Skip to content

Commit

Permalink
chore: update cassettes
Browse files Browse the repository at this point in the history 
Related to previous commit, cassettes needed to be updated because the
query args to secret endpoint have changed
  • Loading branch information
@gg-mmill
gg-mmill committed Nov 18, 2024
1 parent f2fa2dc commit a6e5c06
Show file tree
Hide file tree
Showing 24 changed files with 1,191 additions and 620 deletions.
67 changes: 34 additions & 33 deletions tests/unit/cassettes/multiline_secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,45 +9,45 @@ interactions:
Connection:
- keep-alive
User-Agent:
- pygitguardian/1.15.2 (Linux;py3.10.12)
- pygitguardian/1.17.0 (Linux;py3.11.8)
method: GET
uri: https://api.gitguardian.com/v1/metadata
response:
body:
string:
'{"version":"v2.87.2","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"onboarding__segmentation_v1_enabled":true,"general__maximum_payload_size":26214400,"general__mutual_tls_mode":"disabled","general__signup_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576},"remediation_messages":{"pre_commit":">
'{"version":"v2.117.1","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"on_premise__default_sso_config_force_sso":null,"onboarding__segmentation_v1_enabled":true,"general__maximum_payload_size":26214400,"general__mutual_tls_mode":"disabled","general__signup_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576},"remediation_messages":{"pre_commit":">
How to remediate\n\n Since the secret was detected before the commit was
made:\n 1. replace the secret with its reference (e.g. environment variable).\n 2.
commit again.\n\n> [To apply with caution] If you want to bypass ggshield
(false positive or other reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield
git commit -m \"<your message>","pre_push":"> How to remediate\n\n Since
commit again.\n\n> [Apply with caution] If you want to bypass ggshield (false
positive or other reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield
git commit -m \"<your message>\"\n ","pre_push":"> How to remediate\n\n Since
the secret was detected before the push BUT after the commit, you need to:\n 1.
rewrite the git history making sure to replace the secret with its reference
(e.g. environment variable).\n 2. push again.\n\n To prevent having to rewrite
git history in the future, setup ggshield as a pre-commit hook:\n https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
[To apply with caution] If you want to bypass ggshield (false positive or
other reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield-push
[Apply with caution] If you want to bypass ggshield (false positive or other
reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield-push
git push","pre_receive":"> How to remediate\n\n A pre-receive hook set server
side prevented you from pushing secrets.\n\n Since the secret was detected
during the push BUT after the commit, you need to:\n 1. rewrite the git history
making sure to replace the secret with its reference (e.g. environment variable).\n 2.
push again.\n\n To prevent having to rewrite git history in the future, setup
ggshield as a pre-commit hook:\n https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
[To apply with caution] If you want to bypass ggshield (false positive or
other reason), run:\n\n git push -o breakglass"}}'
[Apply with caution] If you want to bypass ggshield (false positive or other
reason), run:\n\n git push -o breakglass"}}'
headers:
access-control-expose-headers:
- X-App-Version
allow:
- GET, HEAD, OPTIONS
content-length:
- '2150'
- '2198'
content-type:
- application/json
cross-origin-opener-policy:
- same-origin
date:
- Mon, 12 Aug 2024 09:19:09 GMT
- Fri, 15 Nov 2024 17:09:48 GMT
referrer-policy:
- strict-origin-when-cross-origin
server:
Expand All @@ -59,29 +59,30 @@ interactions:
vary:
- Accept-Encoding,Cookie
x-app-version:
- v2.87.2
- v2.117.1
x-content-type-options:
- nosniff
- nosniff
x-envoy-upstream-service-time:
- '25'
- '41'
x-frame-options:
- DENY
- SAMEORIGIN
x-sca-engine-version:
- 1.43.0
- 2.2.0
x-sca-last-vuln-fetch:
- '2024-08-12T09:06:35.075326+00:00'
- '2024-11-15T15:07:15.159254+00:00'
x-secrets-engine-version:
- 2.117.0
- 2.126.0
x-xss-protection:
- 1; mode=block
status:
code: 200
message: OK
- request:
body:
'[{"filename": "file", "document": "-----BEGIN RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
'[{"filename": "/tmp/pytest-of-mmillet/pytest-10/test_json_output_for_patch__MU1/file",
"document": "-----BEGIN RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
