1. Resources
  2. /
  3. Plugins
  4. /
  5. trufflehog-buildkite-plugin

TruffleHog Buildkite Plugin

This plugin attempts to find secrets within the image using TruffleHog and annotates the build with either a list of files containing secrets or a confirmation that no secrets were found.

Example

Add the following to your pipeline.yml:

steps: 
  - plugins:
      - cultureamp/trufflehog#v1.0.0:
          trufflehog-image-uri: 'trufflesecurity/trufflehog:latest'
          image-uri: '123456789012.dkr.ecr.us-east-1.amazonaws.com/my-image:latest'

Configuration

trufflehog-image-uri (optional, string)

The Docker URI for the TruffleHog image.

image-uri (required, string)

The URI of the image to scan for secrets.

Developing

To run the tests:

docker-compose run --rm tests

Contributing

  1. Fork the repository
  2. Make the changes
  3. Run the tests
  4. Commit and push the changes
  5. Create a pull request

Recommended plugins

Trivy

Trivy Security Scanning.

equinixmetal-buildkite equinixmetal-buildkite

Terraform-OPA

Runs Open Policy Agent against Terraform plans.

echoboomer echoboomer

sonarscanner

Run sonar-scanner.

wayfair-incubator wayfair-incubator

The plugins listed on this webpage are provided for informational purposes only. They have not undergone any formal security review or assessment. While we strive to provide useful resources, we cannot guarantee the safety, reliability, or integrity of these plugins. Users are strongly advised to conduct their own security evaluations before downloading, installing, or using any plugin. By using these plugins, you acknowledge and accept any risks associated with their use. We disclaim any liability for any harm or damages arising from the use of the plugins listed.

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Get started View pricing
Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events
  8. Migration Services
  9. Comparisons

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at scale
  4. Monorepo mojo
  5. Bazel orchestration

Legal

  1. Terms of Service
  2. Acceptable Use Policy
  3. Privacy Policy
  4. Subprocessors
  5. Service Level Agreement

Support

  1. System status
  2. Forum
© Buildkite Pty Ltd 2025