#1997 updating contributing guide regarding the detection of secrets

Author: allmightyspiff

CONTRIBUTING.md

@@ -154,3 +154,27 @@ When doing testing of a code change, indicate this with a comment on the pull re
 
 :heavy_check: `slcli vs list --new-feature` 
 :x: `slcli vs list --broken-feature`
+
+
+### Secret Checking
+This repo uses [IBM Detect-Secrets](https://github.com/IBM/detect-secrets) to prevent secrets from being committed to the codebase. If your commit is rejected because of a secret make sure to remove the secret and try again. If you need to mark the secret as a false positive to the following:
+
+```
+detect-secrets scan --update .secrets.baseline
+git add .secrets.baseline
+```
+
+The first time you commit code, you may need to install detect-secrets, but hopefully that should be taken care of you by the git precommit hook.
+
+```
+$> git commit --message="#1997 adding secret baseline"
+[INFO] Initializing environment for https://github.com/ibm/detect-secrets.
+[INFO] Installing environment for https://github.com/ibm/detect-secrets.
+[INFO] Once installed this environment will be reused.
+[INFO] This may take a few minutes...
+Detect secrets...........................................................Passed
+[issues1997 11d3dcb5] #1997 adding secret baseline
+ 2 files changed, 791 insertions(+)
+ create mode 100644 .pre-commit-config.yaml
+ create mode 100644 .secrets.baseline
+```