Toolkit

GitleaksCommands extends AbstractCommands
in package

Provides command to interact with GitLeaks.

Table of Contents

Properties

$io  : mixed
$os  : string
$repo  : string
$tag  : string

Methods

getConfigurationFile()  : string
Path to YAML configuration file containing command defaults.
getJson()  : array<string|int, mixed>
Returns the JSON parsed content.
getWorkingDir()  : string
Returns the current working directory.
isWebsiteInstalled()  : bool
Check if the website is installed.
toolkitRunGitleaks()  : int
Executes the Gitleaks.
getBin()  : string
Validate and return the path to given bin.
getBinPath()  : string
Return the path to given bin.
getConfigValue()  : mixed|null
Return the configuration value.
getNodeBin()  : string
Validate and return the path to given bin from node packages.
getNodeBinPath()  : string
Return the path to given bin from node packages.
isJunit()  : bool
Check whether Junit option is being used, or env var is set.
isSimulating()  : bool
Check if current command is being executed with option simulate.
taskExecute()  : CollectionBuilder
Execute a command.
taskProcess()  : ReplaceBlock|CollectionBuilder
Process the file.
taskReplaceBlock()  : ReplaceBlock|CollectionBuilder
Replace block in a file.
download()  : bool
Download the Gitleaks binary from the GitHub releases page.
getIgnores()  : array<string|int, string>
Returns the ignores to use from website and project.
isChecksumValid()  : bool
Validate the archive SHA-256 checksum.
prepareCommand()  : string
Prepares the full gitleaks command including the options.
printReport()  : void
Prints the report information.
processFindings()  : int
Process the findings and returns the number of ignored.

Properties

Methods

getConfigurationFile()

Path to YAML configuration file containing command defaults.

public getConfigurationFile() : string
Return values
string

Configuration file path.

getJson()

Returns the JSON parsed content.

public getJson(string $filename[, bool $throwException = true ]) : array<string|int, mixed>
Parameters
$filename : string
$throwException : bool = true

If the file is not found.

Return values
array<string|int, mixed>

Json parsed content.

getWorkingDir()

Returns the current working directory.

public getWorkingDir() : string
Return values
string

The current working directory.

isWebsiteInstalled()

Check if the website is installed.

public isWebsiteInstalled() : bool
Return values
bool

toolkitRunGitleaks()

Executes the Gitleaks.

public toolkitRunGitleaks(ConsoleIO $io[, array<string|int, mixed> $options = ['tag' =>InputOption::VALUE_REQUIRED, 'sha256' =>InputOption::VALUE_REQUIRED, 'os' =>InputOption::VALUE_REQUIRED, 'options' =>InputOption::VALUE_REQUIRED, 'skip-dist' =>InputOption::VALUE_NONE, 'ignore-file' =>InputOption::VALUE_REQUIRED, 'report-to-file' =>InputOption::VALUE_NONE] ]) : int
Parameters
$io : ConsoleIO
$options : array<string|int, mixed> = ['tag' => InputOption::VALUE_REQUIRED, 'sha256' => InputOption::VALUE_REQUIRED, 'os' => InputOption::VALUE_REQUIRED, 'options' => InputOption::VALUE_REQUIRED, 'skip-dist' => InputOption::VALUE_NONE, 'ignore-file' => InputOption::VALUE_REQUIRED, 'report-to-file' => InputOption::VALUE_NONE]

Command options.

Tags
command

toolkit:run-gitleaks

option

tag The release tag of Gitleaks.

sha256 SHA-256 checksum of the release archive.

os The current OS version.

options The options to use when executing gitleaks command.

skip-dist Skip the creation of distribution.

ignore-file Path to .leaksignore file (default ".leaksignore").

report-to-file Save the findings to a file.

aliases

tk-gitleaks

usage

--skip-dist --report-to-file

Return values
int

Return 1 if there're findings, 0 if no issues detected.

getBin()

Validate and return the path to given bin.

protected getBin(string $name) : string
Parameters
$name : string

The bin to look for.

Tags
throws
TaskException
Return values
string

The bin path.

getBinPath()

Return the path to given bin.

protected getBinPath(string $name) : string
Parameters
$name : string
Return values
string

The path to given binary.

getConfigValue()

Return the configuration value.

protected getConfigValue(string $key[, mixed|null $default = null ]) : mixed|null
Parameters
$key : string

The config item to look up.

$default : mixed|null = null

Default configuration value for the key item if neither has value nor exists.

Return values
mixed|null

The configuration value.

getNodeBin()

Validate and return the path to given bin from node packages.

protected getNodeBin(string $name) : string
Parameters
$name : string

The bin to look for.

Tags
throws
TaskException
Return values
string

The bin path.

getNodeBinPath()

Return the path to given bin from node packages.

protected getNodeBinPath(string $name) : string
Parameters
$name : string
Return values
string

The path to given binary.

isJunit()

Check whether Junit option is being used, or env var is set.

protected isJunit() : bool
Return values
bool

isSimulating()

Check if current command is being executed with option simulate.

protected isSimulating() : bool
Return values
bool

True if using --simulate, false otherwise.

taskExecute()

Execute a command.

protected taskExecute(array<string|int, string> $tasks) : CollectionBuilder
Parameters
$tasks : array<string|int, string>

An array with tasks to execute.

Return values
CollectionBuilder

The task executed.

taskProcess()

Process the file.

protected taskProcess(string $source[, string $destination = '' ]) : ReplaceBlock|CollectionBuilder
Parameters
$source : string

The source file to process.

$destination : string = ''

The destination file.

Return values
ReplaceBlock|CollectionBuilder

The file task processed.

taskReplaceBlock()

Replace block in a file.

protected taskReplaceBlock([string $filename = '' ]) : ReplaceBlock|CollectionBuilder
Parameters
$filename : string = ''

The file to process.

Return values
ReplaceBlock|CollectionBuilder

The file replaced.

download()

Download the Gitleaks binary from the GitHub releases page.

private download(string $repo, string $tag, string $os, string $sha256) : bool
Parameters
$repo : string

The Gitleaks repo url.

$tag : string

The release tag to download.

$os : string

The Operating system to use to download.

$sha256 : string

Expected SHA-256 checksum of the downloaded archive.

Return values
bool

getIgnores()

Returns the ignores to use from website and project.

private getIgnores(array<string|int, mixed> $options) : array<string|int, string>
Parameters
$options : array<string|int, mixed>

The command options.

Return values
array<string|int, string>

The ignores to use.

isChecksumValid()

Validate the archive SHA-256 checksum.

private isChecksumValid(string $file, string $sha256) : bool
Parameters
$file : string

Archive contents.

$sha256 : string

Expected SHA-256 checksum.

Return values
bool

prepareCommand()

Prepares the full gitleaks command including the options.

private prepareCommand(array<string|int, mixed> $options) : string
Parameters
$options : array<string|int, mixed>

The command options.

Return values
string

The final command to execute.

printReport()

Prints the report information.

private printReport(array<string|int, mixed> $report[, array<string|int, mixed> $findings = [] ]) : void
Parameters
$report : array<string|int, mixed>

The report to print.

$findings : array<string|int, mixed> = []

The gitleaks findings to print.

processFindings()

Process the findings and returns the number of ignored.

private processFindings(array<string|int, mixed> &$findings, array<string|int, mixed> $options) : int
Parameters
$findings : array<string|int, mixed>

The gitleaks findings.

$options : array<string|int, mixed>

The command options.

Return values
int

The number of ignored findings.

On this page

Search results