diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..f514faa --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,28 @@ +name: ci +on: + push: + branches: + - main +jobs: + example: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Setup example + run: | + mkdir -p example/.fluentci + cp -r src example/.fluentci + cp Cargo.toml example/.fluentci + cp Cargo.lock example/.fluentci + - name: Setup Fluent CI CLI + uses: fluentci-io/setup-fluentci@v5 + with: + wasm: true + plugin: . + args: | + setup + working-directory: example + - name: Show trufflehog version + run: | + type trufflehog + trufflehog --version diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c8b241f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +target/* \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..5dc76b0 --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,396 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "anyhow" +version = "1.0.82" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f538837af36e6f6a9be0faa67f9a314f8119e4e4b5867c6ab40ed60360142519" + +[[package]] +name = "autocfg" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1fdabc7756949593fe60f30ec81974b613357de856987752631dea1e3394c80" + +[[package]] +name = "base64" +version = "0.21.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" + +[[package]] +name = "base64" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" + +[[package]] +name = "bytemuck" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d6d68c57235a3a081186990eca2867354726650f42f7516ca50c28d6281fd15" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "bytes" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9" + +[[package]] +name = "either" +version = "1.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11157ac094ffbdde99aa67b23417ebdd801842852b500e395a45a9c0aac03e4a" + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "extism-convert" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a63bfc6d371d3b51d6094fd96c4c32a084ceefece3b4f4b328f30067d29da064" +dependencies = [ + "anyhow", + "base64 0.22.0", + "bytemuck", + "extism-convert-macros", + "prost", + "rmp-serde", + "serde", + "serde_json", +] + +[[package]] +name = "extism-convert-macros" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "519ccf960500c87244bef99caf8e58222ac95bf1abb06a32f5217b4788857aa6" +dependencies = [ + "manyhow", + "proc-macro-crate", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "extism-manifest" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05c7d16695dc6b72418e23b58c943411a08264332af403ae9870997b4d495c3d" +dependencies = [ + "base64 0.22.0", + "serde", + "serde_json", +] + +[[package]] +name = "extism-pdk" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f9a87d636d30b75e697642dd4f6cff2054db5a7a5d69d6601041a76265bb681" +dependencies = [ + "anyhow", + "base64 0.21.7", + "extism-convert", + "extism-manifest", + "extism-pdk-derive", + "serde", + "serde_json", +] + +[[package]] +name = "extism-pdk-derive" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d83995c2023720a0fd5ef2a349c89c1670efb37a979228b0218705f5ddb50d4b" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "fluentci-pdk" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d8004273f0e173b96811a72cb742fc9010fc54fec89c59c2c4e7e159fc2bde7" +dependencies = [ + "extism-pdk", + "fluentci-types", + "serde", +] + +[[package]] +name = "fluentci-types" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7592ba0dd1c48f06166fa485af48c8df942e7266c62216fe01360b33e33fe047" +dependencies = [ + "serde", +] + +[[package]] +name = "hashbrown" +version = "0.14.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" + +[[package]] +name = "indexmap" +version = "2.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +dependencies = [ + "equivalent", + "hashbrown", +] + +[[package]] +name = "itertools" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" + +[[package]] +name = "manyhow" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02bc2a348104913df6d14170bedef54faf224a0970ec7b1f8750748ab94fcd52" +dependencies = [ + "manyhow-macros", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "manyhow-macros" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "532aa12d5846b38a524b3acd99fb74dc8a5f193b33e65dac142ef92bd60f9416" +dependencies = [ + "proc-macro-utils", + "proc-macro2", + "quote", +] + +[[package]] +name = "memchr" +version = "2.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d" + +[[package]] +name = "num-traits" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a" +dependencies = [ + "autocfg", +] + +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + +[[package]] +name = "proc-macro-crate" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d37c51ca738a55da99dc0c4a34860fd675453b8b36209178c2249bb13651284" +dependencies = [ + "toml_edit", +] + +[[package]] +name = "proc-macro-utils" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f59e109e2f795a5070e69578c4dc101068139f74616778025ae1011d4cd41a8" +dependencies = [ + "proc-macro2", + "quote", + "smallvec", +] + +[[package]] +name = "proc-macro2" +version = "1.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "prost" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d0f5d036824e4761737860779c906171497f6d55681139d8312388f8fe398922" +dependencies = [ + "bytes", + "prost-derive", +] + +[[package]] +name = "prost-derive" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19de2de2a00075bf566bee3bd4db014b11587e84184d3f7a791bc17f1a8e9e48" +dependencies = [ + "anyhow", + "itertools", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "quote" +version = "1.0.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rmp" +version = "0.8.