diff --git a/.gitignore b/.gitignore index 7bb9a9e..4d3c028 100644 --- a/.gitignore +++ b/.gitignore @@ -6,5 +6,4 @@ sync/ out/ generated/ uid2-optout.iml -.pre-commit-trivy-cache/ .DS_Store diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml deleted file mode 100644 index d4f6652..0000000 --- a/.pre-commit-config.yaml +++ /dev/null @@ -1,15 +0,0 @@ -repos: - - repo: https://github.com/mxab/pre-commit-trivy.git - rev: v0.5.1 - hooks: - - id: trivyfs-docker - args: - - --scanners - - secret - - --secret-config - - /src/trivy-secret.yaml - - --skip-dirs - - /src/target - - --skip-dirs - - /src/.idea - - . diff --git a/trivy-secret.yaml b/trivy-secret.yaml deleted file mode 100644 index 38eaa8e..0000000 --- a/trivy-secret.yaml +++ /dev/null @@ -1,210 +0,0 @@ -rules: - ################## - # UID2 Admin Key # - ################## - - id: uid2-admin-key-test - category: uid2 - title: UID2 - Admin Key - Test - severity: CRITICAL - keywords: - - UID2-A-T - regex: UID2-A-T-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-admin-key-integ - category: uid2 - title: UID2 - Admin Key - Integ - severity: CRITICAL - keywords: - - UID2-A-I - regex: UID2-A-I-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-admin-key-prod - category: uid2 - title: UID2 - Admin Key - Prod - severity: CRITICAL - keywords: - - UID2-A-P - regex: UID2-A-P-(?P.{6}\..{38}) - secret-group-name: secret - - ################### - # UID2 Client Key # - ################### - - id: uid2-client-key-test - category: uid2 - title: UID2 - Client Key - Test - severity: CRITICAL - keywords: - - UID2-C-T - regex: UID2-C-T-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-client-key-integ - category: uid2 - title: UID2 - Client Key - Integ - severity: CRITICAL - keywords: - - UID2-C-I - regex: UID2-C-I-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-client-key-prod - category: uid2 - title: UID2 - Client Key - Prod - severity: CRITICAL - keywords: - - UID2-C-P - regex: UID2-C-P-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - ##################### - # UID2 Operator Key # - ##################### - - id: uid2-operator-key-test - category: uid2 - title: UID2 - Operator Key - Test - severity: CRITICAL - keywords: - - UID2-O-T - regex: UID2-O-T-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-operator-key-integ - category: uid2 - title: UID2 - Operator Key - Integ - severity: CRITICAL - keywords: - - UID2-O-I - regex: UID2-O-I-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: uid2-operator-key-prod - category: uid2 - title: UID2 - Operator Key - Prod - severity: CRITICAL - keywords: - - UID2-O-P - regex: UID2-O-P-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - ######################################## - # UID2 Client Side Keypair Private Key # - ######################################## - - id: uid2-client-side-keypair-private-key-test - category: uid2 - title: UID2 - Client Side Keypair Private Key - Test - severity: CRITICAL - keywords: - - UID2-Y-T - regex: (?PUID2-Y-T-.{92}) - secret-group-name: secret - - id: uid2-client-side-keypair-private-key-integ - category: uid2 - title: UID2 - Client Side Keypair Private Key - Integ - severity: CRITICAL - keywords: - - UID2-Y-I - regex: (?PUID2-Y-I-.{92}) - secret-group-name: secret - - id: uid2-client-side-keypair-private-key-prod - category: uid2 - title: UID2 - Client Side Keypair Private Key - Prod - severity: CRITICAL - keywords: - - UID2-Y-P - regex: (?PUID2-Y-P-.{92}) - secret-group-name: secret - - ################## - # EUID Admin Key # - ################## - - id: euid-admin-key-test - category: euid - title: EUID - Admin Key - Test - severity: CRITICAL - keywords: - - EUID-A-T - regex: EUID-A-T-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-admin-key-integ - category: euid - title: EUID - Admin Key - Integ - severity: CRITICAL - keywords: - - EUID-A-I - regex: EUID-A-I-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-admin-key-prod - category: euid - title: EUID - Admin Key - Prod - severity: CRITICAL - keywords: - - EUID-A-P - regex: EUID-A-P-(?P.{6}\..{38}) - secret-group-name: secret - - ################### - # EUID Client Key # - ################### - - id: euid-client-key-test - category: euid - title: EUID - Client Key - Test - severity: CRITICAL - keywords: - - EUID-C-T - regex: EUID-C-T-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-client-key-integ - category: euid - title: EUID - Client Key - Integ - severity: CRITICAL - keywords: - - EUID-C-I - regex: EUID-C-I-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-client-key-prod - category: euid - title: EUID - Client Key - Prod - severity: CRITICAL - keywords: - - EUID-C-P - regex: EUID-C-P-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - ##################### - # EUID Operator Key # - ##################### - - id: euid-operator-key-test - category: euid - title: EUID - Operator Key - Test - severity: CRITICAL - keywords: - - EUID-O-T - regex: EUID-O-T-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-operator-key-integ - category: euid - title: EUID - Operator Key - Integ - severity: CRITICAL - keywords: - - EUID-O-I - regex: EUID-O-I-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - - id: euid-operator-key-prod - category: euid - title: EUID - Operator Key - Prod - severity: CRITICAL - keywords: - - EUID-O-P - regex: EUID-O-P-[0-9]+-(?P.{6}\..{38}) - secret-group-name: secret - -disable-allow-rules: - - tests - - examples - - vendor - - usr-dirs - - locale-dir - - markdown - - node.js - - golang - - python - - rubygems - - wordpress - - anaconda-log