feat: Add support for using Squealer as a library

Signed-off-by: Owen Rumney <owen@owenrumney.co.uk>
owenrumney · Apr 22, 2022 · 0a3c92b · 0a3c92b
1 parent b215911
commit 0a3c92b
Show file tree

Hide file tree

Showing 1,083 changed files with 269 additions and 365,695 deletions.
diff --git a/squealer.png → .github/images/squealer.png b/squealer.png → .github/images/squealer.png
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -4,7 +4,7 @@ on:
     branches:
       - master
   pull_request:
-  
+
 jobs:
   build:
     name: building squealer
@@ -16,9 +16,11 @@ jobs:
     - uses: actions/setup-go@v2
       with:
         stable: 'false'
-        go-version: '1.16.2' # The Go version to download (if necessary) and use.
+        go-version: '1.17.0' # The Go version to download (if necessary) and use.
     - run: go version
 
     - name: Run test
       run: make test
-
+
+    - name: Check quality
+      run: make quality
diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml
@@ -15,7 +15,7 @@ jobs:
     - uses: actions/setup-go@v2
       with:
         stable: 'false'
-        go-version: '1.16.2' # The Go version to download (if necessary) and use.
+        go-version: '1.17.0' # The Go version to download (if necessary) and use.
     - run: go version
 
     - name: Login to Docker Hub

diff --git a/Makefile b/Makefile
@@ -14,5 +14,11 @@ test:
 push-image:
 	./scripts/publish-image.sh
 
+.PHONY: image
 image:
-	docker build --build-arg squealer_version=$(TRAVIS_TAG) -t $(IMAGE) .
+	docker build --build-arg squealer_version=$(TRAVIS_TAG) -t $(IMAGE) .
+
+.PHONY: quality
+quality:
+	which golangci-lint || go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.43.0
+	golangci-lint run --timeout 3m --verbose
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-![Sqealer](squealer.png)
+![Squealer](.github/image/ssquealer.png)
 
