Checkmarx · jossef · Mar 30, 2023 · Mar 24, 2023 · Mar 27, 2023 · Mar 28, 2023
@@ -23,7 +23,7 @@ jobs:
   test:
     strategy:
       matrix:
-        os: [ ubuntu-latest, windows-latest ]
+        os: [ ubuntu-latest ]
 
     runs-on: ${{ matrix.os }}
 

@@ -4,6 +4,7 @@ import (
 	"github.com/checkmarx/2ms/plugins"
 	"github.com/checkmarx/2ms/reporting"
 	"github.com/checkmarx/2ms/secrets"
+	"os"
 	"strings"
 
 	"github.com/rs/zerolog"
@@ -89,11 +90,19 @@ func execute(cmd *cobra.Command, args []string) {
 	// -------------------------------------
 	// Get content from plugins
 
+	pluginsInitialized := 0
 	for _, plugin := range allPlugins {
 		err := plugin.Initialize(cmd)
 		if err != nil {
-			log.Fatal().Msg(err.Error())
+			log.Error().Msg(err.Error())
+			continue
 		}
+		pluginsInitialized += 1
+	}
+
+	if pluginsInitialized == 0 {
+		log.Fatal().Msg("no scan plugin initialized. At least one plugin must be initialized to proceed. Stopping")
+		os.Exit(1)
 	}
 
 	items := make([]plugins.Item, 0)
@@ -119,12 +128,27 @@ func execute(cmd *cobra.Command, args []string) {
 
 	for _, item := range items {
 		secrets := secrets.Detect(item.Content)
-		report.Results[item.ID] = append(report.Results[item.ID], secrets...)
+		if len(secrets) > 0 {
+			report.TotalSecretsFound = report.TotalSecretsFound + len(secrets)
+			report.Results[item.ID] = append(report.Results[item.ID], secrets...)
+		}
 	}
 	report.TotalItemsScanned = len(items)
 
 	// -------------------------------------
 	// Show Report
 
-	reporting.ShowReport(report)
+	if len(items) > 0 {
+		reporting.ShowReport(report)
+	} else {
+		log.Error().Msg("Scan completed with empty content")
+		os.Exit(0)
+	}
+
+	if report.TotalSecretsFound > 0 {
+		os.Exit(1)
+	} else {
+		os.Exit(0)
+	}
+
 }
@@ -2,6 +2,7 @@ package plugins
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
@@ -40,18 +41,19 @@ func (p *ConfluencePlugin) Initialize(cmd *cobra.Command) error {
 	flags := cmd.Flags()
 	confluenceUrl, _ := flags.GetString(argConfluence)
 	if confluenceUrl == "" {
-		return nil
+		return errors.New("confluence URL arg is missing. Plugin initialization failed")
 	}
 
-	if !strings.HasPrefix("https://", confluenceUrl) && !strings.HasPrefix("http://", confluenceUrl) {
-		confluenceUrl = fmt.Sprintf("https://%v", confluenceUrl)
-	}
 	confluenceUrl = strings.TrimRight(confluenceUrl, "/")
 
 	confluenceSpaces, _ := flags.GetString(argConfluenceSpaces)
 	confluenceUsername, _ := flags.GetString(argConfluenceUsername)
 	confluenceToken, _ := flags.GetString(argConfluenceToken)
 
+	if confluenceUsername == "" || confluenceToken == "" {
+		log.Warn().Msg("confluence credentials were not provided. The scan will be made anonymously only for the public pages")
+	}
+
 	p.Token = confluenceToken
 	p.Username = confluenceUsername
 	p.URL = confluenceUrl

@@ -9,8 +9,11 @@ func ShowReport(report Report) {
 	fmt.Println("Summary:")
 	fmt.Printf("- Total items scanned: %d\n", report.TotalItemsScanned)
 	fmt.Printf("- Total items with secrets: %d\n", len(report.Results))
-	fmt.Println("Detailed Report:")
-	generateResultsReport(report.Results)
+	if len(report.Results) > 0 {
+		fmt.Printf("- Total secrets found: %d\n", report.TotalSecretsFound)
+		fmt.Println("Detailed Report:")
+		generateResultsReport(report.Results)
+	}
 
 }
 
@@ -22,7 +25,7 @@ func generateResultsReport(results map[string][]Secret) {
 		fmt.Println("  - Secrets:")
 		for _, secret := range secrets {
 			fmt.Printf("   - Type: %s\n", secret.Description)
-			fmt.Printf("    - Location: %d-%d\n", secret.StartLine, secret.EndLine)
+			fmt.Printf("    - Location: %d-%d\n", secret.StartColumn, secret.EndColumn)
 			fmt.Printf("    - Value: %.40s\n", secret.Value)
 		}
 	}
@@ -37,6 +40,7 @@ func getItemId(fullPath string) string {
 type Report struct {
 	Results           map[string][]Secret
 	TotalItemsScanned int
+	TotalSecretsFound int
 }
 
 type Secret struct {

@@ -6,9 +6,25 @@ import (
 )
 
