Bump to golang 1.23

Dockerfile

@@ -2,7 +2,7 @@ ARG VECTORSCAN_IMG_TAG=latest
 ARG VECTORSCAN_IMAGE_REPOSITORY=deepfenceio
 FROM $VECTORSCAN_IMAGE_REPOSITORY/deepfence_vectorscan_build:$VECTORSCAN_IMG_TAG AS vectorscan
 
-FROM golang:1.22-alpine3.18 AS builder
+FROM golang:1.23-alpine3.20 AS builder
 MAINTAINER DeepFence
 
 RUN apk update  \
@@ -52,7 +52,7 @@ WORKDIR /home/deepfence/src/SecretScanner
 COPY . .
 RUN make clean && make all
 
-FROM alpine:3.18
+FROM alpine:3.20
 MAINTAINER DeepFence
 LABEL deepfence.role=system
 
@@ -68,7 +68,7 @@ set -eux
 
 apk update && apk add --no-cache --upgrade curl
 
-NERDCTL_VERSION=1.4.0
+NERDCTL_VERSION=1.7.7
 curl -fsSLO https://github.com/containerd/nerdctl/releases/download/v${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz
 tar Cxzvvf /usr/local/bin nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz
 rm nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz

Makefile

@@ -1,5 +1,5 @@
 export IMAGE_REPOSITORY?=quay.io/deepfenceio
-export DF_IMG_TAG?=3.0.0
+export DF_IMG_TAG?=2.5.0
 
 all: SecretScanner
 

README.md

@@ -38,14 +38,23 @@ Install docker and run SecretScanner on a container image using the following in
 * Build SecretScanner:
 ```shell
 ./bootstrap.sh
-docker build --rm=true --tag=quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 -f Dockerfile .
+docker build --rm=true --tag=quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 -f Dockerfile .
 ```
 
 * Or, pull the latest build from docker hub by doing:
 ```shell
-docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0
+docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0
 ```
 
+### Generate License Key
+
+Run this command to generate a license key. Work/official email id has to be used.
+```shell
+curl https://license.deepfence.io/threatmapper/generate-license?first_name=<FIRST_NAME>&last_name=<LAST_NAME>&email=<EMAIL>&company=<ORGANIZATION_NAME>&resend_email=true
+```
+
+### Scan
+
 * Pull a container image for scanning:
 ```shell
 docker pull node:8.11
@@ -57,7 +66,7 @@ docker run -i --rm --name=deepfence-secretscanner \
     -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
     -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
     -v /var/run/docker.sock:/var/run/docker.sock \
-    quay.io/deepfenceio/deepfence_secret_scanner_ce:3.0.0 \
+    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
     --image-name node:8.11 \
     --output json > node.json
 ```
@@ -69,7 +78,7 @@ docker run -i --rm --name=deepfence-yarahunter \
      -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
      -v /var/run/docker.sock:/var/run/docker.sock \
      -v /tmp/rules:/tmp/rules \
-     quay.io/deepfenceio/deepfence_secret_scanner_ce:3.0.0 \
+     quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
      --image-name node:8.11 \
      --rules-path=/tmp/rules \
      --output json > node.json

docs/docs/secretscanner/configure/cli.md

@@ -7,7 +7,7 @@ title: Command-Line Options
 Display the command line options:
 
 ```bash
-docker run -it --rm quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 --help
+docker run -it --rm quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 --help
 ```
 
 or, with a standalone build:
@@ -48,21 +48,6 @@ SecretScanner can write output as Table and JSON format
 
  * `-output`: Output format: json or table (default "table")
 
-### Configure GRPC Listener
-
-SocketScanner can run persistently, listening for scan requests over GRPC, either on an HTTP endpoint or a unix socket.
-
-:::info
-
-### Help needed!
-
-This functionality is out-of-date and needs refreshed
-:::
-
- * `--http-port string`: When set the http server will come up at port with df es as output
- * `--socket-path string`: The gRPC server unix socket path
-
-
 ### Configure Scans
 
 Scans can be fine-tuned using settings in `config.yaml`:

docs/docs/secretscanner/configure/output.md

@@ -10,8 +10,10 @@ SecretScanner can writes output to `stdout` it can redirected to a file for furt
 # Write output to ./tmp/node-secret-scan.json
 
 docker run -it --rm --name=deepfence_secret_scanner \
+    -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+    -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
     -v /var/run/docker.sock:/var/run/docker.sock \
-    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 \
+    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
     --image-name node:latest \
 # highlight-next-line
     --output json > ./tmp/node-secret-scan.json

docs/docs/secretscanner/quickstart.md

@@ -9,7 +9,14 @@ Pull the latest SecretScanner image, and use it to scan a `node:latest` containe
 ## Pull the latest SecretScanner image
 
 ```bash
-docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0
+docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0
+```
+
+## Generate License Key
+
+Run this command to generate a license key. Work/official email id has to be used.
+```shell
+curl https://license.deepfence.io/threatmapper/generate-license?first_name=<FIRST_NAME>&last_name=<LAST_NAME>&email=<EMAIL>&company=<ORGANIZATION_NAME>&resend_email=true
 ```
 
 ## Scan a Container Image
@@ -20,21 +27,38 @@ Pull an image to your local repository, then scan it
 docker pull node:latest
 
 docker run -i --rm --name=deepfence-secretscanner \
+    -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+    -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
 	-v /var/run/docker.sock:/var/run/docker.sock \
-	quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 \
+	quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
 	-image-name node:latest
 
 docker rmi node:latest
 ```
 
+Rules can also be cached to use next run by mounting a seperate path and passing `rules-path` argument
+```shell
+docker run -i --rm --name=deepfence-yarahunter \
+     -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+     -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
+     -v /var/run/docker.sock:/var/run/docker.sock \
+     -v /tmp/rules:/tmp/rules \
+     quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
+     --image-name node:8.11 \
+     --rules-path=/tmp/rules \
+     --output json > node.json
+```
+
 ## Process the results with jq
 
 You can summarise the results by processing the JSON output, e.g. using `jq`:
 
 ```bash
 docker run -i --rm --name=deepfence-secretscanner \
+    -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+    -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
     -v /var/run/docker.sock:/var/run/docker.sock \
-    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 \
+    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
     --image-name node:latest \
     --output json > /tmp/node-secret-scan.json
 

docs/docs/secretscanner/using/build.md

@@ -8,11 +8,11 @@ SecretScanner is a self-contained docker-based tool. Clone the [SecretScanner re
 
 ```bash
 ./bootstrap.sh
-docker build --rm=true --tag=quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 -f Dockerfile .
+docker build --rm=true --tag=quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 -f Dockerfile .
 ```
 
-Alternatively, you can pull the official Deepfence image at `quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0`:
+Alternatively, you can pull the official Deepfence image at `quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0`:
 
 ```bash
-docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0
+docker pull quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0
 ```

docs/docs/secretscanner/using/scan.md

@@ -14,8 +14,10 @@ Pull the image to your local repository, then scan it
 docker pull node:latest
 
 docker run -it --rm --name=deepfence-secretscanner \
+    -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+    -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
     -v /var/run/docker.sock:/var/run/docker.sock \
-    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 \
+    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
 # highlight-next-line
     --image-name node:latest
 
@@ -28,9 +30,11 @@ Mount the filesystem within the SecretScanner container and scan it.  Here, we s
 
 ```bash
 docker run -it --rm --name=deepfence-secretscanner \
+    -e DEEPFENCE_PRODUCT=<ThreatMapper or ThreatStryker> \
+    -e DEEPFENCE_LICENSE=<ThreatMapper or ThreatStryker license key> \
 # highlight-next-line
     -v /tmp:/deepfence/mnt \
-    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.3.0 \
+    quay.io/deepfenceio/deepfence_secret_scanner_ce:2.5.0 \
 # highlight-next-line
     --host-mount-path /deepfence/mnt --local /deepfence/mnt 
 ```

docs/docs/secretscanner/using/standalone.md

@@ -17,12 +17,12 @@ These instructions are out-of-date and need refreshed
 ## Build Instructions
 
 1. Run bootstrap.sh
-1. Install Docker
-1. Install Hyperscan
-1. Install go for your platform (version 1.14)
-1. Install go modules, if needed: `gohs`, `yaml.v3` and `color`
-1. `go get github.com/deepfence/SecretScanner` will download and build SecretScanner automatically in `$GOPATH/bin` or `$HOME/go/bin` directory. Or, clone this repository and run `go build -v -i` to build the executable in the current directory.
-1. Edit config.yaml file as needed and run the secret scanner with the appropriate config file directory.
+2. Install Docker
+3. Install Hyperscan
+4. Install go for your platform (version 1.14)
+5. Install go modules, if needed: `gohs`, `yaml.v3` and `color`
+6. `go get github.com/deepfence/SecretScanner` will download and build SecretScanner automatically in `$GOPATH/bin` or `$HOME/go/bin` directory. Or, clone this repository and run `go build -v -i` to build the executable in the current directory.
+7. Edit config.yaml file as needed and run the secret scanner with the appropriate config file directory.
 
 Refer to the [Install file](https://github.com/deepfence/SecretScanner/blob/master/Install.Ubuntu) for instructions on how to build on an ubuntu system.
 

docs/sidebars.js

@@ -30,8 +30,7 @@ const sidebars = {
       items: [
         'secretscanner/using/build',
         'secretscanner/using/scan',
-        'secretscanner/using/standalone',
-        'secretscanner/using/grpc',
+        'secretscanner/using/standalone'
       ]
     },