rm some silly logic, better comments

checks_test.go

@@ -1,10 +1,10 @@
 package main
 
 import (
-	"testing"
-	"os"
 	"bufio"
 	"fmt"
+	"os"
+	"testing"
 )
 
 func TestCheckRegex(t *testing.T) {
@@ -50,7 +50,7 @@ func TestExternalRegex(t *testing.T) {
 	opts.RegexFile = "testregex.txt"
 	opts.loadExternalRegex()
 	leaks := doChecks("aws=\"AKIALALEMEL33243OLIAE",
-		Commit{}, &Repo{url:"someurl"})
+		Commit{}, &Repo{url: "someurl"})
 	if len(leaks) != 2 {
 		// leak from default regex, leak from external
 		t.Error()

main.go

@@ -1,7 +1,6 @@
 package main
 
 import (
-	"fmt"
 	"os"
 	"regexp"
 )
@@ -34,8 +33,6 @@ func init() {
 	stopWords = []string{"setting", "info", "env", "environment"}
 	fileDiffRegex = regexp.MustCompile("diff --git a.+b/")
 	assignRegex = regexp.MustCompile(`(=|:|:=|<-)`)
-
-	// TODO Externalize regex... this is tricky making it yml compliant
 	regexes = map[string]*regexp.Regexp{
 		"PKCS8":    regexp.MustCompile("-----BEGIN PRIVATE KEY-----"),
 		"RSA":      regexp.MustCompile("-----BEGIN RSA PRIVATE KEY-----"),
@@ -56,8 +53,3 @@ func main() {
 	owner := newOwner()
 	os.Exit(owner.auditRepos())
 }
-
-func failF(format string, args ...interface{}) {
-	fmt.Fprintf(os.Stderr, format, args...)
-	os.Exit(ExitFailure)
-}

options.go

@@ -1,13 +1,13 @@
 package main
 
 import (
+	"bufio"
 	"fmt"
 	"os"
 	"path/filepath"
 	"regexp"
 	"strconv"
 	"strings"
-	"bufio"
 )
 
 const usage = `
@@ -22,7 +22,7 @@ Options:
  --report-path=<STR> 	Report output, default $GITLEAKS_HOME/report
  --clone-path=<STR>	Gitleaks will clone repos here, default $GITLEAKS_HOME/clones
  -t --temp 		Clone to temporary directory
- --concurrency=<INT> 	Upper bound on concurrent diffs
+ --concurrency=<INT> 	Upper bound on concurrent "git diff"
  --since=<STR> 		Commit to stop at
  --b64Entropy=<INT> 	Base64 entropy cutoff (default is 70)
  --hexEntropy=<INT>  	Hex entropy cutoff (default is 40)
@@ -33,27 +33,26 @@ Options:
 
 `
 
-// Options for gitleaks. need to support remote repo/owner
-// and local repo/owner mode
+// Options for gitleaks
 type Options struct {
-	URL      string
-	RepoPath string
-	ReportPath string
-	ClonePath  string
+	URL              string
+	RepoPath         string
+	ReportPath       string
+	ClonePath        string
 	Concurrency      int
 	B64EntropyCutoff int
 	HexEntropyCutoff int
-	UserMode  bool
-	OrgMode   bool
-	RepoMode  bool
-	LocalMode bool
-	Strict       bool
-	Entropy      bool
-	SinceCommit  string
-	Tmp          bool
-	Token        string
-	Verbose  bool
-	RegexFile string
+	UserMode         bool
+	OrgMode          bool
+	RepoMode         bool
+	LocalMode        bool
+	Strict           bool
+	Entropy          bool
+	SinceCommit      string
+	Tmp              bool
+	Token            string
+	Verbose          bool
+	RegexFile        string
 }
 
 // help prints the usage string and exits
@@ -122,7 +121,7 @@ func newOpts(args []string) *Options {
 	return opts
 }
 
