Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
LBP
/
gitleaks
zrkadlo https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Súbory Issues 0 Wiki
Strom: 54f5f04a1f
Branche Tagy
gitleaks
/
cmd
/
detect.go

detect.go 2.3 KB
História Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. package cmd
    2. 

  2. 

  3. import (
    4. 

  4. 	"os"
    5. 

  5. 	"time"
    6. 

  6. 

  7. 	"github.com/rs/zerolog/log"
    8. 

  8. 	"github.com/spf13/cobra"
    9. 

  9. 

  10. 	"github.com/zricethezav/gitleaks/v8/detect"
    11. 

  11. 	"github.com/zricethezav/gitleaks/v8/report"
    12. 

  12. )
    13. 

  13. 

  14. func init() {
    15. 

  15. 	rootCmd.AddCommand(detectCmd)
    16. 

  16. 	detectCmd.Flags().Bool("no-git", false, "treat git repo as a regular directory and scan those files, --log-opts has no effect on the scan when --no-git is set")
    17. 

  17. 	detectCmd.Flags().Bool("pipe", false, "scan input from stdin, ex: `cat some_file | gitleaks detect --pipe`")
    18. 

  18. }
    19. 

  19. 

  20. var detectCmd = &cobra.Command{
    21. 

  21. 	Use:   "detect",
    22. 

  22. 	Short: "detect secrets in code",
    23. 

  23. 	Run:   runDetect,
    24. 

  24. }
    25. 

  25. 

  26. func runDetect(cmd *cobra.Command, args []string) {
    27. 

  27. 	initConfig()
    28. 

  28. 	var (
    29. 

  29. 		findings []report.Finding
    30. 

  30. 		err      error
    31. 

  31. 	)
    32. 

  32. 

  33. 	// setup config (aka, the thing that defines rules)
    34. 

  34. 	cfg := Config(cmd)
    35. 

  35. 

  36. 	// start timer
    37. 

  37. 	start := time.Now()
    38. 

  38. 

  39. 	// grab source
    40. 

  40. 	source, err := cmd.Flags().GetString("source")
    41. 

  41. 	if err != nil {
    42. 

  42. 		log.Fatal().Err(err).Msg("")
    43. 

  43. 	}
    44. 

  44. 	detector := Detector(cmd, cfg, source)
    45. 

  45. 

  46. 	// set exit code
    47. 

  47. 	exitCode, err := cmd.Flags().GetInt("exit-code")
    48. 

  48. 	if err != nil {
    49. 

  49. 		log.Fatal().Err(err).Msg("could not get exit code")
    50. 

  50. 	}
    51. 

  51. 

  52. 	// determine what type of scan:
    53. 

  53. 	// - git: scan the history of the repo
    54. 

  54. 	// - no-git: scan files by treating the repo as a plain directory
    55. 

  55. 	noGit, err := cmd.Flags().GetBool("no-git")
    56. 

  56. 	if err != nil {
    57. 

  57. 		log.Fatal().Err(err).Msg("could not call GetBool() for no-git")
    58. 

  58. 	}
    59. 

  59. 	fromPipe, err := cmd.Flags().GetBool("pipe")
    60. 

  60. 	if err != nil {
    61. 

  61. 		log.Fatal().Err(err)
    62. 

  62. 	}
    63. 

  63. 

  64. 	// start the detector scan
    65. 

  65. 	if noGit {
    66. 

  66. 		findings, err = detector.DetectFiles(source)
    67. 

  67. 		if err != nil {
    68. 

  68. 			// don't exit on error, just log it
    69. 

  69. 			log.Error().Err(err).Msg("")
    70. 

  70. 		}
    71. 

  71. 	} else if fromPipe {
    72. 

  72. 		findings, err = detector.DetectReader(os.Stdin, 10)
    73. 

  73. 		if err != nil {
    74. 

  74. 			// log fatal to exit, no need to continue since a report
    75. 

  75. 			// will not be generated when scanning from a pipe...for now
    76. 

  76. 			log.Fatal().Err(err).Msg("")
    77. 

  77. 		}
    78. 

  78. 	} else {
    79. 

  79. 		var logOpts string
    80. 

  80. 		logOpts, err = cmd.Flags().GetString("log-opts")
    81. 

  81. 		if err != nil {
    82. 

  82. 			log.Fatal().Err(err).Msg("")
    83. 

  83. 		}
    84. 

  84. 		findings, err = detector.DetectGit(source, logOpts, detect.DetectType)
    85. 

  85. 		if err != nil {
    86. 

  86. 			// don't exit on error, just log it
    87. 

  87. 			log.Error().Err(err).Msg("")
    88. 

  88. 		}
    89. 

  89. 	}
    90. 

  90. 

  91. 	findingSummaryAndExit(findings, cmd, cfg, exitCode, start, err)
    92. 

  92. }
    93.