 func TestAddSecretToFile(t *testing.T) {
-	secretValue := "-----BEGIN RSA PRIVATE KEY-----\nMIICWwIBAAKBgQCKLwIHewTIhcpH3WLnxZ61xBAk2lnkdahFxjHYi+khrENzbGr8\nEeJDZ1FMUDDYGeLtjlROLHT41ovicFbsmgIU0QQVFewIAwvKIw5hBtq0TtO9CsXe\nBaNmzw8ZduXJ/clOpdOF7/1ro485a+v956ZAhB2ohbk6qRqGyg3kaxclOQIDAQAB\nAoGAV7z5QN6vbtLkWTUMc7VazHas+Xla0mCSc5sgUyqi4CqMuWEBnQON8tZLHHVe\nThhBqixRA0HfE5DGSQSjbJ9s6fD+Sjt0Qj2yer70FuEiR0uGM4tOAE7WbX+Ny7PT\ngmDiWOITe7v0yzIgZzbLgPhg5SlCmiy8Nv2Zf/v54yLVPLECQQDbwpsuu6beMDip\nkRB/msCAEEAstdfSPY8L9QySYxskkJvtWpWBu5trnRatiGoLYWvnsBzcL4xWGrs8\nTpr4hTirAkEAoPiRDHrVbkKAgrmLW/TrSDiOG8uXSTuvz4iFgzCG6Cd8bp7mDKhJ\nl98Upelf0Is5sEnLDqnFl62LZAyckeThqwJAOjZChQ6QFSsQ11nl1OdZNpMXbMB+\neuJzkedHfT9jYTwtEaJ9F/BqKwdhinYoIPudabHs8yZlNim+jysDQfGIIQJAGqlx\nJPcHeO7M6FohKgcEHX84koQDN98J/L7pFlSoU7WOl6f8BKavIdeSTPS9qQYWdQuT\n9YbLMpdNGjI4kLWvZwJAJt8Qnbc2ZfS0ianwphoOdB0EwOMKNygjnYx7VoqR9/h1\n4Xgur9w/aLZrLM3DSatR+kL+cVTyDTtgCt9Dc8k48Q==\n-----END RSA PRIVATE KEY-----"
+	secretValue := string(`
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCKLwIHewTIhcpH3WLnxZ61xBAk2lnkdahFxjHYi+khrENzbGr8
+EeJDZ1FMUDDYGeLtjlROLHT41ovicFbsmgIU0QQVFewIAwvKIw5hBtq0TtO9CsXe
+BaNmzw8ZduXJ/clOpdOF7/1ro485a+v956ZAhB2ohbk6qRqGyg3kaxclOQIDAQAB
+AoGAV7z5QN6vbtLkWTUMc7VazHas+Xla0mCSc5sgUyqi4CqMuWEBnQON8tZLHHVe
+ThhBqixRA0HfE5DGSQSjbJ9s6fD+Sjt0Qj2yer70FuEiR0uGM4tOAE7WbX+Ny7PT
+gmDiWOITe7v0yzIgZzbLgPhg5SlCmiy8Nv2Zf/v54yLVPLECQQDbwpsuu6beMDip
+kRB/msCAEEAstdfSPY8L9QySYxskkJvtWpWBu5trnRatiGoLYWvnsBzcL4xWGrs8
+Tpr4hTirAkEAoPiRDHrVbkKAgrmLW/TrSDiOG8uXSTuvz4iFgzCG6Cd8bp7mDKhJ
+l98Upelf0Is5sEnLDqnFl62LZAyckeThqwJAOjZChQ6QFSsQ11nl1OdZNpMXbMB+
+euJzkedHfT9jYTwtEaJ9F/BqKwdhinYoIPudabHs8yZlNim+jysDQfGIIQJAGqlx
+JPcHeO7M6FohKgcEHX84koQDN98J/L7pFlSoU7WOl6f8BKavIdeSTPS9qQYWdQuT
+9YbLMpdNGjI4kLWvZwJAJt8Qnbc2ZfS0ianwphoOdB0EwOMKNygjnYx7VoqR9/h1
+4Xgur9w/aLZrLM3DSatR+kL+cVTyDTtgCt9Dc8k48Q==
+-----END RSA PRIVATE KEY-----`)
+
 	results := map[string][]Secret{}
-	report := Report{results, 1}
+	report := Report{results, 1, 1}
 	secret := Secret{Description: "bla", StartLine: 0, StartColumn: 0, EndLine: 0, EndColumn: 0, Value: secretValue}
 	source := "directory\\rawStringAsFile.txt"
 

@@ -2,7 +2,6 @@ package secrets
 
 import (
 	"github.com/checkmarx/2ms/reporting"
-	"github.com/rs/zerolog/log"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/rules"
 	"github.com/zricethezav/gitleaks/v8/config"
 	"github.com/zricethezav/gitleaks/v8/detect"
@@ -69,8 +68,6 @@ func (s *Secrets) Detect(content string) []reporting.Secret {
 		secrets = append(secrets, secret)
 	}
 
-	log.Info().Msgf("Total of %d secrets detected", len(secrets))
-
 	return secrets
 }