Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added Pattern test cases for detectors #3354

Merged

Conversation

kashifkhan0771
Copy link
Contributor

@kashifkhan0771 kashifkhan0771 commented Oct 1, 2024

Description:

This PR adds pattern test cases for some detectors. It also fix some regex of detectors.

To Test all Pattern Test Cases, run following command:

go test ./pkg/detectors/... -run "^*Pattern$"

Output:
pattern_tests

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
)

func TestAgora_Pattern(t *testing.T) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: Agora detector key and secret have same pattern and because of that it actually picks same string twice. Is it expected or we need to add some logic to handle this. You can see in test cases that the want is actually a duplicate string.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kashifkhan0771 great catch. Because having a secret and key as the same string should be impossible, we should include some logic to detect if secret==key and skip that case.

@kashifkhan0771
Copy link
Contributor Author

kashifkhan0771 commented Oct 1, 2024

adafruitio detector is not letting me add a Pattern test cases. It says cannot push secrets (Even though these are just placeholders for testing not real secrets) 🥲. Any ideas?

@rgmz
Copy link
Contributor

rgmz commented Oct 1, 2024

@kashifkhan0771 I'd recommend using #3274 as a base. Right now these tests don't run unless the -detectors flag is specified.

@kashifkhan0771
Copy link
Contributor Author

kashifkhan0771 commented Oct 1, 2024

@kashifkhan0771 I'd recommend using #3274 as a base. Right now these tests don't run unless the -detectors flag is specified.

Thanks @rgmz - That is a good approach. I'll use that as a base and structure these unit test cases accordingly.

@kashifkhan0771 kashifkhan0771 force-pushed the enhancement/pattern-test-cases branch from 0f123db to 255e990 Compare October 1, 2024 15:04
@CLAassistant
Copy link

CLAassistant commented Oct 1, 2024

CLA assistant check
All committers have signed the CLA.

@kashifkhan0771 kashifkhan0771 force-pushed the enhancement/pattern-test-cases branch from 255e990 to 2c60c1c Compare October 1, 2024 15:10
@kashifkhan0771 kashifkhan0771 force-pushed the enhancement/pattern-test-cases branch from 2c60c1c to 9439442 Compare October 1, 2024 15:27
@kashifkhan0771
Copy link
Contributor Author

@rgmz I made the changes according to your PR but I kept the base branch same.

@rgmz
Copy link
Contributor

rgmz commented Oct 1, 2024

Yes, sorry I meant "based on" not "as the PR merge base".

@@ -21,7 +21,7 @@ var (
client = common.SaneHttpClient()

// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"airship"}) + `\b([0-9Aa-zA-Z]{91})\b`)
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"airship"}) + `\b([0-9a-zA-Z]{91})\b`)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed the regex for airship detector 🕵🏻‍♂️

@@ -24,7 +24,7 @@ var (

// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"alegra"}) + `\b([a-z0-9-]{20})\b`)
idPat = regexp.MustCompile(detectors.PrefixRegex([]string{"alegra"}) + `\b([a-zA-Z0-9.-@]{25,30})\b`)
idPat = regexp.MustCompile(detectors.PrefixRegex([]string{"alegra"}) + `\b([a-zA-Z0-9\.\-\@]{25,30})\b`)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The old regex was not accepting special character - because we were not escaping special characters. Fixed it and added a test case for it as well

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's typically safest to put - at the end for this reason. It's an insidious bug.
https://web.archive.org/web/20240525200717/https://pboyd.io/posts/comma-dash-dot/

@kashifkhan0771 kashifkhan0771 marked this pull request as ready for review October 2, 2024 07:39
@kashifkhan0771 kashifkhan0771 changed the title Added Pattern test cases for detectors [WIP] Added Pattern test cases for detectors Oct 2, 2024
Copy link
Collaborator

@ahrav ahrav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm 👍 Looks great!

@ahrav ahrav merged commit a4cc5f7 into trufflesecurity:main Oct 2, 2024
12 checks passed
abmussani added a commit to abmussani/trufflehog that referenced this pull request Oct 9, 2024
* main: (79 commits)
  Log skipped files on debug level (trufflesecurity#3383)
  build: update retracted bluemonday ver (trufflesecurity#3369)
  Fix git binary handling and add a smoke test (trufflesecurity#3379)
  fix(deps): update module google.golang.org/protobuf to v1.35.1 (trufflesecurity#3382)
  Added Cisco Meraki API Key detector (trufflesecurity#3367)
  improved the agora detector (trufflesecurity#3360)
  fix(deps): update module github.com/xanzy/go-gitlab to v0.110.0 (trufflesecurity#3376)
  fix(deps): update golang.org/x/exp digest to 225e2ab (trufflesecurity#3371)
  fix(deps): update module golang.org/x/net to v0.30.0 (trufflesecurity#3373)
  fix(deps): update module golang.org/x/crypto to v0.28.0 (trufflesecurity#3372)
  chore(deps): update sigstore/cosign-installer action to v3.7.0 (trufflesecurity#3368)
  fix(deps): update module cloud.google.com/go/storage to v1.44.0 (trufflesecurity#3366)
  fix(deps): update module github.com/schollz/progressbar/v3 to v3.16.1 (trufflesecurity#3365)
  [refactor] - Decouple Metrics From Cache Implementation (trufflesecurity#3355)
  fix(deps): update module github.com/snowflakedb/gosnowflake to v1.11.2 (trufflesecurity#3363)
  Updated Cosign Install URL (trufflesecurity#3364)
  fix(deps): update module github.com/jedib0t/go-pretty/v6 to v6.6.0 (trufflesecurity#3361)
  Added Pattern test cases for detectors (trufflesecurity#3354)
  remove size check (trufflesecurity#3351)
  fix(deps): update module go.mongodb.org/mongo-driver to v1.17.1 (trufflesecurity#3357)
  ...

# Conflicts:
#	go.sum
@kashifkhan0771 kashifkhan0771 deleted the enhancement/pattern-test-cases branch December 3, 2024 05:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

5 participants