Commit d942c38e authored by Maximilian Dolling's avatar Maximilian Dolling
Browse files

Fix gitleaks usage

parent 57520667
......@@ -18,9 +18,9 @@
**Software Location:** [git](git.gfz-potsdam.de/id2/software/services/fair/software-quality-assurance)
**Last Commit:** 968f640a5663535a457452a5ebc144432fc8486d
**Last Commit:** 36c90d9c6992ff961a832f00f37173faeff46217
**Report Time:** 30/03/2021 09:49:57 UTC
**Report Time:** 30/03/2021 09:53:41 UTC
**Report Version:** 0.6.0
......@@ -61,8 +61,8 @@
|Language|Percentage|
|---|---|
|Python|92.74|
|Shell|4.24|
|Python|92.60|
|Shell|4.37|
|Dockerfile|1.60|
|HTML|1.34|
|Ruby|0.08|
......
......@@ -66,18 +66,24 @@ class CheckCredentials(Service):
if self.service_config is not None:
gitleaks_command = (
f'gitleaks --repo-path="{self.sqa.config.repository_dir}" '
f'--config="{self.service_config}" '
f'gitleaks --path="{self.sqa.config.repository_dir}" '
f'--config-path="{self.service_config}" '
f'--report="{self.sqa.config.sub_report_dir}/check_credentials.json" '
f"--leaks-exit-code=2 "
f'> "{self.sqa.config.sub_report_dir}/check_credentials.log"'
)
else:
gitleaks_command = (
f'gitleaks --repo-path="{self.sqa.config.repository_dir}" '
f'gitleaks --path="{self.sqa.config.repository_dir}" '
f'--report="{self.sqa.config.sub_report_dir}/check_credentials.json" '
f"--leaks-exit-code=2 "
f'> "{self.sqa.config.sub_report_dir}/check_credentials.log"'
)
# the return of os.system returns a 16 bit integer, which is why the exit codes have the following meaning:
# 0 = OK, no leak
# 256 = ERROR
# 512 = OK, leak
self.result["exit status"] = os.system(gitleaks_command)
with open(
......@@ -86,14 +92,14 @@ class CheckCredentials(Service):
self.result["log"] = log.read().replace("\n", "")
if self.result["exit status"] == 0:
if os.path.isfile(
f"{self.sqa.config.sub_report_dir}/check_credentials.json"
):
self.result["summary"] = "No leaks detected."
elif self.result["exit status"] == 256:
self.result["summary"] = "gitleaks had an error."
elif self.result["exit status"] == 512:
with open(
f"{self.sqa.config.sub_report_dir}/check_credentials.json"
) as cc_json_file:
check_credentials_json = json.load(cc_json_file)
cc_json_file.close()
self.result[
"summary"
......@@ -108,9 +114,9 @@ class CheckCredentials(Service):
index = 0
else:
index = (
list(
self.result["leaks"][item["rule"]][item["file"]].keys()
)[-1]
list(self.result["leaks"][item["rule"]][item["file"]].keys())[
-1
]
+ 1
)
......@@ -118,14 +124,9 @@ class CheckCredentials(Service):
"offender": item["offender"],
"commit": item["commit"],
}
else:
self.result["summary"] = "No leaks detected."
else:
self.result[
"summary"
] = f"gitleaks had an error and exited with status code {self.result['exit status']}."
if self.sqa.config.test_mode:
self.result["summary"] = "999 vulnerabilities found"
# if self.sqa.config.test_mode:
# self.result["summary"] = "999 vulnerabilities found"
self.result = order_dict(self.result)
......@@ -134,7 +135,7 @@ class CheckCredentials(Service):
md_result += f'**{self.result["summary"]}**\n\n'
if self.result["exit status"] != 0:
if self.result["exit status"] == 256:
md_result += "**gitleaks log**\n\n"
md_result += f'{self.result["log"]}\n\n'
......@@ -158,7 +159,7 @@ class CheckCredentials(Service):
cli_result += f'{self.result["summary"]}\n'
if self.result["exit status"] != 0:
if self.result["exit status"] == 256:
cli_result += "gitleaks log:\n\n"
cli_result += f'{self.result["log"]}\n\n'
......
......@@ -41,10 +41,10 @@ from schema import And, Optional, Schema, SchemaError
from sqa.helper import (
delete_multiple_lines,
non_empty_str,
order_dict,
valid_py_regex,
valid_spdx_identifier,
)
from sqa.helper import order_dict
from ..service import Service
......
......@@ -35,6 +35,12 @@ docker build --pull \
cp "$PWD/tests/test_project/QUALITY.md" "$PWD/tests/test_project/test_report.md"
#docker run -it \
# -v "$PWD/tests/test_project:/repo" \
# -u "$(id -u "${USER}")":"$(id -g "${USER}")" \
# localdev \
# sh
docker run -v "$PWD/tests/test_project:/repo" \
-u "$(id -u "${USER}")":"$(id -g "${USER}")" \
localdev \
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment