scanner

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2024 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// NoErrorCode means the error code hasn't been set
	NoErrorCode = iota
	// CloneError means we were unable to successfully clone the resource
	CloneError
	// ScanError means there was some issue scanning the cloned resource
	ScanError
	// ResourceCleanupError means we couldn't remove the resources that were cloned after a scan
	ResourceCleanupError
)
View Source 
const (
	GeneralResultKind   = "General"
	GitCommitResultKind = "GitCommit"
	JSONDataResultKind  = "JSONData"
)

In the future we might have things like GitCommitMessage GithubPullRequest, etc

Variables

This section is empty.

Functions

func ParseGitleaksConfig 

func ParseGitleaksConfig(rawConfig string) (glc *gitleaksconfig.Config, err error)

ParseGitleaksConfig takes a gitleaks config string and returns a config object

Types

type Backend 

type Backend interface {
	Name() string
	Scan(resource resource.Resource) ([]*Result, error)
}

Backend is an interface for a scanner backend leveraged by leaktk

type Contact 

type Contact struct {
	Name  string `json:"name"`
	Email string `json:"email"`
}

Contact for some resource when available

type ErrorCode 

type ErrorCode int

ErrorCode defined sthe set of error codes that can be set on a LeakTKError

type Gitleaks 

type Gitleaks struct {
	// contains filtered or unexported fields
}

Gitleaks wraps gitleaks as a scanner backend

func NewGitleaks 

func NewGitleaks(patterns *Patterns) *Gitleaks

NewGitleaks returns a configured gitleaks backend instance

func (*Gitleaks) Name 

func (g *Gitleaks) Name() string

Name returns the human readable name of the backend for logging details

func (*Gitleaks) Scan 

func (g *Gitleaks) Scan(scanResource resource.Resource) ([]*Result, error)

Scan does the gitleaks scan on the resource

type HTTPClient 

type HTTPClient interface {
	Do(req *http.Request) (*http.Response, error)
}

HTTPClient provides an interface for working with Go's http client or swapping it out with other types for testing

type LeakTKError 

type LeakTKError struct {
	Fatal   bool      `json:"fatal"`
	Code    ErrorCode `json:"code"`
	Message string    `json:"message"`
}

LeakTKError expans a normal error to provide additional meta data

func (LeakTKError) Error 

func (e LeakTKError) Error() string

Error is defined to implement the error interface

func (LeakTKError) String 

func (e LeakTKError) String() string

String provides a string representation of the error

type Location 

type Location struct {
	// This can be things like a commit or some other version control identifier
	Version string `json:"version"`
	Path    string `json:"path"`
	// If the start column isn't available it will be zero.
	Start Point `json:"start"`
	// If the end information isn't available it will be the same as the
	// start information but the colmn will be the end of the line
	End Point `json:"end"`
}

Location in the specific resource being scanned

type Patterns 

type Patterns struct {
	// contains filtered or unexported fields
}

Patterns acts as an abstraction for fetching different scanner patterns and keeping them up to date and cached

func NewPatterns 

func NewPatterns(cfg *config.Patterns, client HTTPClient) *Patterns

NewPatterns returns a configured instance of Patterns

func (*Patterns) Gitleaks 

func (p *Patterns) Gitleaks() (*gitleaksconfig.Config, error)

Gitleaks returns a Gitleaks config object if it's able to

func (*Patterns) GitleaksConfigHash added in v0.0.2 

func (p *Patterns) GitleaksConfigHash() string

GitleaksConfigHash returns the sha256 hash for the current gitleaks config

type Point 

type Point struct {
	Line   int `json:"line"`
	Column int `json:"column"`
}

Point just provides line & column coordinates for a Result in a text file

type Request 

type Request struct {
	ID string
	// Thing to scan (e.g. URL, snippet of text, etc)
	Resource resource.Resource
	Errors   []LeakTKError
}

Request to the scanner to scan some resource

func (*Request) UnmarshalJSON 

func (r *Request) UnmarshalJSON(data []byte) error

UnmarshalJSON sets r to a copy of data

type RequestDetails 

type RequestDetails struct {
	ID       string `json:"id"`
	Kind     string `json:"kind"`
	Resource string `json:"resource"`
}

RequestDetails that we return with the response for tying the two together

type Response 

type Response struct {
	ID      string         `json:"id"`
	Errors  []LeakTKError  `json:"errors"`
	Request RequestDetails `json:"request"`
	Results []*Result      `json:"results"`
}

Response from the scanner with the scan results

func (*Response) String 

func (r *Response) String() string

String renders a response structure to the JSON format

type Result 

type Result struct {
	ID       string            `json:"id"`
	Kind     string            `json:"kind"`
	Secret   string            `json:"secret"`
	Match    string            `json:"match"`
	Entropy  float32           `json:"entropy"`
	Date     string            `json:"date"`
	Rule     Rule              `json:"rule"`
	Contact  Contact           `json:"contact"`
	Location Location          `json:"location"`
	Notes    map[string]string `json:"notes"`
}

Result of a scan

type Rule 

type Rule struct {
	ID          string   `json:"id"`
	Description string   `json:"description"`
	Tags        []string `json:"tags"`
}

Rule that triggered the result

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner holds the config and state for the scanner processes

func NewScanner 

func NewScanner(cfg *config.Config) *Scanner

NewScanner returns a initialized and listening scanner instance that should be closed when it's no longer needed.

func (*Scanner) Close 

func (s *Scanner) Close() error

Close closes out all of the queues (make sure to call this)

func (*Scanner) Responses 

func (s *Scanner) Responses() <-chan *Response

Responses returns a channel that can be used for subscribing to respones

func (*Scanner) Send 

func (s *Scanner) Send(request *Request)

Send accepts a request for scanning and puts it in the queues

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.