Skip to content
This repository has been archived by the owner on Sep 4, 2024. It is now read-only.

Commit

Permalink
Merge pull request #4 from tweag/talisman-bfg-docs-update
Browse files Browse the repository at this point in the history
Update README.md to include extra CodeSpaces docs
  • Loading branch information
rpigu-i authored Jul 10, 2024
2 parents d561de2 + 1dcc117 commit 66efca4
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions part1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -510,6 +510,10 @@ The next tool we will look at is Talisman. You can find it at the following GitH

https://github.com/thoughtworks/talisman

For CodeSpaces you can clone to the environment via:

`git clone https://github.com/thoughtworks/talisman.git` inside the `/workspaces` folder.

Talisman is capable of scanning git changesets to ensure secrets and other sensitive information is
not added to the repository. This includes not only AWS API Keys, but SSH keys, tokens, passwords and similar.

Expand Down Expand Up @@ -642,13 +646,13 @@ So what happens if we have already commited a file, or somebody not following be
Let's look at an example.


### BFG to clean up accidental commits
### BFG to clean up accidental commits

In some cases a file may already exist in the commit history that we need to remove. This could have been due to a disabled pre-commit hook, a file or pattern that wasn't caught, or a file added prior to the introduction of DevSecOps processes.

In order to clean up historical commits we can use BFG. Let's try an experiment to demonstrate this.

If you haven't downloaded/installed BFG yet, you can find it here:
The BFG Repo cleaner tool is pre-installed into the workspaces dev container. If you are working locally and haven't downloaded/installed BFG yet, you can find it here:

https://rtyley.github.io/bfg-repo-cleaner/

Expand Down Expand Up @@ -679,7 +683,6 @@ We are now going to demonstrate how a mistake can happen that needs to be cleane
git commit -m"Adding the .env file so we can demonstrate BFG"
```


Now push this commit to your fork.

```console
Expand Down

0 comments on commit 66efca4

Please sign in to comment.