Restart project VCSSLD in SUSE
an idea by mcaj
Updated about 1 hour ago. No love. 1 follower. Has no hacker: grab it!

Description

The project VCSSLD is security tools that is based on the TruffleHog tool. In the SUSE it was used to scan your Git source codes in Internal Gitlab instance as well as our GitHub data.

The tool was not properly handle to our Service team due to organization and personal reasons. The documentation is incomplete and its not clear how the applications works with tokens/secrets.

The last update on the TruffleHog was done one year ago.

Goals

  • Improve documentations for the application
  • document how the app handle with tokens/secrets
  • document how scan result as process - how is the end customer in this case.
  • checked current status for the production application -> fix it if its broken
  • Build the stage environment that will allow us test future updates.
  • Plan updates schedule

Resources

  • Internal documentation https://confluence.suse.com/spaces/LITC/pages/1315144264/VCS+SLD+Operational+Guide
  • upstream code https://github.com/trufflesecurity
  • Internal source code https://gitlab.suse.de/itpe/services/vcssld/vcs-sld-parser

No Hackers yet

Join this project

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 25

Activity

  • about 1 hour ago: mcaj originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!