options

Documentation

Index

• Constants
• func GetAccessToken(opts Options) string
• func SSHAuth(opts Options) (*ssh.PublicKeys, error)
• type Options
  • func ParseOptions() (Options, error)
  • func (opts Options) CheckUncommitted() bool
  • func (opts Options) CloneOptions() (*git.CloneOptions, error)
  • func (opts Options) Guard() error
  • func (opts Options) OpenLocal() bool

Constants

const (
	// No leaks or early exit due to invalid options
	Success          = 0
	LeaksPresent     = 1
	ErrorEncountered = 2
)

No leaks or early exit due to invalid options This block defines the exit codes. Success

Functions

func GetAccessToken

func GetAccessToken(opts Options) string

GetAccessToken accepts options and returns a string which is the access token to a git host. Setting this option or environment var is necessary if performing an audit with any of the git hosting providers in the host pkg. The access token set by cli options takes precedence over env vars.

func SSHAuth

func SSHAuth(opts Options) (*ssh.PublicKeys, error)

SSHAuth tried to generate ssh public keys based on what was passed via cli. If no path was passed via cli then this will attempt to retrieve keys from the default location for ssh keys, $HOME/.ssh/id_rsa. This function is only called if the repo url using the git:// protocol.

Types

type Options

type Options struct {
	Verbose       bool   `short:"v" long:"verbose" description:"Show verbose output from audit"`
	Repo          string `short:"r" long:"repo" description:"Target repository"`
	Config        string `long:"config" description:"config path"`
	Disk          bool   `long:"disk" description:"Clones repo(s) to disk"`
	Version       bool   `long:"version" description:"version number"`
	Username      string `long:"username" description:"Username for git repo"`
	Password      string `long:"password" description:"Password for git repo"`
	AccessToken   string `long:"access-token" description:"Access token for git repo"`
	Commit        string `long:"commit" description:"sha of commit to audit"`
	FilesAtCommit string `long:"files-at-commit" description:"sha of commit to audit all files at commit"`
	Threads       int    `long:"threads" description:"Maximum number of threads gitleaks spawns"`
	SSH           string `long:"ssh-key" description:"path to ssh key used for auth"`
	Uncommited    bool   `long:"uncommitted" description:"run gitleaks on uncommitted code"`
	RepoPath      string `long:"repo-path" description:"Path to repo"`
	OwnerPath     string `long:"owner-path" description:"Path to owner directory (repos discovered)"`
	Branch        string `long:"branch" description:"Branch to audit"`
	Report        string `long:"report" description:"path to write json leaks file"`
	ReportFormat  string `long:"report-format" default:"json" description:"json or csv"`
	Redact        bool   `long:"redact" description:"redact secrets from log messages and leaks"`
	Debug         bool   `long:"debug" description:"log debug messages"`
	RepoConfig    bool   `long:"repo-config" description:"Load config from target repo. Config file must be \".gitleaks.toml\" or \"gitleaks.toml\""`
	PrettyPrint   bool   `long:"pretty" description:"Pretty print json if leaks are present"`
	CommitFrom    string `long:"commit-from" description:"Commit to start audit from"`
	CommitTo      string `long:"commit-to" description:"Commit to stop audit"`
	Timeout       string `long:"timeout" description:"Time allowed per audit. Ex: 10us, 30s, 1m, 1h10m1s"`
	Depth         int    `long:"depth" description:"Number of commits to audit"`

	// Hosts
	Host         string `long:"host" description:"git hosting service like gitlab or github. Supported hosts include: Github, Gitlab"`
	BaseURL      string `` /* 170-byte string literal not displayed */
	Organization string `long:"org" description:"organization to audit"`
	User         string `long:"user" description:"user to audit"`
	PullRequest  string `long:"pr" description:"pull/merge request url"`
	ExcludeForks bool   `long:"exclude-forks" description:"audit excludes forks"`
}

Options stores values of command line options

func ParseOptions

func ParseOptions() (Options, error)

ParseOptions is responsible for parsing options passed in by cli. An Options struct is returned if successful. This struct is passed around the program and will determine how the program executes. If err, an err message or help message will be displayed and the program will exit with code 0.

func (Options) CheckUncommitted

func (opts Options) CheckUncommitted() bool

CheckUncommitted returns a boolean that indicates whether or not gitleaks should check unstaged pre-commit changes or if gitleaks should check the entire git history

func (Options) CloneOptions

func (opts Options) CloneOptions() (*git.CloneOptions, error)

CloneOptions returns a git.cloneOptions pointer. The authentication method is determined by what is passed in via command-Line options. If No Username/PW or AccessToken is available and the repo target is not using the git protocol then the repo must be a available via no auth.

func (Options) Guard

func (opts Options) Guard() error

Guard checks to makes sure there are no invalid options set. If invalid sets of options are present, a descriptive error will return else nil is returned

func (Options) OpenLocal

func (opts Options) OpenLocal() bool

OpenLocal checks what options are set, if no remote targets are set then return true