-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* add jenkins * whoops * adding unauthenticated jenkins scanning * update docs --------- Co-authored-by: Joe Leon <joe.leon@trufflesec.com>
- Loading branch information
1 parent
c86b423
commit ef41087
Showing
15 changed files
with
1,426 additions
and
347 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
package engine | ||
|
||
import ( | ||
"errors" | ||
"runtime" | ||
"strings" | ||
|
||
"google.golang.org/protobuf/proto" | ||
"google.golang.org/protobuf/types/known/anypb" | ||
|
||
"github.com/trufflesecurity/trufflehog/v3/pkg/context" | ||
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb" | ||
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb" | ||
"github.com/trufflesecurity/trufflehog/v3/pkg/sources/jenkins" | ||
) | ||
|
||
type JenkinsConfig struct { | ||
Endpoint string | ||
Username string | ||
Password string | ||
Header string | ||
InsecureSkipVerifyTLS bool | ||
} | ||
|
||
// ScanJenkins scans Jenkins logs. | ||
func (e *Engine) ScanJenkins(ctx context.Context, jenkinsConfig JenkinsConfig) error { | ||
var connection *sourcespb.Jenkins | ||
switch { | ||
case jenkinsConfig.Username != "" && jenkinsConfig.Password != "": | ||
connection = &sourcespb.Jenkins{ | ||
Credential: &sourcespb.Jenkins_BasicAuth{ | ||
BasicAuth: &credentialspb.BasicAuth{ | ||
Username: jenkinsConfig.Username, | ||
Password: jenkinsConfig.Password, | ||
}, | ||
}, | ||
} | ||
case jenkinsConfig.Header != "": | ||
splits := strings.Split(jenkinsConfig.Header, ":") | ||
if len(splits) != 2 { | ||
return errors.New("invalid header format, expected key: value") | ||
} | ||
key := splits[0] | ||
value := splits[1] | ||
|
||
connection = &sourcespb.Jenkins{ | ||
Credential: &sourcespb.Jenkins_Header{ | ||
Header: &credentialspb.Header{ | ||
Key: key, | ||
Value: value, | ||
}, | ||
}, | ||
} | ||
default: | ||
connection = &sourcespb.Jenkins{ | ||
Credential: &sourcespb.Jenkins_Unauthenticated{ | ||
Unauthenticated: &credentialspb.Unauthenticated{}, | ||
}, | ||
} | ||
} | ||
|
||
connection.Endpoint = jenkinsConfig.Endpoint | ||
connection.InsecureSkipVerifyTls = jenkinsConfig.InsecureSkipVerifyTLS | ||
|
||
var conn anypb.Any | ||
err := anypb.MarshalFrom(&conn, connection, proto.MarshalOptions{}) | ||
if err != nil { | ||
ctx.Logger().Error(err, "failed to marshal Jenkins connection") | ||
return err | ||
} | ||
|
||
sourceName := "trufflehog - Jenkins" | ||
sourceID, jobID, _ := e.sourceManager.GetIDs(ctx, sourceName, jenkins.SourceType) | ||
|
||
jenkinsSource := &jenkins.Source{} | ||
if err := jenkinsSource.Init(ctx, "trufflehog - Jenkins", jobID, sourceID, true, &conn, runtime.NumCPU()); err != nil { | ||
return err | ||
} | ||
_, err = e.sourceManager.Run(ctx, sourceName, jenkinsSource) | ||
return err | ||
} |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.