diff --git a/pkg/detectors/artifactory/artifactory_integration_test.go b/pkg/detectors/artifactory/artifactory_integration_test.go index a06a77828b3f..78813d5df3c1 100644 --- a/pkg/detectors/artifactory/artifactory_integration_test.go +++ b/pkg/detectors/artifactory/artifactory_integration_test.go @@ -7,6 +7,7 @@ import ( "context" "fmt" "testing" + "time" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" @@ -96,6 +97,33 @@ func TestArtifactory_FromChunk(t *testing.T) { } } +func TestArtifactory_FromChunk_WithCustomEndpoint(t *testing.T) { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + mockSecret := "AKCp5bueTFpfypEqQbGJPp7eHFi28fBivfWczrjbPb9erDff9LbXZbj6UsRExVXA8asWGc9fM" + appURL := "trufflesecurity.com" + + s := Scanner{} + s.UseFoundEndpoints(true) + err := s.SetConfiguredEndpoints(appURL) + if err != nil { + t.Fatal("Error in setting configured endpoint") + } + data := []byte(fmt.Sprintf("You can find a artifactory secret %s ", mockSecret)) + + got, err := s.FromData(ctx, true, data) + if err != nil { + t.Fatalf("unexpected error from FromData: %v", err) + } + if len(got) == 0 { + t.Fatal("expected at least one result from FromData, got 0") + } + expectedRawV2 := []byte(mockSecret + appURL) + if string(got[0].RawV2) != string(expectedRawV2) { + t.Errorf("Artifactory.FromData() rawV2 secret mismatch: got %s, want %s", string(got[0].RawV2), string(expectedRawV2)) + } +} + func BenchmarkFromData(benchmark *testing.B) { ctx := context.Background() s := Scanner{} diff --git a/pkg/detectors/artifactory/artifactory_test.go b/pkg/detectors/artifactory/artifactory_test.go index 6c9eed790353..e3dced4ae879 100644 --- a/pkg/detectors/artifactory/artifactory_test.go +++ b/pkg/detectors/artifactory/artifactory_test.go @@ -190,3 +190,22 @@ func TestArtifactory_Pattern(t *testing.T) { }) } } + +func TestArtifactory_Endpoint_Contains_CustomEndpoint(t *testing.T) { + appURL := "example.com" + s := Scanner{} + s.UseFoundEndpoints(true) + err := s.SetConfiguredEndpoints(appURL) + if err != nil { + t.Fatal("Error in setting configured endpoint") + } + configuredEndpoints := s.Endpoints() + if len(configuredEndpoints) == 0 { + t.Fatal("No Confiured endpoint found") + } + for _, ep := range configuredEndpoints { + if ep != appURL { + t.Fatalf("expected endpoint %s to be present in endpoints list, got %s", appURL, ep) + } + } +} diff --git a/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_integration_test.go b/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_integration_test.go index 2bb1daa226b7..675bd8460ca4 100644 --- a/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_integration_test.go +++ b/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_integration_test.go @@ -6,6 +6,7 @@ package artifactoryreferencetoken import ( "context" "fmt" + "strings" "testing" "time" @@ -148,6 +149,57 @@ func TestArtifactoryreferencetoken_FromChunk(t *testing.T) { } } +func TestArtifactoryreferencetoken_FromChunk_WithCustomEndpoint(t *testing.T) { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors6") + if err != nil { + t.Fatalf("could not get test secrets from GCP: %s", err) + } + + instanceURL := testSecrets.MustGetField("ARTIFACTORY_URL") + secret := testSecrets.MustGetField("ARTIFACTORYREFERENCETOKEN") + + s := Scanner{} + s.UseFoundEndpoints(true) + err = s.SetConfiguredEndpoints(instanceURL) + if err != nil { + t.Fatal("Error in setting configured endpoint") + } + data := []byte(fmt.Sprintf("You can find a artifactory secret %s ", secret)) + want := []detectors.Result{ + { + DetectorType: detectorspb.DetectorType_ArtifactoryReferenceToken, + Verified: true, + RawV2: []byte(secret + strings.TrimPrefix(instanceURL, "https://")), + }, + } + got, err := s.FromData(ctx, true, data) + if err != nil { + t.Fatalf("unexpected error from FromData: %v", err) + } + if len(got) == 0 { + t.Fatal("expected at least one result from FromData, got 0") + } + if len(got) != len(want) { + t.Fatalf("expected %d results", len(want)) + } + for i := range got { + if len(got[i].RawV2) == 0 { + t.Fatalf("no raw secret present: \n %+v", got[i]) + } + if string(got[i].RawV2) != string(want[i].RawV2) { + t.Fatalf("expected rawV2 to be %s, got %s", string(want[i].RawV2), string(got[i].RawV2)) + } + } + + ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "RawV2", "verificationError", "primarySecret", "AnalysisInfo") + if diff := cmp.Diff(got, want, ignoreOpts); diff != "" { + t.Errorf("Artifactoryreferencetoken.FromData() diff: (-got +want)\n%s", diff) + } + +} + func BenchmarkFromData(benchmark *testing.B) { ctx := context.Background() s := Scanner{} diff --git a/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_test.go b/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_test.go index 39be5e0fabb8..ea80471cd2f1 100644 --- a/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_test.go +++ b/pkg/detectors/artifactoryreferencetoken/artifactoryreferencetoken_test.go @@ -204,3 +204,22 @@ func TestArtifactoryReferenceToken_Pattern(t *testing.T) { }) } } + +func TestArtifactoryreferencetoken_Endpoint_Contains_CustomEndpoint(t *testing.T) { + appURL := "example.com" + s := Scanner{} + s.UseFoundEndpoints(true) + err := s.SetConfiguredEndpoints(appURL) + if err != nil { + t.Fatal("Error in setting configured endpoint") + } + configuredEndpoints := s.Endpoints() + if len(configuredEndpoints) == 0 { + t.Fatal("No Confiured endpoint found") + } + for _, ep := range configuredEndpoints { + if ep != appURL { + t.Fatalf("expected endpoint %s to be present in endpoints list, got %s", appURL, ep) + } + } +}