[progress] stricter regex, tests

checks.go

@@ -1,26 +1,28 @@
 package main
 
 import (
-	"bytes"
 	_ "fmt"
-	"regexp"
+	"strings"
 )
 
-func checkRegex(diff []byte) {
-	var re *regexp.Regexp
-	var found string
-	lines := bytes.Split(diff, []byte("\n"))
+func checkRegex(diff string) ([]string, bool) {
+	var match string
+	var results []string
+	secretsPresent := false
+	lines := strings.Split(diff, "\n")
 	for _, line := range lines {
 		if len(line) == 0 {
 			continue
 		}
 
-		for _, v := range regexes {
-			re = regexp.MustCompile(v)
-			found = re.FindString(string(line))
-			if len(found) == 0 {
+		for _, re := range regexes {
+			match = re.FindString(line)
+			if len(match) == 0 {
 				continue
 			}
+			secretsPresent = true
+			results = append(results, line)
 		}
 	}
+	return results, secretsPresent
 }

checks_test.go

@@ -0,0 +1,21 @@
+package main
+
+import (
+	"testing"
+)
+
+func TestCheckRegex(t *testing.T) {
+	var secretsPresent bool
+	checks := map[string]bool{
+		"github.com":                         false,
+		"github.com/user/":                   false,
+		"github_api_client = \"sample key\"": true,
+	}
+
+	for k, v := range checks {
+		_, secretsPresent = checkRegex(k)
+		if v != secretsPresent {
+			t.Errorf("regexCheck failed on string %s. Expected secretsPresent: %t, got %t", k, v, secretsPresent)
+		}
+	}
+}

main.go

@@ -6,6 +6,7 @@ import (
 	"log"
 	"os"
 	"os/exec"
+	"regexp"
 	"strings"
 )
 
@@ -21,20 +22,19 @@ type Repo struct {
 // memoization for commit1+commit2 hash
 var cache map[string]bool
 var appRoot string
-var regexes map[string]string
-var strictRegexes map[string]string
+var regexes map[string]*regexp.Regexp
 
 func init() {
 	appRoot, _ = os.Getwd()
 	cache = make(map[string]bool)
-	regexes = map[string]string{
-		"github":   "[g|G][i|I][t|T][h|H][u|U][b|B].*",
-		"aws":      "[a|A][w|W][s|S].*",
-		"heroku":   "[h|H][e|E][r|R][o|O][k|K][u|U].*",
-		"facebook": "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*",
-		"twitter":  "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*",
-		"reddit":   "[r|R][e|E][d|D][d|D][i|I][t|T].*",
-		"twilio":   "[t|T][w|W][i|I][l|L][i|I][o|O].*",
+	regexes = map[string]*regexp.Regexp{
+		"github":   regexp.MustCompile(`[g|G][i|I][t|T][h|H][u|U][b|B].+[=|:=|:|<-].*\w+.*`),
+		"aws":      regexp.MustCompile(`[a|A][w|W][s|S].+[=|:=|:|<-].*\w+.*`),
+		"heroku":   regexp.MustCompile(`[h|H][e|E][r|R][o|O][k|K][u|U].+[=|:=|:|<-].*\w+.*`),
+		"facebook": regexp.MustCompile(`[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].+[=|:=|:|<-].*\w+.*`),
+		"twitter":  regexp.MustCompile(`[t|T][w|W][i|I][t|T][t|T][e|E][r|R].+[=|:=|:|<-].*\w+.*`),
+		"reddit":   regexp.MustCompile(`[r|R][e|E][d|D][d|D][i|I][t|T].+[=|:=|:|<-].*\w+.*`),
+		"twilio":   regexp.MustCompile(`[t|T][w|W][i|I][l|L][i|I][o|O].+[=|:=|:|<-].*\w+.*`),
 	}
 }
 
@@ -123,5 +123,5 @@ func diff(commit1 string, commit2 string) {
 		log.Fatalf("error retrieving commits %v\n", err)
 	}
 	cache[commit1+commit2] = true
-	checkRegex(out)
+	checkRegex(string(out))
 }