-// deafultOptions provides the default options
+// deafultOptions provides the default options used by newOpts
 func defaultOptions() (*Options, error) {
 	return &Options{
 		Concurrency:      10,
@@ -131,9 +130,8 @@ func defaultOptions() (*Options, error) {
 	}, nil
 }
 
-// parseOptions
+// parseOptions will parse options supplied by the user.
 func (opts *Options) parseOptions(args []string) error {
-
 	if len(args) == 0 {
 		opts.LocalMode = true
 		opts.RepoPath, _ = os.Getwd()
@@ -208,7 +206,7 @@ func (opts *Options) parseOptions(args []string) error {
 		if opts.URL != "" {
 			opts.RepoMode = true
 			err := opts.guards()
-			if err != nil{
+			if err != nil {
 				return err
 			}
 			return nil
@@ -228,13 +226,13 @@ func (opts *Options) parseOptions(args []string) error {
 	}
 
 	err := opts.guards()
-	if err != nil{
+	if err != nil {
 		return err
 	}
 	return err
 }
 
-// loadExternalRegex
+// loadExternalRegex loads regexes from a text file if available.
 func (opts *Options) loadExternalRegex() error {
 	file, err := os.Open(opts.RegexFile)
 	if err != nil {

owner.go

@@ -14,7 +14,11 @@ import (
 	"strings"
 )
 
-// Owner blah blah
+// Owner represents the owner of a repo or group of repos.
+// Owners can fall under three categories depending on how
+// Gitleaks is ran; ambiguous, user, or organization.
+// An ambiguous implies that gitleaks is running on a single
+// repo from github or locally.
 type Owner struct {
 	name        string
 	url         string
@@ -54,7 +58,7 @@ func newOwner() *Owner {
 	name := ownerName()
 	ownerPath, err := ownerPath(name)
 	if err != nil {
-		failF("%v", err)
+		log.Fatal(err)
 	}
 	owner := &Owner{
 		name:        name,
@@ -77,16 +81,9 @@ func newOwner() *Owner {
 		os.Exit(ExitFailure)
 	}()
 
-	// if running on local repo, just go right to it.
-	if opts.LocalMode {
-		repo := newLocalRepo(opts.RepoPath)
-		owner.repos = append(owner.repos, *repo)
-		return owner
-	}
-
 	err = owner.fetchRepos()
 	if err != nil {
-		owner.failF("%v", err)
+		log.Fatal(err)
 	}
 	return owner
 }
@@ -98,6 +95,15 @@ func newOwner() *Owner {
 func (owner *Owner) fetchRepos() error {
 	var err error
 	ctx := context.Background()
+
+	// local mode, single repo, ambiguous account type
+	if opts.LocalMode {
+		_, repoName := path.Split(opts.RepoPath)
+		repo := newRepo(repoName, "", opts.RepoPath)
+		owner.repos = append(owner.repos, *repo)
+		return nil
+	}
+
 	if owner.accountType == "" {
 		// single repo, ambiguous account type
 		_, repoName := path.Split(opts.URL)
@@ -200,7 +206,7 @@ func (owner *Owner) auditRepos() int {
 	for _, repo := range owner.repos {
 		leaksPst, err := repo.audit()
 		if err != nil {
-			failF("%v", err)
+			log.Fatal(err)
 		}
 		if leaksPst {
 			exitCode = ExitLeaks
@@ -212,13 +218,6 @@ func (owner *Owner) auditRepos() int {
 	return exitCode
 }
 
-// failF prints a failure message out to stderr
-// and exits with a exit code 2
-func (owner *Owner) failF(format string, args ...interface{}) {
-	fmt.Fprintf(os.Stderr, format, args...)
-	os.Exit(ExitFailure)
-}
-
 // rmTmp removes the owner's temporary repo. rmTmp will only get called if temporary
 // mode is set. rmTmp is called on a SIGINT and after the audits have finished
 func (owner *Owner) rmTmp() {

owner_test.go

@@ -1,8 +1,8 @@
 package main
 
 import (
-	"testing"
 	"os"
+	"testing"
 )
 
 func TestOwnerPath(t *testing.T) {

repo.go

@@ -8,12 +8,11 @@ import (
 	"log"
 	"os"
 	"os/exec"
-	"path"
 	"path/filepath"
 	"sync"
 )
 