 # Squealer
 
@@ -164,9 +164,52 @@ Squealer can be used for scanning a specific string using either the default con
 go get -u github.com/owenrumney/squealer
 ```
 
-### Using the code
+### Using as a library
+
+#### Git and Directory Scanning
+
+```go
+package main
+
+import (
+	"fmt"
+	
+	"github.com/owenrumney/squealer/pkg/squealer"
+)
+
+func main() {
+
+	// create a new scanner (optionally load your own config in)
+	scanner, err :=  squealer.New(
+		squealer.OptionWithConfig(*cfg), // if not supplied , config.DefaultConfig() used
+		squealer.OptionRedactedSecrets(redacted), // defaults to true, secrets in output redacted
+		squealer.OptionNoGitScan(noGit), // Treat Directories with .git in them as Directories, defaults to false
+		squealer.OptionWithBasePath(basePath), // The path to scan, default is '.'
+		squealer.OptionWithFromHash(fromHash), // Specify the starting hash for the scan, useful for PRs
+		squealer.OptionWithToHash(toHash), // Specify the hash to stop scanning, useful for PRs scanning
+		squealer.OptionWithScanEverything(everything), // Scan everything in every branch, defaults to only the current branch
+		squealer.OptionWithCommitListFile(commitListFile), // a file of commits that you want to explicitly scan in a text file.
+	)
+
+	transgressions, err := scanner.Scan()
+	if err != nil {
+		panic(err)
+	}
+	
+	for _, t := range transgressions {
+		fmt.Printf("%s[%d]\n", t.Filename, t.LineNo)
+    }
+}
+
+
+```
+
+#### String Scanning
+
+
+```go
+package main
 
-```golang
 import (
 	"fmt"
 

diff --git a/go.mod b/go.mod
@@ -1,18 +1,39 @@
 module github.com/owenrumney/squealer
 
-go 1.16
+go 1.17
 
 require (
 	github.com/go-git/go-git/v5 v5.4.2
-	github.com/google/go-cmp v0.5.6 // indirect
 	github.com/owenrumney/go-sarif v1.1.1
 	github.com/sirupsen/logrus v1.8.1
 	github.com/spf13/cobra v1.4.0
 	github.com/stretchr/testify v1.7.1
+	gopkg.in/yaml.v2 v2.4.0
+)
+
+require (
+	github.com/Microsoft/go-winio v0.4.16 // indirect
+	github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 // indirect
+	github.com/acomagu/bufpipe v1.0.3 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emirpasic/gods v1.12.0 // indirect
+	github.com/go-git/gcfg v1.5.0 // indirect
+	github.com/go-git/go-billy/v5 v5.3.1 // indirect
+	github.com/google/go-cmp v0.5.6 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/sergi/go-diff v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/xanzy/ssh-agent v0.3.0 // indirect
+	github.com/zclconf/go-cty v1.10.0 // indirect
 	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
 	golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d // indirect
 	golang.org/x/sys v0.0.0-20211205182925-97ca703d548d // indirect
 	golang.org/x/text v0.3.7 // indirect
-	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )
diff --git a/internal/app/squealer/cmd/root.go b/internal/app/squealer/cmd/root.go
@@ -5,12 +5,13 @@ import (
 	"math"
 	"os"
 
+	"github.com/owenrumney/squealer/pkg/squealer"
+
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
 	"github.com/owenrumney/squealer/internal/pkg/formatters"
-	"github.com/owenrumney/squealer/internal/pkg/mertics"
-	"github.com/owenrumney/squealer/internal/pkg/scan"
+	"github.com/owenrumney/squealer/internal/pkg/metrics"
 	"github.com/owenrumney/squealer/pkg/config"
 )
 
@@ -34,11 +35,11 @@ func Root() *cobra.Command {
 		Long:  `Telling tales on your secret leaking`,
 		RunE:  squeal,
 	}
+	configureFlags(rootCommand)
 	return rootCommand
 }
 
 func init() {
-
 	log.SetFormatter(&log.TextFormatter{})
 	log.SetOutput(os.Stderr)
 	log.SetLevel(log.InfoLevel)
@@ -90,7 +91,7 @@ func squeal(_ *cobra.Command, args []string) error {
 		log.WithError(err).Error(err.Error())
 	}
 
-	fmt.Printf(output)
+	fmt.Println(output)
 
 	metrics := scanner.GetMetrics()
 	if !concise {
@@ -102,24 +103,21 @@ func squeal(_ *cobra.Command, args []string) error {
 	return nil
 }
 
-func getScanner(cfg *config.Config, basePath string) (scan.Scanner, error) {
-	scanner, err := scan.NewScanner(scan.ScannerConfig{
-		Cfg:            cfg,
-		Basepath:       basePath,
-		Redacted:       redacted,
-		NoGit:          noGit,
-		FromHash:       fromHash,
-		ToHash:         toHash,
-		Everything:     everything,
-		CommitListFile: commitListFile,
-	})
-	if err != nil {
-		return nil, err
-	}
-	return scanner, nil
+func getScanner(cfg *config.Config, basePath string) (squealer.Scanner, error) {
+	scanner, err := squealer.New(
+		squealer.OptionWithConfig(*cfg),
+		squealer.OptionRedactedSecrets(redacted),
+		squealer.OptionNoGitScan(noGit),
+		squealer.OptionWithBasePath(basePath),
+		squealer.OptionWithFromHash(fromHash),
+		squealer.OptionWithToHash(toHash),
+		squealer.OptionWithScanEverything(everything),
+		squealer.OptionWithCommitListFile(commitListFile),
+	)
+	return *scanner, err
 }
 
-func printMetrics(metrics *mertics.Metrics) string {
+func printMetrics(metrics *metrics.Metrics) string {
 	duration, _ := metrics.Duration()
