Adding okta, codecov, zendesk, and updating Atlassian's rule to include `jira` keyword (#904)

* okta

* adding codecov

* add jira to atlassians keywords

* adding zendesk

cmd/generate/config/main.go

@@ -33,6 +33,7 @@ func main() {
 	configRules = append(configRules, rules.BittrexAccessKey())
 	configRules = append(configRules, rules.BittrexSecretKey())
 	configRules = append(configRules, rules.Beamer())
+	configRules = append(configRules, rules.CodecovAccessToken())
 	configRules = append(configRules, rules.CoinbaseAccessToken())
 	configRules = append(configRules, rules.Clojars())
 	configRules = append(configRules, rules.ConfluentAccessToken())
@@ -102,6 +103,7 @@ func main() {
 	configRules = append(configRules, rules.NewRelicBrowserAPIKey())
 	configRules = append(configRules, rules.NPM())
 	configRules = append(configRules, rules.NytimesAccessToken())
+	configRules = append(configRules, rules.OktaAccessToken())
 	configRules = append(configRules, rules.PlaidAccessID())
 	configRules = append(configRules, rules.PlaidSecretKey())
 	configRules = append(configRules, rules.PlaidAccessToken())
@@ -142,6 +144,7 @@ func main() {
 	configRules = append(configRules, rules.YandexAPIKey())
 	configRules = append(configRules, rules.YandexAWSAccessToken())
 	configRules = append(configRules, rules.YandexAccessToken())
+	configRules = append(configRules, rules.ZendeskSecretKey())
 	configRules = append(configRules, rules.GenericCredential())
 
 	// ensure rules have unique ids

cmd/generate/config/rules/atlassian.go

@@ -10,9 +10,10 @@ func Atlassian() *config.Rule {
 	r := config.Rule{
 		Description: "Atlassian API token",
 		RuleID:      "atlassian-api-token",
-		Regex:       generateSemiGenericRegex([]string{"atlassian", "confluence"}, alphaNumeric("24")),
+		Regex: generateSemiGenericRegex([]string{
+			"atlassian", "confluence", "jira"}, alphaNumeric("24")),
 		SecretGroup: 1,
-		Keywords:    []string{"atlassian", "confluence"},
+		Keywords:    []string{"atlassian", "confluence", "jira"},
 	}
 
 	// validate

cmd/generate/config/rules/codecov.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func CodecovAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "codecov-access-token",
+		Description: "Codecov Access Token",
+		Regex:       generateSemiGenericRegex([]string{"codecov"}, alphaNumeric("32")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"codecov",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("codecov", secrets.NewSecret(alphaNumeric("32"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/okta.go

@@ -0,0 +1,26 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func OktaAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "okta-access-token",
+		Description: "Okta Access Token",
+		Regex: generateSemiGenericRegex([]string{"okta"},
+			alphaNumericExtended("42")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"okta",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("okta", secrets.NewSecret(alphaNumeric("42"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/zendesk.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func ZendeskSecretKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "zendesk-secret-key",
+		Description: "Zendesk Secret Key",
+		Regex:       generateSemiGenericRegex([]string{"zendesk"}, alphaNumeric("40")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"zendesk",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("zendesk", secrets.NewSecret(alphaNumeric("40"))),
+	}
+	return validate(r, tps, nil)
+}

config/gitleaks.toml

@@ -109,10 +109,10 @@ keywords = [
 [[rules]]
 description = "Atlassian API token"
 id = "atlassian-api-token"
-regex = '''(?i)(?:atlassian|confluence)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60]|$)'''
+regex = '''(?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60]|$)'''
 secretGroup = 1
 keywords = [
-    "atlassian","confluence",
+    "atlassian","confluence","jira",
 ]
 
 [[rules]]
@@ -168,6 +168,15 @@ keywords = [
     "beamer",
 ]
 
+[[rules]]
+description = "Codecov Access Token"
+id = "codecov-access-token"
+regex = '''(?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "codecov",
+]
+
 [[rules]]
 description = "Coinbase Access Token"
 id = "coinbase-access-token"
@@ -751,6 +760,15 @@ keywords = [
     "nytimes","new-york-times","newyorktimes",
 ]
 
+[[rules]]
+description = "Okta Access Token"
+id = "okta-access-token"
+regex = '''(?i)(?:okta)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "okta",
+]
+
 [[rules]]
 description = "Plaid Client ID"
 id = "plaid-client-id"
@@ -1100,6 +1118,15 @@ keywords = [
     "yandex",
 ]
 
+[[rules]]
+description = "Zendesk Secret Key"
+id = "zendesk-secret-key"
+regex = '''(?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "zendesk",
+]
+
 [[rules]]
 description = "Generic API Key"
 id = "generic-api-key"