This section assumes you already used Onboardbase CLI in your project, check the installation
Onboardbase aims to remove the need for env files, hardcoded secrets, and copy-pasted credentials to make your life as a developer much easier. With Onboardbase scan, we can scan your code base for secrets that are 'spilling' over i.e that are not managed by Onboardbase.
$ onboardbase scan
Now you should have the list of detected secrets spilled in your codebase. Please remove them and proceed to continue managing your secrets with Onboardbase
.onboardbase.yaml setup file
- DATABASE_URL: 2314
for: ["ONBOARDBASE", "GITLAB"]
Adding a pre-commit scan with husky
Onboardbase scan works with husky to ensure you don't commit any secret to your repo.
npm install husky --save-dev
package.json > prepare script and run it once:
npm set-script prepare "husky install"
npm run prepare
Add a hook
npx husky add .husky/pre-commit "onboardbase scan"
git add .husky/pre-commit
Make a commit
git commit -m "Keep calm and commit"
# `onboardbase scan` will run
Awesome, now you can code with no worries.
Updated 4 months ago