TruffleHog will only scan what you have access to. 

You can configure this integration via the web UI through the integrations tab or you can use a local configuration file as outlined below.

If you omit providing projects then all code projects that the credential can list and access will be scanned.

Learn how to seamlessly integrate Gerrit and TruffleHog. Discover step-by-step instructions, along with practical examples of local configuration settings for code scanning in Gerrit. Uncover the extensive options and capabilities.

Filesystem

Gerrit

source

TruffleHog Docs

Choose your adventure

Creating a scanner

Configuring a scanner

Resource Requirements

Secrets management

Running the scanner

Terminology

Getting started

Artifactory

AWS S3

Azure Repos

Bitbucket

Buildkite

CircleCI

Confluence

Docker

GitLab

GitHub

Google Cloud Storage (GCS)

Google Drive

Jenkins

Jira

Microsoft Sharepoint

Microsoft Teams

Slack

Vector

Scan data for secrets

Email

Splunk

Stdout

Webhook

Notify results

Reverify secrets

Scanning in CI

Pre-commit hooks

Pre-receive hooks

Block secrets from leaking

Systemd

Helm Chart

Kubernetes manifest

Deployment

Custom detectors

Customizing detection

On-premise verification

Customizing TruffleHog

Authentication

Architecture

Compliance

Security and Compliance

Key	Description	Required
endpoint	The URL endpoint for the Gerrit service	Yes
projects	The list of projects to scan. Omit to enumerate instead.	No
skipBinaries	If set to true, binary files will be skipped	No
skipArchives	If set to true, binary files will be skipped	No

Feature	Supported
History	✅
Scan archive files	✅
Scan base64 encoded	✅
Scan binaries	✅
Exclude Filter	✅
Auto resume	✅

Gerrit

Configuration

Local configuration

Options

Capabilities