Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(detect-secrets): get secrets plugins from config.yaml #6544

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

feat(detect-secrets): get secrets plugins from config.yaml #6544

wants to merge 2 commits into from

Conversation

pedrooot
Copy link
Member

Context

Fix #6522

Description

Make plugins from detect-secrets configurable.
Thanks @kagahd for the feature-request 🚀

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@pedrooot pedrooot requested review from a team as code owners January 15, 2025 18:15
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Jan 15, 2025
@pedrooot pedrooot mentioned this pull request Jan 15, 2025
Open
@codecov Codecov
Copy link

codecov bot commented Jan 15, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.43%. Comparing base (9e7104f) to head (7d19b73).
Report is 23 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #6544      +/-   ##
==========================================
- Coverage   89.89%   89.43%   -0.46%     
==========================================
  Files        1182     1182              
  Lines       35408    33839    -1569     
==========================================
- Hits        31829    30263    -1566     
+ Misses       3579     3576       -3
Flag Coverage Δ
prowler 89.43% <100.00%> (-0.46%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
prowler 89.43% <100.00%> (-0.46%) ⬇️
api ∅ <ø> (∅)

@kagahd
Copy link
Contributor

kagahd commented Jan 15, 2025

I opened a Yelp/detect-secrets#910 to add a new detector for Aiven tokens. However, I doubt that it will be merged soon considering all the open, unmerged other PR's for new detectors.
Do you mind integrating the AivenTokenDetector into Prowler? It's just copying detect_secrets/plugins/aiven_token.py to the site-packages folder. That would save me patching the Prowler image.

jfagoagas
jfagoagas requested changes Jan 16, 2025
View reviewed changes
...ation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.py
data=data, excluded_secrets=secrets_ignore_patterns
data=data,
excluded_secrets=secrets_ignore_patterns,
detect_secrets_plugins=cloudformation_client.audit_config.get(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you should get the default list of plugins instead of None or {}. Please review it in all checks.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with you, changes on the next commit.

@jfagoagas jfagoagas self-requested a review January 17, 2025 07:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfagoagas jfagoagas Awaiting requested review from jfagoagas

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

make DetectSecrets detectors configurable
3 participants
@pedrooot @kagahd @jfagoagas