From 1dcc11759aec8916bf60525b1f4c4bae08973eb6 Mon Sep 17 00:00:00 2001 From: Andy D <8628078+rpigu-i@users.noreply.github.com> Date: Wed, 10 Jul 2024 08:20:18 -0400 Subject: [PATCH] Update README.md to include extra CodeSpaces docs --- part1/README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/part1/README.md b/part1/README.md index 11b16a5..21264f3 100644 --- a/part1/README.md +++ b/part1/README.md @@ -510,6 +510,10 @@ The next tool we will look at is Talisman. You can find it at the following GitH https://github.com/thoughtworks/talisman +For CodeSpaces you can clone to the environment via: + +`git clone https://github.com/thoughtworks/talisman.git` inside the `/workspaces` folder. + Talisman is capable of scanning git changesets to ensure secrets and other sensitive information is not added to the repository. This includes not only AWS API Keys, but SSH keys, tokens, passwords and similar. @@ -642,13 +646,13 @@ So what happens if we have already commited a file, or somebody not following be Let's look at an example. -### BFG to clean up accidental commits +### BFG to clean up accidental commits In some cases a file may already exist in the commit history that we need to remove. This could have been due to a disabled pre-commit hook, a file or pattern that wasn't caught, or a file added prior to the introduction of DevSecOps processes. In order to clean up historical commits we can use BFG. Let's try an experiment to demonstrate this. -If you haven't downloaded/installed BFG yet, you can find it here: +The BFG Repo cleaner tool is pre-installed into the workspaces dev container. If you are working locally and haven't downloaded/installed BFG yet, you can find it here: https://rtyley.github.io/bfg-repo-cleaner/ @@ -679,7 +683,6 @@ We are now going to demonstrate how a mistake can happen that needs to be cleane git commit -m"Adding the .env file so we can demonstrate BFG" ``` - Now push this commit to your fork. ```console