What is GitGaurdian and ggsheild?
The ggsheild is a security CLI tool developed by GitGuardian that helps developers and organizations prevent the exposure of sensitive information, such as API keys, credentials, and secrets, in their Git repositories.What are key features of ggsheild?
- Pre-Commit and Pre-Push Scanning: Scans code before it is committed or pushed to detect secrets. Prevents accidental leaks of sensitive data in version control.
- CI/CD Pipeline Integration: Works with GitHub Actions, GitLab CI/CD, Jenkins, and other CI tools. Ensures security checks are part of automated workflows.
- Real-Time Monitoring and Alerts: Detects exposed secrets in public or private repositories. Sends alerts and suggests remediation steps.
- Custom Rules & Policies: Allows defining custom regex patterns to detect organization-specific secrets. Supports allowlists to prevent false positives.
How to install ggsheild on Ubuntu 24.04?
apt update apt install -y pipx pipx install ggshield
Post installation settings:
pipx ensurepathYou will need to open a new terminal or re-login for the PATH changes to take effect. Now verify the ggshield version
ggsheild --versionInstall in local will update the pre-commit file.
ggsheild install -m localLet's do the experiment - will update the pre-commit executable file in your existing repository at .git/hooks/pre-commit path.
We can run the same ggsheild installation with global scope as well
ggsheild install -m globalWe can use the 'ignore' the last findings
ggsheild ignore --last-found