2023-03-28 16:07:26 +00:00
|
|
|
package output
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"crypto/sha256"
|
|
|
|
|
"encoding/hex"
|
|
|
|
|
"fmt"
|
2023-08-02 18:38:10 +00:00
|
|
|
"sync"
|
2023-03-28 16:07:26 +00:00
|
|
|
|
2023-07-31 18:12:08 +00:00
|
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/context"
|
2023-03-28 16:07:26 +00:00
|
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
|
|
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var dedupeCache = make(map[string]struct{})
|
|
|
|
|
|
2023-07-31 18:12:08 +00:00
|
|
|
// GitHubActionsPrinter is a printer that prints results in GitHub Actions format.
|
2023-08-02 18:38:10 +00:00
|
|
|
type GitHubActionsPrinter struct{ mu sync.Mutex }
|
2023-07-31 18:12:08 +00:00
|
|
|
|
|
|
|
|
func (p *GitHubActionsPrinter) Print(_ context.Context, r *detectors.ResultWithMetadata) error {
|
2023-03-28 16:07:26 +00:00
|
|
|
out := gitHubActionsOutputFormat{
|
|
|
|
|
DetectorType: r.Result.DetectorType.String(),
|
|
|
|
|
DecoderType: r.Result.DecoderType.String(),
|
|
|
|
|
Verified: r.Result.Verified,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
meta, err := structToMap(r.SourceMetadata.Data)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("could not marshal result: %w", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, data := range meta {
|
|
|
|
|
for k, v := range data {
|
|
|
|
|
if k == "line" {
|
|
|
|
|
if line, ok := v.(float64); ok {
|
|
|
|
|
out.StartLine = int64(line)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if k == "file" {
|
|
|
|
|
if filename, ok := v.(string); ok {
|
|
|
|
|
out.Filename = filename
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
verifiedStatus := "unverified"
|
|
|
|
|
if out.Verified {
|
|
|
|
|
verifiedStatus = "verified"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key := fmt.Sprintf("%s:%s:%s:%s:%d", out.DecoderType, out.DetectorType, verifiedStatus, out.Filename, out.StartLine)
|
|
|
|
|
h := sha256.New()
|
|
|
|
|
h.Write([]byte(key))
|
|
|
|
|
key = hex.EncodeToString(h.Sum(nil))
|
2024-02-08 01:45:06 +00:00
|
|
|
p.mu.Lock()
|
|
|
|
|
defer p.mu.Unlock()
|
2023-03-28 16:07:26 +00:00
|
|
|
if _, ok := dedupeCache[key]; ok {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
dedupeCache[key] = struct{}{}
|
|
|
|
|
|
|
|
|
|
message := fmt.Sprintf("Found %s %s result 🐷🔑\n", verifiedStatus, out.DetectorType)
|
|
|
|
|
if r.Result.DecoderType != detectorspb.DecoderType_PLAIN {
|
|
|
|
|
message = fmt.Sprintf("Found %s %s result with %s encoding 🐷🔑\n", verifiedStatus, out.DetectorType, out.DecoderType)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fmt.Printf("::warning file=%s,line=%d,endLine=%d::%s",
|
|
|
|
|
out.Filename, out.StartLine, out.StartLine, message)
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type gitHubActionsOutputFormat struct {
|
|
|
|
|
DetectorType,
|
|
|
|
|
DecoderType string
|
|
|
|
|
Verified bool
|
|
|
|
|
StartLine int64
|
|
|
|
|
Filename string
|
|
|
|
|
}
|