RSA PRIVATE KEY-----"}]'
headers:
Accept:
Expand All @@ -91,47 +92,47 @@ interactions:
Connection:
- keep-alive
Content-Length:
- '538'
- '603'
Content-Type:
- application/json
GGShield-Command-Id:
- 7a6ae986-4f2d-45ff-9a71-91fdd049ef51
- 1376363d-2fb3-4db2-8ad6-4a057ce9071f
GGShield-Command-Path:
- external
GGShield-OS-Name:
- ubuntu
GGShield-OS-Version:
- '22.04'
GGShield-Python-Version:
- 3.10.12
- 3.11.8
GGShield-Version:
- 1.29.0
- 1.33.0
User-Agent:
- pygitguardian/1.15.2 (Linux;py3.10.12)
- pygitguardian/1.17.0 (Linux;py3.11.8)
mode:
- path
method: POST
uri: https://api.gitguardian.com/v1/multiscan?ignore_known_secrets=True
uri: https://api.gitguardian.com/v1/multiscan?ignore_known_secrets=True&all_secrets=True
response:
body:
string:
'[{"policy_break_count":1,"policies":["File extensions","Filenames","Secrets
detection"],"policy_breaks":[{"type":"RSA Private Key","policy":"Secrets detection","matches":[{"type":"apikey","match":"-----BEGIN
'[{"policy_break_count":1,"policies":["Secrets detection"],"policy_breaks":[{"type":"RSA
Private Key","policy":"Secrets detection","matches":[{"type":"apikey","match":"-----BEGIN
RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
RSA PRIVATE KEY-----","index_start":0,"index_end":491,"line_start":1,"line_end":9}],"incident_url":"https://dashboard.gitguardian.com/workspace/8/incidents/8137383","known_secret":true,"validity":"no_checker"}]}]'
RSA PRIVATE KEY-----","index_start":0,"index_end":491,"line_start":1,"line_end":9}],"is_excluded":false,"exclude_reason":null,"incident_url":"","known_secret":false,"validity":"no_checker"}]}]'
headers:
access-control-expose-headers:
- X-App-Version
allow:
- POST, OPTIONS
content-length:
- '889'
- '839'
content-type:
- application/json
cross-origin-opener-policy:
- same-origin
date:
- Mon, 12 Aug 2024 09:19:10 GMT
- Fri, 15 Nov 2024 17:09:49 GMT
referrer-policy:
- strict-origin-when-cross-origin
server:
Expand All @@ -141,21 +142,21 @@ interactions:
vary:
- Cookie
x-app-version:
- v2.87.2
- v2.117.1
x-content-type-options:
- nosniff
- nosniff
x-envoy-upstream-service-time:
- '65'
- '75'
x-frame-options:
- DENY
- SAMEORIGIN
x-sca-engine-version:
- 1.43.0
- 2.2.0
x-sca-last-vuln-fetch:
- '2024-08-12T09:06:35.075326+00:00'
- '2024-11-15T15:07:15.159254+00:00'
x-secrets-engine-version:
- 2.117.0
- 2.126.0
x-xss-protection:
- 1; mode=block
status:
Expand Down
75 changes: 52 additions & 23 deletions tests/unit/cassettes/multiple_secrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,53 +9,79 @@ interactions:
Connection:
- keep-alive
User-Agent:
- pygitguardian/1.6.0 (Linux;py3.10.6)
- pygitguardian/1.17.0 (Linux;py3.11.8)
method: GET
uri: https://api.gitguardian.com/v1/metadata
response:
body:
string: '{"version":"v2.30.2","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"public_api__ggshield_auth_flow_enabled":true,"general__onboarding_segmentation_v1_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576}}'
string:
'{"version":"v2.117.1","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"on_premise__default_sso_config_force_sso":null,"onboarding__segmentation_v1_enabled":true,"general__maximum_payload_size":26214400,"general__mutual_tls_mode":"disabled","general__signup_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576},"remediation_messages":{"pre_commit":">
How to remediate\n\n Since the secret was detected before the commit was
made:\n 1. replace the secret with its reference (e.g. environment variable).\n 2.
commit again.\n\n> [Apply with caution] If you want to bypass ggshield (false
positive or other reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield
git commit -m \"<your message>\"\n ","pre_push":"> How to remediate\n\n Since
the secret was detected before the push BUT after the commit, you need to:\n 1.
rewrite the git history making sure to replace the secret with its reference
(e.g. environment variable).\n 2. push again.\n\n To prevent having to rewrite
git history in the future, setup ggshield as a pre-commit hook:\n https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
[Apply with caution] If you want to bypass ggshield (false positive or other
reason), run:\n - if you use the pre-commit framework:\n\n SKIP=ggshield-push
git push","pre_receive":"> How to remediate\n\n A pre-receive hook set server
side prevented you from pushing secrets.\n\n Since the secret was detected
during the push BUT after the commit, you need to:\n 1. rewrite the git history
making sure to replace the secret with its reference (e.g. environment variable).\n 2.
