Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding --all-files flag #57

Merged
merged 1 commit into from
Jul 12, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion detect_secrets/core/baseline.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
from detect_secrets.core.secrets_collection import SecretsCollection


def initialize(plugins, exclude_regex=None, rootdir='.'):
def initialize(plugins, exclude_regex=None, rootdir='.', scan_all_files=False):
"""Scans the entire codebase for high entropy strings, and returns a
SecretsCollection object.

Expand All @@ -24,6 +24,8 @@ def initialize(plugins, exclude_regex=None, rootdir='.'):
if os.path.isfile(rootdir):
# This option allows for much easier adhoc usage.
git_files = [rootdir]
elif scan_all_files:
git_files = _get_files_recursively(rootdir)
else:
git_files = _get_git_tracked_files(rootdir)

Expand Down Expand Up @@ -256,3 +258,15 @@ def _get_git_tracked_files(rootdir='.'):
return set(git_files.decode('utf-8').split())
except subprocess.CalledProcessError:
return None


def _get_files_recursively(rootdir):
"""Sometimes, we want to use this tool with non-git repositories.
This function allows us to do so.
"""
output = []
for root, dirs, files in os.walk(rootdir):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit: you can use _ for dirs

for filename in files:
output.append(os.path.join(root, filename))

return output
6 changes: 6 additions & 0 deletions detect_secrets/core/usage.py
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,12 @@ def _add_initialize_baseline_argument(self):
dest='import_filename',
)

self.parser.add_argument(
'--all-files',
action='store_true',
help='Scan all files recursively (as compared to only scanning git tracked files).',
)

return self


Expand Down
1 change: 1 addition & 0 deletions detect_secrets/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ def _perform_scan(args):
plugins,
args.exclude,
args.path,
args.all_files,
).format_for_baseline_output()

if old_baseline:
Expand Down
12 changes: 11 additions & 1 deletion tests/core/baseline_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,17 @@ def setup(self):
HexHighEntropyString(3),
)

def get_results(self, rootdir='./test_data/files', exclude_regex=None):
def get_results(
self,
rootdir='./test_data/files',
exclude_regex=None,
scan_all_files=False,
):
return baseline.initialize(
self.plugins,
rootdir=rootdir,
exclude_regex=exclude_regex,
scan_all_files=scan_all_files,
).json()

@pytest.mark.parametrize(
Expand Down Expand Up @@ -90,6 +96,10 @@ def test_single_non_tracked_git_file_should_work(self):

assert len(results['will_be_mocked']) == 1

def test_scan_all_files(self):
results = self.get_results(rootdir='test_data/files', scan_all_files=True)
assert len(results.keys()) == 2


class TestGetSecretsNotInBaseline(object):

Expand Down
14 changes: 14 additions & 0 deletions tests/main_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ def test_scan_basic(self, mock_baseline_initialize):
Any(tuple),
None,
'.',
False,
)

def test_scan_with_rootdir(self, mock_baseline_initialize):
Expand All @@ -61,6 +62,7 @@ def test_scan_with_rootdir(self, mock_baseline_initialize):
Any(tuple),
None,
'test_data',
False,
)

def test_scan_with_excludes_flag(self, mock_baseline_initialize):
Expand All @@ -71,6 +73,18 @@ def test_scan_with_excludes_flag(self, mock_baseline_initialize):
Any(tuple),
'some_pattern_here',
'.',
False,
)

def test_scan_with_all_files_flag(self, mock_baseline_initialize):
with mock_stdin():
assert main('scan --all-files'.split()) == 0

mock_baseline_initialize.assert_called_once_with(
Any(tuple),
None,
'.',
True,
)

def test_reads_from_stdin(self, mock_merge_baseline):
Expand Down