zricethezav 8 лет назад
Родитель
Сommit
ce44961e6e
2 измененных файлов с 42 добавлено и 24 удалено
  1. 38 2
      README.md
  2. 4 22
      options.go

+ 38 - 2
README.md

@@ -28,8 +28,8 @@ Options:
  -l --local             Local mode, gitleaks will look for local repo in <path>
  -t --temp              Clone to temporary directory
  -v --verbose           Verbose mode, will output leaks as gitleaks finds them
- --report_path=<STR>    Report output, default $GITLEAKS_HOME/report
- --clone_path=<STR>     Gitleaks will clone repos here, default $GITLEAKS_HOME/clones
+ --report-path=<STR>    Save report to path, gitleaks default behavior is to save report to pwd
+ --clone-path=<STR>     Gitleaks will clone repos here, default pwd
  --concurrency=<INT>    Upper bound on concurrent diffs
  --since=<STR>          Commit to stop at
  --b64Entropy=<INT>     Base64 entropy cutoff (default is 70)
@@ -40,6 +40,42 @@ Options:
  --stopwords            Enables stopwords
 ```
 
+#### Exit Codes 
+Use these codes to hook gitleaks into whatever pipeline you're running
+| code | explanation |
+| ------------- | ------------- |
+| 0 | Gitleaks succeeded with no leaks |
+| 1 | Gitleaks failed or wasn't attempted due to execution failure |
+| 2 | Gitleaks succeeded and leaks were present during the audit |
+
+#### Examples
+```bash
+gitleaks
+```
+Run audit on current working directory if `.git` is present |
+
+```bash
+gitleaks https://github.com/some/repo
+```
+Run audit on `github.com/some/repo.git` and clone repo to 
+
+```bash
+gitleaks --clone-path=$HOME/Desktop/audits https://github.com/some/repo
+```
+Run audit on `github.com/some/repo.git` and clone repo to $HOME/Desktop/audits 
+
+```bash
+gitleaks --temp https://github.com/some/repo
+```
+Run audit on `github.com/some/repo.git` and clone repo to $TMPDIR (this will remove repos after audit is complete)
+
+```bash
+gitleaks --temp -u https://github.com/some-user
+```
+Run audit on all of `some-user`'s repos. Again, `--temp` flag will clone all repos into $TMPDIR after be removed after audit 
+
+
+
 
 ### If you find a valid leak in a repo
 Please read the [Github article on removing sensitive data from a repository](https://help.github.com/articles/removing-sensitive-data-from-a-repository/) to remove the sensitive information from your history.

+ 4 - 22
options.go

@@ -13,21 +13,13 @@ const usage = `
 usage: gitleaks [options] <URL>/<path_to_repo>
 
 Options:
-Modes
  -u --user 		Git user mode
  -r --repo 		Git repo mode
  -o --org 		Git organization mode
  -l --local 		Local mode, gitleaks will look for local repo in <path>
-
-Logging
- -ll <INT> --log=<INT> 	0: Debug, 1: Info, 3: Error
  -v --verbose 		Verbose mode, will output leaks as gitleaks finds them
-
-Locations
- --report_path=<STR> 	Report output, default $GITLEAKS_HOME/report
- --clone_path=<STR>	Gitleaks will clone repos here, default $GITLEAKS_HOME/clones
-
-Other
+ --report-path=<STR> 	Report output, default $GITLEAKS_HOME/report
+ --clone-path=<STR>	Gitleaks will clone repos here, default $GITLEAKS_HOME/clones
  -t --temp 		Clone to temporary directory
  --concurrency=<INT> 	Upper bound on concurrent diffs
  --since=<STR> 		Commit to stop at
@@ -37,7 +29,6 @@ Other
  -h --help 		Display this message
  --token=<STR>    	Github API token
  --stopwords  		Enables stopwords
- --pretty 		Enables pretty printing for humans, otherwise you'll get logs'
 
 `
 
@@ -46,29 +37,20 @@ Other
 type Options struct {
 	URL      string
 	RepoPath string
-
 	ReportPath string
 	ClonePath  string
-
 	Concurrency      int
 	B64EntropyCutoff int
 	HexEntropyCutoff int
-
-	// MODES
 	UserMode  bool
 	OrgMode   bool
 	RepoMode  bool
 	LocalMode bool
-
-	// OPTS
 	Strict       bool
 	Entropy      bool
 	SinceCommit  string
 	Tmp          bool
 	Token        string
-
-	// LOGS/REPORT
-	LogLevel int
 	Verbose  bool
 }
 
@@ -162,8 +144,6 @@ func (opts *Options) parseOptions(args []string) error {
 			opts.Strict = true
 		case "-e", "--entropy":
 			opts.Entropy = true
-		case "-c":
-			opts.Concurrency = opts.nextInt(args, &i)
 		case "-o", "--org":
 			opts.OrgMode = true
 		case "-u", "--user":
@@ -192,6 +172,8 @@ func (opts *Options) parseOptions(args []string) error {
 				opts.B64EntropyCutoff = value
 			} else if match, value := opts.optInt(arg, "--hexEntropy="); match {
 				opts.HexEntropyCutoff = value
+			} else if match, value := opts.optInt(arg, "--concurrency="); match {
+				opts.Concurrency = value
 			} else if i == len(args)-1 {
 				fmt.Println(args[i])
 				if opts.LocalMode {