While tartufo
started its life with one primary mode of operation, scanning the history of a git repository, it has grown other time to have a number of additional uses and modes of operation.
These are all invoked via different sub-commands of tartufo
.
This is the “classic” use case for tartufo
: Scanning the history of a git repository. There are two ways to invoke this functionality, depending if you are scanning a repository which you already have cloned locally, or one on a remote system.
$ tartufo scan-local-repo /path/to/my/repo
To use docker
, mount the local clone to the /git
folder in the docker image:
$ docker run --rm -v "/path/to/my/repo:/git" godaddy/tartufo scan-local-repo /git
$ tartufo scan-remote-repo https://github.com/godaddy/tartufo.git
To use docker
:
$ docker run --rm godaddy/tartufo scan-remote-repo https://github.com/godaddy/tartufo.git
When used this way, tartufo will clone the repository to a temporary directory, scan the local clone, and then delete it.
When running any Git history scan, you can show scan progress by using the --progress
or -p
flag.
For more information click here.
Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…
User management is a critical aspect of Linux administration. Each user in a Linux system…
Managing users is an essential part of Linux system administration. Knowing how to list all…
Nmap (Network Mapper) is a free tool that helps you find devices on a network,…
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…