Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

.gitleaksignore does not work for bitbucketpipelines/git-secrets-scan:3.0.0

Thomas Einwaller
Thomas Einwaller
Contributor
December 16, 2024

 

I tried to add fingerprints to the `.gitleaksignore` file but that does not work

how do I have to get the fingerprints?

I tried to run gitleaks command locally in my repo, but they have a totally different style then the ones of the CodeInsights report in the pipeline

Answer
Watch
Like TheresaSmith likes this
113 views

1 answer

0 votes
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 17, 2024

Hi @Thomas Einwaller 

Can you confirm if you have ever used .gitleaksignore before successfully with a previous version of this pipe?

Cheers!

- Ben (Bitbucket Cloud Support)

 

View More Comments
Thomas Einwaller
Thomas Einwaller
Contributor
December 18, 2024

@Ben sorry for not being explicit enough and maybe causing confusion

 

we upgraded from atlassian/git-secrets-scan:0.6.1 to atlassian/git-secrets-scan:3.0.0

version 3.0.0 found secrets in the git history which we cannot remove anymore so we need to ignore them 

we tried to use .gitleaksignore by adding fingerprints created by running gitleaks locally or from the pipeline CodeInsight report but neither works

Like
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 18, 2024

Hey @Thomas Einwaller 

Thank you for clarifying. I've reached out to our pipes team for further assistance, the response will likely be delayed due to the holiday period - but I will respond once I have further information for you :)

Cheers!

- Ben (Bitbucket Cloud Support)

Like
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 19, 2024

Hi @Thomas Einwaller 

I noticed our pipes team responded to you - is this resolved now?

https://community.atlassian.com/t5/Bitbucket-questions/Incorrect-security-issue-flagged-by-atlassian-ms-teams-notify-0/qaq-p/2832751#M110211

Cheers!

- Ben (Bitbucket Cloud Support)

Like Igor Stoyanov likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events