Skip to content

Instantly share code, notes, and snippets.

@lukehinds
Last active September 17, 2024 15:51
Show Gist options
  • Save lukehinds/e4d09b6b12dc2b87f5cc63c92ccde9e5 to your computer and use it in GitHub Desktop.
Save lukehinds/e4d09b6b12dc2b87f5cc63c92ccde9e5 to your computer and use it in GitHub Desktop.

Install the CLI

Mac

brew install stacklok/tap/minder

Windows

winget install stacklok.minder

Apply some rules and profiles

Clone rules and profiles

git clone [email protected]:stacklok/minder-rules-and-profiles.git profiles

Login and create an account

minder auth login

Create rules

minder ruletype create -f rule-types/github

Group the rules under a profile

minder profile create -f profiles/github/ghas.yaml

Enroll a provider

We will use GitHub for today

minder provider enroll --provider github-app

Register a repo

minder repo register

View the results

minder profile status list --detailed --name ghas-profile

image

Manual Remediaton

Let's now flip the secret scanning setting

Settings -> Code security and analysis -> Secret scanning [disable]

View the results (again)

image

Turn on auto-remediation

edit: profiles/github/ghas.yaml

image

View the results (again)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment