Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
hooking up the filesystem mode scanning logic #258
  • Loading branch information
Divya Uppu authored and svishwanath-tw committed Sep 13, 2022
1 parent de9baca commit 9a10b57
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 3 deletions.
35 changes: 34 additions & 1 deletion cmd/scanner_cmd_test.go
Expand Up @@ -44,7 +44,6 @@ func TestScannerCmdAddingSecretKeyShouldExitZeroIfFileIsWithinConfiguredScope(t
git.SetupBaselineFiles("simple-file")
git.CreateFileWithContents("go.sum", awsAccessKeyIDExample)
git.CreateFileWithContents("go.mod", awsAccessKeyIDExample)
git.CreateFileWithContents(".talismanrc", talismanRCDataWithScopeAsGo)
git.AddAndcommit("*", "go sum file")
os.Chdir(git.GetRoot())

Expand All @@ -53,3 +52,37 @@ func TestScannerCmdAddingSecretKeyShouldExitZeroIfFileIsWithinConfiguredScope(t
assert.Equal(t, 0, scannerCmd.exitStatus(), "Expected ScannerCmd.exitStatus() to return 0 since no secret is found")
})
}

func TestScannerCmdDetectsSecretAndIgnoresWhileRunningInIgnoreHistoryModeWithValidIgnoreConf(t *testing.T) {
withNewTmpGitRepo(func(git *git_testing.GitTesting) {
git.SetupBaselineFiles("simple-file")
git.CreateFileWithContents("go.sum", awsAccessKeyIDExample)
git.CreateFileWithContents("go.mod", awsAccessKeyIDExample)
git.AddAndcommit("*", "go sum file")
os.Chdir(git.GetRoot())

scannerCmd := NewScannerCmd(true, git.GetRoot())
scannerCmd.Run(&talismanrc.TalismanRC{
IgnoreConfigs: []talismanrc.IgnoreConfig{
&talismanrc.FileIgnoreConfig{FileName: "go.sum", Checksum: "582093519ae682d5170aecc9b935af7e90ed528c577ecd2c9dd1fad8f4924ab9"},
&talismanrc.FileIgnoreConfig{FileName: "go.mod", Checksum: "8a03b9b61c505ace06d590d2b9b4f4b6fa70136e14c26875ced149180e00d1af"},
}})
assert.Equal(t, 0, scannerCmd.exitStatus(), "Expected ScannerCmd.exitStatus() to return 0 since secrets file ignore is enabled")
})
}

func TestScannerCmdDetectsSecretAndIgnoresWhileRunningNormalScanMode(t *testing.T) {
withNewTmpGitRepo(func(git *git_testing.GitTesting) {
git.SetupBaselineFiles("simple-file")
git.CreateFileWithContents("go.sum", awsAccessKeyIDExample)
git.CreateFileWithContents("go.mod", awsAccessKeyIDExample)
git.AddAndcommit("*", "go sum file")
os.Chdir(git.GetRoot())

scannerCmd := NewScannerCmd(false, git.GetRoot())
scannerCmd.Run(&talismanrc.TalismanRC{
IgnoreConfigs: []talismanrc.IgnoreConfig{
}})
assert.Equal(t, 1, scannerCmd.exitStatus(), "Expected ScannerCmd.exitStatus() to return 1 since secrets file ignore is enabled")
})
}
4 changes: 2 additions & 2 deletions cmd/talisman.go
Expand Up @@ -149,10 +149,10 @@ func run(promptContext prompt.PromptContext) (returnCode int) {
return NewChecksumCmd(strings.Fields(options.Checksum)).Run()
} else if options.Scan {
log.Infof("Running scanner")
return NewScannerCmd(options.IgnoreHistory, options.ReportDirectory).Run(talismanrc.For(talismanrc.ScanMode))
return NewScannerCmd(options.IgnoreHistory, options.ReportDirectory).Run(talismanrc.ForScan(options.IgnoreHistory))
} else if options.ScanWithHtml {
log.Infof("Running scanner with html report")
return NewScannerCmd(options.IgnoreHistory, "talisman_html_report").Run(talismanrc.For(talismanrc.ScanMode))
return NewScannerCmd(options.IgnoreHistory, "talisman_html_report").Run(talismanrc.ForScan(options.IgnoreHistory))
} else if options.Pattern != "" {
log.Infof("Running scan for %s", options.Pattern)
return NewPatternCmd(options.Pattern).Run(talismanrc.For(talismanrc.HookMode), promptContext)
Expand Down

0 comments on commit 9a10b57

Please sign in to comment.