ci_secrets is (https://github.com/pmarlow/ci_secrets) is a repo secret scanning tool which can easily be integrated with Travis and Gitlab ci without a need for a persistent server. Configuring this into the Jenkins pipeline is a bit tricky though as Jenkins does not support the environment variables like
"TRAVIS_COMMIT_RANGE" and/or
which is required to determine the latest-scanned commit from the first commit in the range.
is there a way to implement this in a Jenkins pipeline?
for example:
script:
- export COMMIT_RANGE=${TRAVIS_COMMIT_RANGE:-"000000000000000000000000000000000000"}
- export LAST_COMMIT=${COMMIT_RANGE%%.*}
- ci_secrets --since $LAST_COMMIT --includeMergeCommit --log INFO
