Skip to content

Commit

Permalink
draft: bump gitdiff, add git.Err state, better log messages (#954)
Browse files Browse the repository at this point in the history 
* bump gitdiff, add git.Err state, better log messages

* remove cmd.Start

* forgot to start...
  • Loading branch information
@zricethezav
zricethezav authored Aug 17, 2022
1 parent 1b3f10c commit b6b7cfb
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 26 deletions.
30 changes: 22 additions & 8 deletions cmd/detect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,38 +94,52 @@ func runDetect(cmd *cobra.Command, args []string) {
findings, err = detector.DetectFiles(source)
if err != nil {
// don't exit on error, just log it
log.Error().Err(err)
log.Error().Msg(err.Error())
}

} else {
logOpts, err := cmd.Flags().GetString("log-opts")
var logOpts string
logOpts, err = cmd.Flags().GetString("log-opts")
if err != nil {
log.Fatal().Err(err)
}
findings, err = detector.DetectGit(source, logOpts, detect.DetectType)
if err != nil {
// don't exit on error, just log it
log.Error().Err(err)
log.Error().Msg(err.Error())
}
}

// log info about the scan
log.Info().Msgf("scan completed in %s", time.Since(start))
if len(findings) != 0 {
log.Warn().Msgf("leaks found: %d", len(findings))
if err == nil {
log.Info().Msgf("scan completed in %s", time.Since(start))
if len(findings) != 0 {
log.Warn().Msgf("leaks found: %d", len(findings))
} else {
log.Info().Msg("no leaks found")
}
} else {
log.Info().Msg("no leaks found")
log.Warn().Msgf("partial scan completed in %s", time.Since(start))
if len(findings) != 0 {
log.Warn().Msgf("%d leaks found in partial scan", len(findings))
} else {
log.Warn().Msg("no leaks found in partial scan")
}
}

// write report if desired
reportPath, _ := cmd.Flags().GetString("report-path")
ext, _ := cmd.Flags().GetString("report-format")
if reportPath != "" {
if err = report.Write(findings, cfg, ext, reportPath); err != nil {
if err := report.Write(findings, cfg, ext, reportPath); err != nil {
log.Fatal().Err(err)
}
}

if err != nil {
os.Exit(1)
}

if len(findings) != 0 {
os.Exit(exitCode)
}
Expand Down
3 changes: 3 additions & 0 deletions detect/detect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -342,6 +342,9 @@ func (d *Detector) DetectGit(source string, logOpts string, gitScanType GitScanT
return d.findings, err
}
log.Debug().Msgf("%d commits scanned. Note: this number might be smaller than expected due to commits with no additions", len(d.commitMap))
if git.ErrEncountered {
return d.findings, fmt.Errorf("%s", "git error encountered, see logs")
}
return d.findings, nil
}

Expand Down
31 changes: 17 additions & 14 deletions detect/git/git.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ package git
import (
"bufio"
"io"
"os"
"os/exec"
"path/filepath"
"strings"
Expand All @@ -13,6 +12,8 @@ import (
"github.com/rs/zerolog/log"
)

var ErrEncountered bool

// GitLog returns a channel of gitdiff.File objects from the
// git log -p command for the given source.
func GitLog(source string, logOpts string) (<-chan *gitdiff.File, error) {
Expand All @@ -37,15 +38,16 @@ func GitLog(source string, logOpts string) (<-chan *gitdiff.File, error) {
if err != nil {
return nil, err
}

go listenForStdErr(stderr)

if err := cmd.Start(); err != nil {
return nil, err
}

go listenForStdErr(stderr)
// HACK: to avoid https://github.com/zricethezav/gitleaks/issues/722
time.Sleep(50 * time.Millisecond)

return gitdiff.Parse(stdout)
return gitdiff.Parse(cmd, stdout)
}

// GitDiff returns a channel of gitdiff.File objects from
Expand All @@ -68,22 +70,22 @@ func GitDiff(source string, staged bool) (<-chan *gitdiff.File, error) {
if err != nil {
return nil, err
}

go listenForStdErr(stderr)

if err := cmd.Start(); err != nil {
return nil, err
}

go listenForStdErr(stderr)
// HACK: to avoid https://github.com/zricethezav/gitleaks/issues/722
time.Sleep(50 * time.Millisecond)

return gitdiff.Parse(stdout)
return gitdiff.Parse(cmd, stdout)
}

// listenForStdErr listens for stderr output from git and prints it to stdout
// then exits with exit code 1
func listenForStdErr(stderr io.ReadCloser) {
scanner := bufio.NewScanner(stderr)
errEncountered := false
for scanner.Scan() {
// if git throws one of the following errors:
//
Expand All @@ -105,14 +107,15 @@ func listenForStdErr(stderr io.ReadCloser) {
"inexact rename detection was skipped") ||
strings.Contains(scanner.Text(),
"you may want to set your diff.renameLimit") {

log.Warn().Msg(scanner.Text())
} else {
log.Error().Msg(scanner.Text())
errEncountered = true
log.Error().Msgf("[git] %s", scanner.Text())

// asynchronously set this error flag to true so that we can
// capture a log message and exit with a non-zero exit code
// This value should get set before the `git` command exits so it's
// safe-ish, although I know I know, bad practice.
ErrEncountered = true
}
}
if errEncountered {
os.Exit(1)
}
}
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ go 1.17

require (
github.com/fatih/semgroup v1.2.0
github.com/gitleaks/go-gitdiff v0.7.6
github.com/gitleaks/go-gitdiff v0.8.0
github.com/h2non/filetype v1.1.3
github.com/rs/zerolog v1.26.1
github.com/spf13/cobra v1.2.1
github.com/spf13/viper v1.8.1
Expand All @@ -14,7 +15,6 @@ require (
require (
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fsnotify/fsnotify v1.4.9 // indirect
github.com/h2non/filetype v1.1.3
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/lucasjones/reggen v0.0.0-20200904144131-37ba4fa293bb
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,8 @@ github.com/fatih/semgroup v1.2.0/go.mod h1:1KAD4iIYfXjE4U13B48VM4z9QUwV5Tt8O4rS8
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/gitleaks/go-gitdiff v0.7.6 h1:atcfoNPD9erzPs9C89a+i2Y+EUmR2QKB5QHJTfB4n60=
github.com/gitleaks/go-gitdiff v0.7.6/go.mod h1:pKz0X4YzCKZs30BL+weqBIG7mx0jl4tF1uXV9ZyNvrA=
github.com/gitleaks/go-gitdiff v0.8.0 h1:7aExTZm+K/M/EQKOyYcub8rIAdWK6ONxPGuRzxmWW+0=
github.com/gitleaks/go-gitdiff v0.8.0/go.mod h1:pKz0X4YzCKZs30BL+weqBIG7mx0jl4tF1uXV9ZyNvrA=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
Expand Down

0 comments on commit b6b7cfb

Please sign in to comment.