initial support for bare repositories #1499
Conversation
|
|
savely-krasovsky
force-pushed
the
bare-repositories-support
branch
from
a8479e9
to
5ca9544
Compare
|
go-git changes also under review currently: go-git/go-git#812 |
|
Adding Draft label until the issue with go-git has been resolved |
zricethezav
changed the title
…f os.Environ Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
|
@zricethezav go-git team has merged my fix. In my opinion gitparse_test.go has not full .git repository tests. We need fixtures with usual and bare repos to test against them. |
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
|
Oh, go-git team have just released v5.8.0 with my fix, merged changes to |
|
I just merged go-git v5.8.1 into TruffleHog @L11R |
|
@dustin-decker nice! Can someone from your team review it again? I fixed issues with doc and dependencies. |
zricethezav
changed the title
zricethezav
added
pkg/engine
There was a problem hiding this comment.
Thanks for the improvement! I spot-tested the changes locally and it didn't scan the bare repository. Did I do something wrong?
» git clone --bare https://github.com/trufflesecurity/test_keys /tmp/test_keys.git
Cloning into bare repository '/tmp/test_keys.git'...
remote: Enumerating objects: 13, done.
remote: Counting objects: 100% (4/4), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 13 (delta 0), reused 0 (delta 0), pack-reused 9
Receiving objects: 100% (13/13), done.
» ./trufflehog --no-update git --bare file:///tmp/test_keys.git
🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷
2023-08-03T08:55:14-05:00 info-0 trufflehog finished scanning {"chunks": 0, "bytes": 0, "verified_secrets": 0, "unverified_secrets": 0}
Additionally, I had to update pkg/engine/git.go as the automatic merge caused a Go compilation error.
|
@mcastorina I guess the problem relates to recent git scan refactoring. Will research |
…rk with the latest master Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
|
@mcastorina I've prepared a new patch, now it should work again. It was definitively after merging this: #1518 |
Signed-off-by: Savely Krasovsky <savely@krasovs.ky>
This PR adds support for bare repositories. It's especially useful to use with pre-receive hooks. Currently it's a draft, at least because go-git has a bug in upstream which doesn't allow to scan incoming commits in pre-receive hooks.