Inicio Explorar Axuda
Iniciar sesión
LBP
/
gitleaks
réplica de https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

refactor(allowlist): use iota for condition (#1569)

Richard Gomez hai 1 ano
pai
12034a71c5
achega
5c03fa4a3e
Modificáronse 4 ficheiros con 22 adicións e 15 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      cmd/generate/config/rules/config.tmpl
  2. 10 3
      config/allowlist.go
  3. 9 9
      config/config_test.go
  4. 2 2
      detect/detect.go

+ 1 - 1
cmd/generate/config/rules/config.tmpl
Ver ficheiro 

@@ -71,7 +71,7 @@ tags = [
 
 {{ else }}
 
 {{ with $rule.Allowlists }}{{ range $i, $allowlist := . }}{{ if or $allowlist.Regexes $allowlist.Paths $allowlist.Commits $allowlist.StopWords }}
 
 [[rules.allowlists]]
 
-{{ with $allowlist.MatchCondition }}condition = "{{ . }}"
 
+{{ with $allowlist.MatchCondition }}condition = "{{ .String }}"
 
 {{ end -}}
 
 {{- with $allowlist.Commits }}commits = [
 
     {{ range $j, $commit := . }}"{{ $commit }}",{{ end }}

+ 10 - 3
config/allowlist.go
Ver ficheiro 

@@ -6,13 +6,20 @@ import (
 
 	"strings"
 
 )
 
 
-type AllowlistMatchCondition string
 
+type AllowlistMatchCondition int
 
 
 const (
 
-	AllowlistMatchOr  AllowlistMatchCondition = "OR"
 
-	AllowlistMatchAnd                         = "AND"
 
+	AllowlistMatchOr AllowlistMatchCondition = iota
 
+	AllowlistMatchAnd
 
 )
 
 
+func (a AllowlistMatchCondition) String() string {
 
+	return [...]string{
 
+		"OR",
 
+		"AND",
 
+	}[a]
 
+}
 
+
 
 // Allowlist allows a rule to be ignored for specific
 
 // regexes, paths, and/or commits
 
 type Allowlist struct {

+ 9 - 9
config/config_test.go
Ver ficheiro 

@@ -34,7 +34,7 @@ func TestTranslate(t *testing.T) {
 
 					Keywords: []string{},
 
 					Allowlists: []Allowlist{
 
 						{
 
-							MatchCondition: "OR",
 
+							MatchCondition: AllowlistMatchOr,
 
 							Regexes:        []*regexp.Regexp{regexp.MustCompile("123")},
 
 						},
 
 					},
 
@@ -68,7 +68,7 @@ func TestTranslate(t *testing.T) {
 
 					Tags:        []string{"key", "AWS"},
 
 					Allowlists: []Allowlist{
 
 						{
 
-							MatchCondition: "OR",
 
+							MatchCondition: AllowlistMatchOr,
 
 							Regexes:        []*regexp.Regexp{regexp.MustCompile("AKIALALEMEL33243OLIA")},
 
 						},
 
 					},
 
@@ -87,7 +87,7 @@ func TestTranslate(t *testing.T) {
 
 					Tags:        []string{"key", "AWS"},
 
 					Allowlists: []Allowlist{
 
 						{
 
-							MatchCondition: "OR",
 
+							MatchCondition: AllowlistMatchOr,
 
 							Commits:        []string{"allowthiscommit"},
 
 						},
 
 					},
 
@@ -106,7 +106,7 @@ func TestTranslate(t *testing.T) {
 
 					Tags:        []string{"key", "AWS"},
 
 					Allowlists: []Allowlist{
 
 						{
 
-							MatchCondition: "OR",
 
+							MatchCondition: AllowlistMatchOr,
 
 							Paths:          []*regexp.Regexp{regexp.MustCompile(".go")},
 
 						},
 
 					},
 
@@ -184,11 +184,11 @@ func TestTranslate(t *testing.T) {
 
 						Tags:        []string{"key", "AWS"},
 
 						Allowlists: []Allowlist{
 
 							{
 
-								MatchCondition: "OR",
 
+								MatchCondition: AllowlistMatchOr,
 
 								StopWords:      []string{"fake"},
 
 							},
 
 							{
 
-								MatchCondition: "OR",
 
+								MatchCondition: AllowlistMatchOr,
 
 								Commits:        []string{"abcdefg1"},
 
 								Paths:          []*regexp.Regexp{regexp.MustCompile(`ignore\.xaml`)},
 
 								Regexes:        []*regexp.Regexp{regexp.MustCompile(`foo.+bar`)},
 
@@ -212,11 +212,11 @@ func TestTranslate(t *testing.T) {
 
 						Tags:        []string{"key", "AWS"},
 
 						Allowlists: []Allowlist{
 
 							{
 
-								MatchCondition: "OR",
 
+								MatchCondition: AllowlistMatchOr,
 
 								StopWords:      []string{"fake"},
 
 							},
 
 							{
 
-								MatchCondition: "AND",
 
+								MatchCondition: AllowlistMatchAnd,
 
 								Commits:        []string{"abcdefg1"},
 
 								Paths:          []*regexp.Regexp{regexp.MustCompile(`ignore\.xaml`)},
 
 								Regexes:        []*regexp.Regexp{regexp.MustCompile(`foo.+bar`)},
 
@@ -240,7 +240,7 @@ func TestTranslate(t *testing.T) {
 
 						Tags:        []string{"key", "AWS"},
 
 						Allowlists: []Allowlist{
 
 							{
 
-								MatchCondition: "OR",
 
+								MatchCondition: AllowlistMatchOr,
 
 								Paths:          []*regexp.Regexp{regexp.MustCompile(`something.py`)},
 
 							},
 
 						},

+ 2 - 2
detect/detect.go
Ver ficheiro 

@@ -282,7 +282,7 @@ func (d *Detector) detectRule(fragment Fragment, currentRaw string, rule config.
 
 		}
 
 		if isAllowed {
 
 			logger.Trace().
 
-				Str("condition", string(a.MatchCondition)).
 
+				Str("condition", a.MatchCondition.String()).
 
 				Bool("commit-allowed", commitAllowed).
 
 				Bool("path-allowed", commitAllowed).
 
 				Msg("Skipping fragment due to rule allowlist")
 
@@ -474,7 +474,7 @@ MatchLoop:
 
 			if isAllowed {
 
 				logger.Trace().
 
 					Str("finding", finding.Secret).
 
-					Str("condition", string(a.MatchCondition)).
 
+					Str("condition", a.MatchCondition.String()).
 
 					Bool("regex-allowed", regexAllowed).
 
 					Bool("contains-stopword", containsStopword).
 
 					Msg("Skipping finding due to rule allowlist")