Automate with playbooks
The playbooks enable you to customize and automate GitGuardian behavior. They are accessible in your workspace settings.
If you need other playbooks, do not hesitate to submit your request here.
Auto-healing playbook
The auto-healing playbook automates the process of sharing incidents with the involved developers via a public share link.
To use the auto-healing playbook, the workspace's public sharing capability must be enabled.
Whenever a new incident is detected, GitGuardian will automatically create a public share link of the incident and send an email to the involved developer with the link, unless the developer is already a member of the workspace.
You can choose which options are automatically applied to the public share link:
- the ability to submit feedback on the incident through the provided link with the
Feedback collection option - the ability to resolve or ignore the incident directly via the provided link with the
Auto-healing option
The email sent automatically by GitGuardian is not customizable yet.
The emails are sent only to addresses considered as well formed and not matched by one of the exclude patterns aiming at detecting bots.
The auto-healing playbook is created by default by GitGuardian and is only accessible for workspaces under Business plan or in business trial. Only Owner and Managers of the workspace can activate or deactivate the playbook.
Auto-access granting playbook
The auto-access granting playbook automates the process of giving access to an incident's details in the GitGuardian dashboard, for members with Restricted and Member access levels.
Not only does this apply for real-time detection whenever a new incident is raised, it also applies to all historical incidents the developer was involved in. GitGuardian will automatically give the involved user access to the incident details page in the dashboard, this is done by matching the commit author email against the dashboard user email. Here is a description of the flow:
GitGuardian does not send sign-up invitations to the commit authors, they need to be already Restricted members of the workspace.
Auto-resolution playbook
The auto-resolution playbook automatically closes incidents that have once been valid and that become invalid. This is in order to facilitate the remediation process.
Not only does this apply for real-time detection whenever an incident is re-checked as invalid, but it also applies to all historical incidents that are concerned.
Upon activation of the playbook, the user will be prompted with a message warning that N historical incidents will be resolved when activating the playbook.
Eventually, note that incidents that are automatically closed by this playbook will display an audit log attributed to "GitGuardian Bot" for the corresponding action.
Auto-ignore false positive playbook
The auto-ignore playbook automatically ignores incidents that have been tagged as False Positive by our internal machine learning model. Our model only works for generic secrets. This helps streamline the remediation process and reduce incident noise.
This playbook is turned on by default. You can change the setting here.
This apply for real-time detection whenever an incident is identified as False Positive. It can also be applied to all historical incidents by launching a historical scan on your perimeter.
Finally, note that incidents automatically ignored by this playbook will display an audit log attributed to "GitGuardian Bot" for the corresponding action.
