-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
initial support for bare repositories #1499
initial support for bare repositories #1499
Conversation
a8479e9
to
5ca9544
Compare
go-git changes also under review currently: go-git/go-git#812 |
Adding Draft label until the issue with go-git has been resolved |
…f os.Environ Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
@zricethezav go-git team has merged my fix. In my opinion gitparse_test.go has not full .git repository tests. We need fixtures with usual and bare repos to test against them. |
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
Oh, go-git team have just released v5.8.0 with my fix, merged changes to |
I just merged go-git v5.8.1 into TruffleHog @L11R |
@dustin-decker nice! Can someone from your team review it again? I fixed issues with doc and dependencies. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the improvement! I spot-tested the changes locally and it didn't scan the bare repository. Did I do something wrong?
» git clone --bare https://github.com/trufflesecurity/test_keys /tmp/test_keys.git
Cloning into bare repository '/tmp/test_keys.git'...
remote: Enumerating objects: 13, done.
remote: Counting objects: 100% (4/4), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 13 (delta 0), reused 0 (delta 0), pack-reused 9
Receiving objects: 100% (13/13), done.
» ./trufflehog --no-update git --bare file:///tmp/test_keys.git
🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷
2023-08-03T08:55:14-05:00 info-0 trufflehog finished scanning {"chunks": 0, "bytes": 0, "verified_secrets": 0, "unverified_secrets": 0}
Additionally, I had to update pkg/engine/git.go
as the automatic merge caused a Go compilation error.
@mcastorina I guess the problem relates to recent git scan refactoring. Will research |
…rk with the latest master Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
@mcastorina I've prepared a new patch, now it should work again. It was definitively after merging this: #1518 |
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, nice work!
This PR adds support for bare repositories. It's especially useful to use with pre-receive hooks. Currently it's a draft, at least because go-git has a bug in upstream which doesn't allow to scan incoming commits in pre-receive hooks.