-// Repo is
+// Repo represents a git repo
 type Repo struct {
 	name       string
 	url        string
@@ -23,7 +22,7 @@ type Repo struct {
 	reportPath string
 }
 
-// Leak is
+// Leak struct for reporting
 type Leak struct {
 	Line     string `json:"line"`
 	Commit   string `json:"commit"`
@@ -36,7 +35,7 @@ type Leak struct {
 	RepoURL  string `json:"repoURL"`
 }
 
-// Commit is
+// Commit represents a git commit
 type Commit struct {
 	Hash   string
 	Author string
@@ -44,19 +43,7 @@ type Commit struct {
 	Msg    string
 }
 
-// newLocalRepo will such and such
-func newLocalRepo(repoPath string) *Repo {
-	_, name := path.Split(repoPath)
-	repo := &Repo{
-		name:       name,
-		path:       repoPath,
-		reportPath: opts.ReportPath,
-	}
-	return repo
-
-}
-
-// newRepo
+// newRepo creates a new repo based on name, url, and a clone path
 func newRepo(name string, url string, path string) *Repo {
 	repo := &Repo{
 		name:       name,
@@ -67,7 +54,7 @@ func newRepo(name string, url string, path string) *Repo {
 	return repo
 }
 
-// rmTmp
+// rmTmp removes the temporary directory: repo.path
 func (repo *Repo) rmTmp() {
 	log.Printf("removing tmp gitleaks repo %s\n", repo.path)
 	os.Remove(repo.path)
@@ -212,14 +199,13 @@ func parseRevList(revList [][]byte) []Commit {
 	return commits
 }
 
-// reportAggregator is a go func responsible for ...
+// reportAggregator is will consume Leak messages from the gitLeaks channel and report them
 func reportAggregator(gitLeakReceiverWG *sync.WaitGroup, gitLeaks chan Leak, leaks *[]Leak) {
 	for gitLeak := range gitLeaks {
 		*leaks = append(*leaks, gitLeak)
 		if opts.Verbose {
 			b, err := json.MarshalIndent(gitLeak, "", "   ")
 			if err != nil {
-				// handle this?
 				fmt.Printf("failed to output leak: %v", err)
 			}
 			fmt.Println(string(b))
@@ -238,8 +224,7 @@ func auditDiff(currCommit Commit, repo *Repo, commitWG *sync.WaitGroup,
 	defer commitWG.Done()
 
 	if err := os.Chdir(fmt.Sprintf(repo.path)); err != nil {
-		// TODO handle this better
-		os.Exit(ExitFailure)
+		log.Fatalf("unable to navigate to %s", repo.path)
 	}
 
 	commitCmp := fmt.Sprintf("%s^!", currCommit.Hash)
@@ -248,7 +233,7 @@ func auditDiff(currCommit Commit, repo *Repo, commitWG *sync.WaitGroup,
 	<-semaphoreChan
 
 	if err != nil {
-		os.Exit(ExitFailure)
+		log.Fatalf("unable to diff for %s: %v", currCommit.Hash, err)
 	}
 
 	leaks := doChecks(string(out), currCommit, repo)

repo_test.go

@@ -5,13 +5,16 @@ import (
 	"testing"
 )
 
-func TestNewLocalRepo(t *testing.T) {
-	r := newLocalRepo("")
-	if r.path != "" {
+func TestNewRepo(t *testing.T) {
+	// local mode
+	r := newRepo("repo", "", "some/repo")
+	if r.name != "repo" || r.path != "some/repo" {
 		t.Error()
 	}
-	r = newLocalRepo("some/path")
-	if r.name != "path" || r.path != "some/path" {
+
+	// repo/owner mode
+	r = newRepo("repo", "github.com/owner/repo", "some/repo")
+	if r.name != "repo" || r.path != "some/repo" {
 		t.Error()
 	}
 }