 	return fmt.Sprintf(`
 Processing:

diff --git a/internal/pkg/match/matchers.go b/internal/pkg/match/matchers.go
@@ -10,7 +10,7 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/object"
 	log "github.com/sirupsen/logrus"
 
-	"github.com/owenrumney/squealer/internal/pkg/mertics"
+	"github.com/owenrumney/squealer/internal/pkg/metrics"
 	"github.com/owenrumney/squealer/pkg/config"
 	"github.com/owenrumney/squealer/pkg/result"
 )
@@ -27,11 +27,11 @@ type MatcherController struct {
 	matchers       Matchers
 	exclusions     []config.RuleException
 	transgressions *transgressionMap
-	metrics        *mertics.Metrics
+	metrics        *metrics.Metrics
 	redacted       bool
 }
 
-func NewMatcherController(cfg *config.Config, metrics *mertics.Metrics, redacted bool) *MatcherController {
+func NewMatcherController(cfg *config.Config, metrics *metrics.Metrics, redacted bool) *MatcherController {
 	mc := &MatcherController{
 		matchers:       []*Matcher{},
 		transgressions: newTransgressions(),
@@ -90,6 +90,10 @@ func (mc *MatcherController) Evaluate(filename, content string, commit *object.C
 
 func (mc *MatcherController) EvaluateString(content string) result.StringScanResult {
 	for _, matcher := range mc.matchers {
+		if matcher.fileFilter != nil {
+			// only match transgressions where the file is valid
+			continue
+		}
 		if matcher.test.MatchString(content) {
 			return result.NewTransgressionResult(matcher.description)
 		}

diff --git a/internal/pkg/mertics/metrics.go → internal/pkg/metrics/metrics.go b/internal/pkg/mertics/metrics.go → internal/pkg/metrics/metrics.go
@@ -1,4 +1,4 @@
-package mertics
+package metrics
 
 import (
 	"fmt"

diff --git a/internal/pkg/mertics/metrics_test.go → internal/pkg/metrics/metrics_test.go b/internal/pkg/mertics/metrics_test.go → internal/pkg/metrics/metrics_test.go
@@ -1,4 +1,4 @@
-package mertics
+package metrics
 
 import (
 	"github.com/stretchr/testify/assert"

diff --git a/internal/pkg/scan/directory_scanner.go b/internal/pkg/scan/directory_scanner.go
@@ -6,12 +6,12 @@ import (
 	"path/filepath"
 
 	"github.com/owenrumney/squealer/internal/pkg/match"
-	"github.com/owenrumney/squealer/internal/pkg/mertics"
+	"github.com/owenrumney/squealer/internal/pkg/metrics"
 )
 
 type directoryScanner struct {
 	mc               match.MatcherController
-	metrics          *mertics.Metrics
+	metrics          *metrics.Metrics
 	workingDirectory string
 	ignorePaths      []string
 	ignoreExtensions []string
@@ -25,7 +25,7 @@ func newDirectoryScanner(sc ScannerConfig) (*directoryScanner, error) {
 	if _, err := os.Stat(sc.Basepath); err != nil {
 		return nil, err
 	}
-	metrics := mertics.NewMetrics()
+	metrics := metrics.NewMetrics()
 	mc := match.NewMatcherController(sc.Cfg, metrics, sc.Redacted)
 	scanner := &directoryScanner{
 		mc:               *mc,
@@ -53,6 +53,6 @@ func (d directoryScanner) Scan() ([]match.Transgression, error) {
 	})
 }
 
-func (d directoryScanner) GetMetrics() *mertics.Metrics {
+func (d directoryScanner) GetMetrics() *metrics.Metrics {
 	return d.metrics
 }
diff --git a/internal/pkg/scan/git_scanner.go b/internal/pkg/scan/git_scanner.go
@@ -12,7 +12,7 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/owenrumney/squealer/internal/pkg/match"
-	"github.com/owenrumney/squealer/internal/pkg/mertics"
+	"github.com/owenrumney/squealer/internal/pkg/metrics"
 )
 
 type CommitFile struct {
@@ -23,7 +23,7 @@ type CommitFile struct {
 
 type gitScanner struct {
 	mc               match.MatcherController
-	metrics          *mertics.Metrics
+	metrics          *metrics.Metrics
 	workingDirectory string
 	ignorePaths      []string
 	fromHash         plumbing.Hash
@@ -43,7 +43,7 @@ func newGitScanner(sc ScannerConfig) (*gitScanner, error) {
 	if _, err := os.Stat(sc.Basepath); err != nil {
 		return nil, err
 	}
-	metrics := mertics.NewMetrics()
+	metrics := metrics.NewMetrics()
 	mc := match.NewMatcherController(sc.Cfg, metrics, sc.Redacted)
 
 	scanner := &gitScanner{
@@ -110,7 +110,7 @@ func (s *gitScanner) Scan() ([]match.Transgression, error) {
 		}()
 	}
 
-	s.monitorSignals(processes, wg)
+	s.monitorSignals(processes, &wg)
 
 	commit, err := commits.Next()
 	for err == nil && commit != nil {
@@ -230,7 +230,7 @@ func (s *gitScanner) processFile(cf CommitFile) error {
 	return err
 }
 
-func (s *gitScanner) GetMetrics() *mertics.Metrics {
+func (s *gitScanner) GetMetrics() *metrics.Metrics {
 	return s.metrics
 }
 

diff --git a/internal/pkg/scan/scanner.go b/internal/pkg/scan/scanner.go
@@ -9,7 +9,7 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/owenrumney/squealer/internal/pkg/match"
-	"github.com/owenrumney/squealer/internal/pkg/mertics"
+	"github.com/owenrumney/squealer/internal/pkg/metrics"
 	"github.com/owenrumney/squealer/pkg/config"
 )
 
@@ -34,7 +34,7 @@ type ScannerConfig struct {
 
 type Scanner interface {
 	Scan() ([]match.Transgression, error)
-	GetMetrics() *mertics.Metrics
+	GetMetrics() *metrics.Metrics
 	GetType() ScannerType
 }