version: 0.2

phases:
  pre_build:
    commands:
    - echo Setting CodeCommit Credentials
    - git config --global credential.helper '!aws codecommit credential-helper $@'
    - git config --global credential.UseHttpPath true
    - echo Copying secrets_config.json to the application directory
    - cp secrets_config.json $CODEBUILD_SRC_DIR_AppSource/secrets_config.json
    - echo Switching to the application directory
    - echo Installing truffleHog
    - which pip3 && pip3 --version
    - which python3 && python3 --version
    - pip3 install 'truffleHog>=2.1.0,<3.0'
  build:
    commands:
    - echo Build started on `date`
    - echo Scanning with truffleHog...
    - trufflehog --regex --rules secrets_config.json --max_depth 1 --entropy=False "$APP_REPO_URL"
  post_build:
    commands:
    - echo Build completed on `date`