def test_load_config_with_args(config: Config, datadir: str):
branch = "2.0"
since_commit = "123"
skip_strings = [".*test_secret.*", "test_password = .*"]
skip_paths = []
max_depth = 10
args = [
"",
".",
"--branch",
branch,
"--since-commit",
since_commit,
"--skip-strings",
*skip_strings,
"--skip-paths",
*skip_paths,
"--max-depth",
str(max_depth),
"--no-regex",
]
config.update(
branch=branch,
since_commit=since_commit,
skip_strings=skip_strings,
skip_paths=skip_paths,
max_depth=max_depth,
no_regex=True,
)
config_path = os.path.join(datadir, config_yaml)
with patch.object(sys, "argv", args):
assert cli._load_config(config_path) == config
def run(config: argparse.Namespace) -> List[Issue]:
log.setLevel(logging.ERROR - config.verbose * 10)
rules = utils.load(config.rules)
issues: List[Issue] = []
source_dir = config.source[0]
config_obj = Config()
config_obj.update(**config.__dict__)
with TemporaryDirectory() as tmp:
cli.copy(source_dir, tmp)
issues.extend(cli.scan(tmp, config_obj, rules))
return issues
def test_scan(repo: Repo, rules: Rules):
path, meta = repo
config = Config()
issues = cli.scan(path, config, rules)
assert len(issues) == 4
config = Config(since_commit=meta["private_key_commit"])
issues = cli.scan(path, config, rules)
assert len(issues) == 2
config = Config(max_depth=5)
issues = cli.scan(path, config, rules)
assert len(issues) == 2
config = Config(no_history=True)
issues = cli.scan(path, config, rules)
assert len(issues) == 1
config = Config(no_current=True)
issues = cli.scan(path, config, rules)
assert len(issues) == 3
config = Config(no_entropy=True)
issues = cli.scan(path, config, rules)
assert len(issues) == 2
config = Config(no_regex=True)
issues = cli.scan(path, config, rules)
assert len(issues) == 2
def test_load_config(config: Config, datadir: str, tempdir: str):
args = ["", "."]
with patch.object(sys, "argv", args):
config1 = cli._load_config(os.path.join(datadir, config_json))
config2 = cli._load_config(os.path.join(datadir, config_yaml))
assert config1 == config2 == config
tmp = os.path.join(tempdir, "tmp.yaml")
open(tmp, "w").close()
assert cli._load_config(tmp) == Config()
def config() -> Config:
return Config(
branch="master",
since_commit="d15627104d07846ac2914a976e8e347a663bbd9b",
skip_strings=["qweqwe"],
skip_paths=[".*key.json"],
max_depth=10000,
no_regex=False,
no_entropy=False,
no_history=False,
no_current=True,
)
def test_scan_commit(repo: Repo, rules: Rules):
path, meta = repo
config = Config()
issues = cli.scan(path, config, rules)
commit = meta["high_entropy_commit"]
filtered = [i for i in issues if i["commitHash"] == commit]
assert len(filtered) == 1
issue = filtered[0]
assert issue["commit"].strip() == issue["reason"] == "High entropy"
commit = meta["private_key_commit"]
filtered = [i for i in issues if i["commitHash"] == commit]
assert len(filtered) == 1
issue = filtered[0]
assert issue["commit"].strip() == issue["reason"] == "RSA private key"
def _load_config(file: File = None) -> Config:
config = Config()
if file:
user_config = utils.load(file)
if user_config:
config.update(**user_config)
else:
log.warning(f"empty config supplied: '{_name(file)}'")
args = _get_cmdline_args(**config.raw)
config.update(**args.__dict__)
log.info(f"using config\n\n{config}")
return config
def test_search_config_with_args(config: Config, datadir: str):
max_depth = 1000
args = ["", ".", "--max-depth", str(max_depth)]
config.update(max_depth=max_depth)
with patch.object(sys, "argv", args):
assert cli._search_config(datadir) == config
def test_search_config(config: Config, datadir: str, tempdir: str):
args = ["", "."]
with patch.object(sys, "argv", args):
assert cli._search_config(datadir) == config
assert cli._search_config(tempdir) == Config()