboardbase.yaml setup file
setup: project: frontend-marketing environment: development secrets: local: - DATABASE_URL: 2314 scan: for: ["ONBOARDBASE", "GITLAB"]
Adding a pre-commit scan with husky
Onboardbase scan works with husky to ensure you don't commit any secret to your repo.
npm install husky --save-dev
package.json > prepare script and run it once:
npm set-script prepare "husky install" npm run prepare
Add a hook
npx husky add .husky/pre-commit "onboardbase scan" git add .husky/pre-commit
Make a commit
git commit -m "Keep calm and commit" # `onboardbase scan` will run
Awesome, now you can code with no worries.
Updated 4 months ago