feat(SP-1743): upgrade to gitleaks v8 (#9)

* feat: updating rules and tests and scripts to use gitleaks v8 * bumping gitleaks patch version and using mktemp for tmp dirs * debugging CI * using --no-git and removing git repo initialization * using ephemeral runners * removing tmp dirs logic * using correct filename * adding legacy (pre v8) gitleaks rules * removing unnecessary command
Typeform · Jun 28, 2022 · a6a1b6d · a6a1b6d
1 parent c64aa0c
commit a6a1b6d
Show file tree

Hide file tree

Showing 29 changed files with 1,170 additions and 249 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -6,3 +6,4 @@
 !gitleaks_config_generator_tests.py
 !requirements.txt
 !global_config.toml
+!global_config_legacy.toml
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -14,7 +14,7 @@ env:
 jobs:
   build:
     name: Run tests, build, and publish if needed
-    runs-on: [self-hosted, bear]
+    runs-on: [self-hosted, bear-ephemeral]
 
     steps:
 
@@ -34,7 +34,7 @@ jobs:
         env:
           CONTAINER_REGISTRY: ${{ secrets.ECR_REGISTRY }}
 
-      - name: Run integration tests (code samples) for global gitleaks config
+      - name: Run tests (code samples) for global gitleaks config
         run: make test-gitleaks-config
         env:
           CONTAINER_REGISTRY: ${{ secrets.ECR_REGISTRY }}

diff --git a/gitleaks_config_generator.py b/gitleaks_config_generator.py
@@ -15,7 +15,11 @@
 
 
 def main():
-    final_config = get_final_config('global_config.toml', '.gitleaks.toml')
+    config_file = 'global_config_legacy.toml' # config file for gitleaks versions previous to v8
+    if len(sys.argv) >= 2:
+        config_file = 'global_config.toml'
+
+    final_config = get_final_config(config_file, '.gitleaks.toml')
     print(toml.dumps(final_config))
 
 

diff --git a/gitleaks_config_generator_tests.py b/gitleaks_config_generator_tests.py
@@ -6,16 +6,16 @@ class TestGitleaksConfigGenerator(unittest.TestCase):
 
     def test_get_final_config_without_local_config(self):
         final_config = c.get_final_config('global_config.toml', '')
-        self.assertFalse('*.mp3' in final_config['allowlist']['files'])
+        self.assertFalse('*.mp3' in final_config['allowlist']['paths'])
 
     def test_get_final_config_with_local_config(self):
         final_config = c.get_final_config('global_config.toml', 'local-config.toml')
-        self.assertTrue('*.mp3' in final_config['allowlist']['files'])
+        self.assertTrue('*.mp3' in final_config['allowlist']['paths'])
 
     def test_merge_config(self):
         final_config = c.merge_config('global_config.toml', 'local-config.toml')
-        self.assertTrue('*.mp3' in final_config['allowlist']['files'])
-        self.assertTrue(isinstance(final_config['allowlist']['description'], str))
+        self.assertTrue('*.mp3' in final_config['allowlist']['paths'])
+        self.assertTrue(isinstance(final_config['allowlist']['paths'], list))
 
     def test_merge_old_config(self):
         final_config = c.merge_config('global_config.toml', 'local-config-old.toml')