LBP
/
gitleaks
mirror of https://github.com/gitleaks/gitleaks.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158
							package detect

import (
	"fmt"
	"os"
	"path/filepath"
	"testing"

	"github.com/spf13/viper"
	"github.com/stretchr/testify/assert"

	"github.com/zricethezav/gitleaks/v8/config"
	"github.com/zricethezav/gitleaks/v8/git"
	"github.com/zricethezav/gitleaks/v8/report"
)

const repoBasePath = "../testdata/repos/"
const expectPath = "../testdata/expected/"
const configPath = "../testdata/config/"

// TestFromGit tests the FromGit function
func TestFromGit(t *testing.T) {
	tests := []struct {
		cfgName          string
		opts             Options
		source           string
		logOpts          string
		expected         string
		expectedFindings []*report.Finding
	}{
		{
			source:   filepath.Join(repoBasePath, "small"),
			expected: filepath.Join(expectPath, "git", "small.txt"),
			cfgName:  "simple",
			expectedFindings: []*report.Finding{
				{
					Description: "AWS Access Key",
					StartLine:   20,
					EndLine:     20,
					StartColumn: 19,
					EndColumn:   38,
					Secret:      "AKIALALEMEL33243OLIA",
					File:        "main.go",
					// Line:        "\tawsToken := \"AKIALALEMEL33243OLIA\"",
					Commit:  "1b6da43b82b22e4eaa10bcf8ee591e91abbfc587",
					Author:  "Zachary Rice",
					Email:   "zricer@protonmail.com",
					Message: "Accidentally add a secret",
					RuleID:  "aws-access-key",
					Tags:    []string{"key", "AWS"},
				},
				{
					Description: "AWS Access Key",
					StartLine:   9,
					EndLine:     9,
					StartColumn: 17,
					EndColumn:   36,
					Secret:      "AKIALALEMEL33243OLIA",
					File:        "foo/foo.go",
					// Line:        "\taws_token := \"AKIALALEMEL33243OLIA\"",
					Commit:  "491504d5a31946ce75e22554cc34203d8e5ff3ca",
					Author:  "Zach Rice",
					Email:   "zricer@protonmail.com",
					Message: "adding foo package with secret",
					RuleID:  "aws-access-key",
					Tags:    []string{"key", "AWS"},
				},
			},
		},
		{
			source:   filepath.Join(repoBasePath, "small"),
			expected: filepath.Join(expectPath, "git", "small-branch-foo.txt"),
			logOpts:  "--all foo...",
			cfgName:  "simple",
			expectedFindings: []*report.Finding{
				{
					Description: "AWS Access Key",
					StartLine:   9,
					EndLine:     9,
					StartColumn: 17,
					EndColumn:   36,
					Secret:      "AKIALALEMEL33243OLIA",
					// Line:        "\taws_token := \"AKIALALEMEL33243OLIA\"",
					File:    "foo/foo.go",
					Commit:  "491504d5a31946ce75e22554cc34203d8e5ff3ca",
					Author:  "Zach Rice",
					Email:   "zricer@protonmail.com",
					Message: "adding foo package with secret",
					RuleID:  "aws-access-key",
					Tags:    []string{"key", "AWS"},
				},
			},
		},
	}

	err := moveDotGit("dotGit", ".git")
	if err != nil {
		t.Fatal(err)
	}
	defer moveDotGit(".git", "dotGit")

	for _, tt := range tests {
		files, err := git.GitLog(tt.source, tt.logOpts)
		if err != nil {
			t.Error(err)
		}

		viper.AddConfigPath(configPath)
		viper.SetConfigName("simple")
		viper.SetConfigType("toml")
		err = viper.ReadInConfig()
		if err != nil {
			t.Error(err)
		}

		var vc config.ViperConfig
		viper.Unmarshal(&vc)
		cfg, _ := vc.Translate()

		findings := FromGit(files, cfg, tt.opts)
		for _, f := range findings {
			f.Context = "" // remove lines cause copying and pasting them has some wack formatting
			f.Date = ""
		}
		assert.ElementsMatch(t, tt.expectedFindings, findings)
	}
}

func moveDotGit(from, to string) error {
	repoDirs, err := os.ReadDir("../testdata/repos")
	if err != nil {
		return err
	}
	for _, dir := range repoDirs {
		if to == ".git" {
			_, err := os.Stat(fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), "dotGit"))
			if os.IsNotExist(err) {
				// dont want to delete the only copy of .git accidentally
				continue
			}
			os.RemoveAll(fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), ".git"))
		}
		if !dir.IsDir() {
			continue
		}
		_, err := os.Stat(fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), from))
		if os.IsNotExist(err) {
			continue
		}

		err = os.Rename(fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), from),
			fmt.Sprintf("%s/%s/%s", repoBasePath, dir.Name(), to))
		if err != nil {
			return err
		}
	}
	return nil
}