Strona główna Odkrywaj Pomoc
Zaloguj się
LBP
/
gitleaks
kopia lustrzana https://github.com/gitleaks/gitleaks.git
4
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: fe94ef9ca3
Gałęzie Tagi
gitleaks
/
cmd
/
generate
/
config
/
rules
/
gcp.go

gcp.go 1.0 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344 
  1. package rules
    2. 

  2. 

  3. import (
    4. 

  4. 	"regexp"
    5. 

  5. 

  6. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
    7. 

  7. 	"github.com/zricethezav/gitleaks/v8/config"
    8. 

  8. )
    9. 

  9. 

  10. // TODO this one could probably use some work
    11. 

  11. func GCPServiceAccount() *config.Rule {
    12. 

  12. 	// define rule
    13. 

  13. 	r := config.Rule{
    14. 

  14. 		Description: "Google (GCP) Service-account",
    15. 

  15. 		RuleID:      "gcp-service-account",
    16. 

  16. 		Regex:       regexp.MustCompile(`\"type\": \"service_account\"`),
    17. 

  17. 		Keywords:    []string{`\"type\": \"service_account\"`},
    18. 

  18. 	}
    19. 

  19. 

  20. 	// validate
    21. 

  21. 	tps := []string{
    22. 

  22. 		`"type": "service_account"`,
    23. 

  23. 	}
    24. 

  24. 	return validate(r, tps, nil)
    25. 

  25. }
    26. 

  26. 

  27. func GCPAPIKey() *config.Rule {
    28. 

  28. 	// define rule
    29. 

  29. 	r := config.Rule{
    30. 

  30. 		RuleID:      "gcp-api-key",
    31. 

  31. 		Description: "Uncovered a GCP API key, which could lead to unauthorized access to Google Cloud services and data breaches.",
    32. 

  32. 		Regex:       generateUniqueTokenRegex(`AIza[0-9A-Za-z\\-_]{35}`, true),
    33. 

  33. 

  34. 		Keywords: []string{
    35. 

  35. 			"AIza",
    36. 

  36. 		},
    37. 

  37. 	}
    38. 

  38. 

  39. 	// validate
    40. 

  40. 	tps := []string{
    41. 

  41. 		generateSampleSecret("gcp", secrets.NewSecret(`AIza[0-9A-Za-z\\-_]{35}`)),
    42. 

  42. 	}
    43. 

  43. 	return validate(r, tps, nil)
    44. 

  44. }
    45.