GitGuardian CI/CD integration with Drone CI is performed through our CLI application gg-shield. gg-shield is a wrapper around GitGuardian API for secrets detection that requires an API key to work.
- Create an API key within the API section of your GitGuardian workspace.
- Add this API key to the
GITGUARDIAN_API_KEYenvironment variable in your project settings. It should be available for Drone CI runners.
- In order to add gg-shield to your pipelines, configure your
.drone.ymlto add a gg-shield scanning job.
kind: pipelinetype: dockername: default steps:- name: gg-shield image: gitguardian/ggshield:latest commands: - ggshield scan ci