def process_issues(
ctx: click.Context,
result: Tuple[str, scanner.ScannerBase],
**kwargs: config.OptionTypes,
):
repo_path, scan = result
options = types.GlobalOptions(**kwargs) # type: ignore
now = datetime.now().isoformat("T", "microseconds")
output_dir = None
if options.output_dir:
if platform.system().lower() == "windows": # pragma: no cover
# Make sure we aren't using illegal characters for Windows folder names
now = now.replace(":", "")
output_dir = pathlib.Path(
options.output_dir) / f"tartufo-scan-results-{now}"
output_dir.mkdir(parents=True)
util.echo_result(options, scan, repo_path, output_dir)
if output_dir:
util.write_outputs(scan.issues, output_dir)
if not options.json:
click.echo(f"Results have been saved in {output_dir}")
if scan.issues:
ctx.exit(1)
ctx.exit(0)
def main(ctx: click.Context, **kwargs: config.OptionTypes) -> None:
"""Find secrets hidden in the depths of git.
Tartufo will, by default, scan the entire history of a git repository
for any text which looks like a secret, password, credential, etc. It can
also be made to work in pre-commit mode, for scanning blobs of text as a
pre-commit hook.
"""
options = types.GlobalOptions(**kwargs) # type: ignore
ctx.obj = options
def main(ctx: click.Context, **kwargs: config.OptionTypes) -> None:
"""Find secrets hidden in the depths of git.
Tartufo will, by default, scan the entire history of a git repository
for any text which looks like a secret, password, credential, etc. It can
also be made to work in pre-commit mode, for scanning blobs of text as a
pre-commit hook.
"""
options = types.GlobalOptions(**kwargs) # type: ignore
ctx.obj = options
if options.quiet and options.verbose > 0:
raise click.BadParameter(
"-v/--verbose and -q/--quiet are mutually exclusive.")
def main(ctx: click.Context, **kwargs: config.OptionTypes) -> None:
"""Find secrets hidden in the depths of git.
Tartufo will, by default, scan the entire history of a git repository
for any text which looks like a secret, password, credential, etc. It can
also be made to work in pre-commit mode, for scanning blobs of text as a
pre-commit hook.
"""
options = types.GlobalOptions(**kwargs) # type: ignore
ctx.obj = options
if options.quiet and options.verbose > 0:
raise click.BadParameter(
"-v/--verbose and -q/--quiet are mutually exclusive.")
logger = logging.getLogger()
git_logger = logging.getLogger("git")
# Make sure we don't exceed the maximum log level
if options.verbose > 3:
excess_verbosity = options.verbose - 3
options.verbose = 3
if excess_verbosity > 3:
excess_verbosity = 3
else:
excess_verbosity = 0
# Log warnings by default, unless quiet
default_level = 1 if not options.quiet else 0
# Translate the number of "verbose" arguments, to an actual logging level
level_name = types.LogLevel(max(options.verbose, default_level)).name
logger.setLevel(getattr(logging, level_name))
# Pass any excess verbosity down to the git logger, for extreme debugging needs
git_logger.setLevel(getattr(logging,
types.LogLevel(excess_verbosity).name))
handler = logging.StreamHandler()
if not excess_verbosity:
# Example: [2021-02-11 10:28:08,445] [INFO] - Starting scan...
log_format = "[%(levelname)s] - %(message)s"
else:
# Also show the logger name to help differentiate messages
log_format = "[%(levelname)s] [%(name)s] - %(message)s"
if options.log_timestamps:
log_format = " ".join(["[%(asctime)s]", log_format])
handler.setFormatter(logging.Formatter(log_format))
logger.addHandler(handler)
def process_issues(
ctx: click.Context,
result: Tuple[str, List[scanner.Issue]],
**kwargs: config.OptionTypes,
):
repo_path, issues = result
options = types.GlobalOptions(**kwargs) # type: ignore
output_dir = None
if options.output_dir:
now = datetime.now().isoformat("T", "microseconds")
output_dir = pathlib.Path(
options.output_dir) / f"tartufo-scan-results-{now}"
output_dir.mkdir(parents=True)
if issues:
util.echo_issues(issues, options.json, repo_path, output_dir)
if output_dir:
util.write_outputs(issues, output_dir)
if not options.json:
click.echo(f"Results have been saved in {output_dir}")
ctx.exit(1)
ctx.exit(0)
