⚙️ Configuration

Current:
  1. Go to GitLab.com → click your avatar → Preferences
  2. Sidebar → Access Tokens
  3. Click Add new token
  4. Name it secret-rotator
  5. Expiration: No expiration (or set far future)
  6. Select scopes: read_api, write_repository, api
  7. Click Create personal access token
  8. Copy the token (starts with glpat-) and paste it above
  1. Go to console.cloud.google.com
  2. At the top, click the project dropdown
  3. Click New Project or select an existing one
  4. Find your Project ID in the project info card
  5. Or run: gcloud projects list in your terminal
  6. Paste the Project ID above
The GitLab project path you scan most often

🔔 Notification Channels

Get alerted when secrets are found. Supports Slack webhooks and Discord webhooks.

Choose your channel type above, then follow the guide:

Slack:
  1. Go to api.slack.com/appsCreate New App
  2. Choose From scratch, name it, pick your workspace
  3. Sidebar → Incoming Webhooks
  4. Toggle Activate Incoming Webhooks to On
  5. Click Add New Webhook to Workspace
  6. Select a channel and click Allow
  7. Copy the Webhook URL and paste it above
TypeURLNotify On
No notification channels configured.

🔐 Encryption

Token encryption: No (tokens stored as-is)

Set ENCRYPTION_KEY environment variable to encrypt stored tokens. Generate one with: python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"