This repo holds the API and infrastructure code for the Github secret scanning alert service.
When GitHub detects our registered secrets in public repositories, it will send an alert to this service. The detected secret will be logged and an alarm triggered so the impacted team can take action.
- Start the devcontainer.
- Make a copy of
api/.env.exampleand name itapi/.env. - Run
cd api && make devand access onlocalhost:8000.
Your requests to the API will need an X-CloudFront-Header with the value you set in the api/.env file for CLOUDFRONT_HEADER:
curl http://localhost:8000/version \
-H "X-CloudFront-Header: some-secret-value"Alternatively, you can set CLOUDFRONT_HEADER=localhost to disable this check.