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f9860a6cc38ed1da53456442089b4dfa35e7cedaa326df63017af88385e6b20" +dependencies = [ + "byteorder", + "num-traits", + "paste", +] + +[[package]] +name = "rmp-serde" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bffea85eea980d8a74453e5d02a8d93028f3c34725de143085a844ebe953258a" +dependencies = [ + "byteorder", + "rmp", + "serde", +] + +[[package]] +name = "ryu" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e86697c916019a8588c99b5fac3cead74ec0b4b819707a682fd4d23fa0ce1ba1" + +[[package]] +name = "serde" +version = "1.0.197" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fb1c873e1b9b056a4dc4c0c198b24c3ffa059243875552b2bd0933b1aee4ce2" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.197" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.115" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "smallvec" +version = "1.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" + +[[package]] +name = "syn" +version = "2.0.58" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44cfb93f38070beee36b3fef7d4f5a16f27751d94b187b666a5cc5e9b0d30687" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "toml_datetime" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3550f4e9685620ac18a50ed434eb3aec30db8ba93b0287467bca5826ea25baf1" + +[[package]] +name = "toml_edit" +version = "0.21.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a8534fd7f78b5405e860340ad6575217ce99f38d4d5c8f2442cb5ecb50090e1" +dependencies = [ + "indexmap", + "toml_datetime", + "winnow", +] + +[[package]] +name = "trufflehog" +version = "0.1.0" +dependencies = [ + "anyhow", + "extism-pdk", + "fluentci-pdk", +] + +[[package]] +name = "unicode-ident" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" + +[[package]] +name = "winnow" +version = "0.5.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876" +dependencies = [ + "memchr", +] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..a71e12d --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,19 @@ +[package] +authors = [ + "Tsiry Sandratraina " +] +description = "Set up your CI/CD Pipeline with a specific version of trufflehog" +edition = "2021" +license = "MIT" +name = "trufflehog" +version = "0.1.0" + +[lib] +crate-type = [ + "cdylib" +] + +[dependencies] +anyhow = "1.0.82" +extism-pdk = "1.1.0" +fluentci-pdk = "0.1.9" \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..515dd5f --- /dev/null +++ b/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2024 Tsiry Sandratraina + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..2e83e7b --- /dev/null +++ b/README.md @@ -0,0 +1,68 @@ +# Trufflehog Plugin + +[![ci](https://github.com/fluentci-io/trufflehog-plugin/actions/workflows/ci.yml/badge.svg)](https://github.com/fluentci-io/trufflehog-plugin/actions/workflows/ci.yml) + +This plugin sets up your CI/CD pipeline with a specific version of [trufflehog](https://github.com/trufflesecurity/trufflehog). + +## 🚀 Usage + +Add the following command to your CI configuration file: + +```bash +fluentci run --wasm trufflehog setup +``` + +## Functions + +| Name | Description | +| ---------- | -------------------------------------------- | +| setup | Installs a specific version of trufflehog. | +| git | Find credentials in git repositories | +| github | Find credentials in GitHub repositories. | +| gitlab | Find credentials in GitLab repositories. | +| filesystem | Find credentials in a filesystem. | +| s3 | Find credentials in S3 buckets. | +| gcs | Find credentials in GCS buckets | +| syslog | Scan syslog | +| circleci | Scan CircleCI | +| docker | Scan Docker Image | +| travisci | Scan TravisCI | +| postman | Scan Postman | + +## Code Usage + +Add `fluentci-pdk` crate to your `Cargo.toml`: + +```toml +[dependencies] +fluentci-pdk = "0.1.9" +``` + +Use the following code to call the plugin: + +```rust +use fluentci_pdk::dag; + +// ... + +dag().call("https://pkg.fluentci.io/trufflehog@v0.1.0?wasm=1", "setup", vec!["latest"])?; +``` + +## 📚 Examples + +Github Actions: + +```yaml +- name: Setup Fluent CI CLI + uses: fluentci-io/setup-fluentci@v5 + with: + wasm: true + plugin: trufflehog + args: | + setup + working-directory: example +- name: Show trufflehog version + run: | + type trufflehog + trufflehog --version +``` diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..de6f926 --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,117 @@ +use extism_pdk::*; +use fluentci_pdk::dag; + +#[plugin_fn] +pub fn setup(version: String) -> FnResult { + let version = if version.is_empty() { + "latest".into() + } else { + format!("{}", version) + }; + + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "install", &format!("trufflehog@{}", version)])? + .stdout()?; + + Ok(stdout) +} + +#[plugin_fn] +pub fn git(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "git", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn github(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "github", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn gitlab(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "gitlab", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn filesystem(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "filesystem", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn s3(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "s3", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn gcs(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "gcs", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn syslog(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "syslog", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn circleci(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "circleci", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn docker(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "docker", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn travisci(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "travisci", &flags])? + .stdout()?; + Ok(stdout) +} + +#[plugin_fn] +pub fn postman(flags: String) -> FnResult { + let stdout = dag() + .pkgx()? + .with_exec(vec!["pkgx", "trufflehog", "postman", &flags])? + .stdout()?; + Ok(stdout) +}