push again.\n\n To prevent having to rewrite git history in the future, setup
ggshield as a pre-commit hook:\n https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
[Apply with caution] If you want to bypass ggshield (false positive or other
reason), run:\n\n git push -o breakglass"}}'
headers:
access-control-expose-headers:
- X-App-Version
allow:
- GET, HEAD, OPTIONS
content-length:
- '446'
- '2198'
content-type:
- application/json
cross-origin-opener-policy:
- same-origin
date:
- Mon, 22 May 2023 12:28:00 GMT
- Fri, 15 Nov 2024 17:09:14 GMT
referrer-policy:
- strict-origin-when-cross-origin
server:
- istio-envoy
strict-transport-security:
- max-age=31536000; includeSubDomains
transfer-encoding:
- chunked
vary:
- Cookie
- Accept-Encoding,Cookie
x-app-version:
- v2.30.2
- v2.117.1
x-content-type-options:
- nosniff
- nosniff
x-envoy-upstream-service-time:
- '27'
- '56'
x-frame-options:
- DENY
- SAMEORIGIN
x-sca-engine-version:
- 2.2.0
x-sca-last-vuln-fetch:
- '2024-11-15T15:07:15.159254+00:00'
x-secrets-engine-version:
- 2.89.0
- 2.126.0
x-xss-protection:
- 1; mode=block
status:
code: 200
message: OK
- request:
body:
'[{"filename": "test.txt", "document": "@@ -0,0 +1,2 @@\n+FacebookAppKeys
'[{"filename": "commit://patch/test.txt", "document": "@@ -0,0 +1,2 @@\n+FacebookAppKeys
:\n+String docker run --name geonetwork -d -p 8080:8080 -e MYSQL_HOST=google.com -e
MYSQL_PORT=5434 -e MYSQL_USERNAME=root -e MYSQL_PASSWORD=m42ploz2wd
geonetwork\n"}]'
Expand All @@ -67,46 +93,45 @@ interactions:
Connection:
- keep-alive
Content-Length:
- '276'
- '291'
Content-Type:
- application/json
GGShield-Command-Id:
- 6c955e95-c705-4026-89f2-b7a89be107d8
- fe8e61c5-bf70-43bf-8593-99837ac6bd01
GGShield-Command-Path:
- external
GGShield-OS-Name:
- ubuntu
GGShield-OS-Version:
- '22.04'
GGShield-Python-Version:
- 3.10.6
- 3.11.8
GGShield-Version:
- 1.15.1
- 1.33.0
User-Agent:
- pygitguardian/1.6.0 (Linux;py3.10.6)
- pygitguardian/1.17.0 (Linux;py3.11.8)
mode:
- path
method: POST
uri: https://api.gitguardian.com/v1/multiscan?ignore_known_secrets=True
uri: https://api.gitguardian.com/v1/multiscan?ignore_known_secrets=True&all_secrets=True
response:
body:
string:
'[{"policy_break_count":1,"policies":["File extensions","Filenames","Secrets
detection"],"policy_breaks":[{"type":"MySQL Credentials","policy":"Secrets
detection","matches":[{"type":"host","match":"google.com","index_start":114,"index_end":123,"line_start":3,"line_end":3},{"type":"port","match":"5434","index_start":151,"index_end":154,"line_start":3,"line_end":3},{"type":"username","match":"root","index_start":174,"index_end":177,"line_start":3,"line_end":3},{"type":"password","match":"m42ploz2wd","index_start":209,"index_end":218,"line_start":3,"line_end":3}],"validity":"failed_to_check"}]}]'
'[{"policy_break_count":1,"policies":["Secrets detection"],"policy_breaks":[{"type":"MySQL
Credentials","policy":"Secrets detection","matches":[{"type":"host","match":"google.com","index_start":114,"index_end":123,"line_start":3,"line_end":3},{"type":"port","match":"5434","index_start":151,"index_end":154,"line_start":3,"line_end":3},{"type":"username","match":"root","index_start":174,"index_end":177,"line_start":3,"line_end":3},{"type":"password","match":"m42ploz2wd","index_start":209,"index_end":218,"line_start":3,"line_end":3}],"is_excluded":false,"exclude_reason":null,"incident_url":"","known_secret":false,"validity":"failed_to_check"}]}]'
headers:
access-control-expose-headers:
- X-App-Version
allow:
- POST, OPTIONS
content-length:
- '598'
- '649'
content-type:
- application/json
cross-origin-opener-policy:
- same-origin
date:
- Mon, 22 May 2023 12:28:03 GMT
- Fri, 15 Nov 2024 17:09:20 GMT
referrer-policy:
- strict-origin-when-cross-origin
server:
Expand All @@ -116,17 +141,21 @@ interactions:
vary:
- Cookie
x-app-version:
- v2.30.2
- v2.117.1
x-content-type-options:
- nosniff
- nosniff
x-envoy-upstream-service-time:
- '3101'
- '3124'
x-frame-options:
- DENY
- SAMEORIGIN
x-sca-engine-version:
- 2.2.0
x-sca-last-vuln-fetch:
- '2024-11-15T15:07:15.159254+00:00'
x-secrets-engine-version:
- 2.89.0
- 2.126.0
x-xss-protection:
- 1; mode=block
status:
Expand Down
Loading

0 comments on commit a6e5c06

Please sign in to comment.