secretsgen

command
v3.30.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 14, 2026 License: AGPL-3.0 Imports: 8 Imported by: 0

Documentation

Overview

Command secretsgen renders the high-fidelity secret-detection rule set and its documentation from a single source of truth: catalog.json.

For every catalog entry it emits:

  • internal/sast/rules/vnx-sec-<id>.rego (the OPA rule)
  • a row in website/content/docs/sast-rules/secrets/<category>.md

Rules and docs are therefore guaranteed never to drift. Run via: 

just gen-secrets        # go run ./internal/sast/secretsgen

The catalog is build-time only and is NOT embedded in the shipped binary (it lives outside internal/sast/rules, which is the only embedded tree).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.