Skip to content

Commit a15c7d4

Browse files
Copilotfrjcomp
andauthored
Gitea Scan
* Implemented Gitea scan command --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: frjcomp <107982661+frjcomp@users.noreply.github.com>
1 parent d1a9957 commit a15c7d4

27 files changed

Lines changed: 5657 additions & 48 deletions

File tree

.github/workflows/test.yml

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
name: Tests
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
pull_request:
8+
9+
permissions:
10+
contents: read
11+
12+
jobs:
13+
test:
14+
name: Go Tests
15+
runs-on: ubuntu-latest
16+
steps:
17+
- uses: actions/checkout@v5
18+
19+
- uses: actions/setup-go@v6
20+
with:
21+
go-version: stable
22+
23+
- name: Run tests
24+
working-directory: ./src/pipeleak
25+
run: go test ./... -v -race -coverprofile=coverage.out -covermode=atomic
26+
27+
- name: Display coverage
28+
working-directory: ./src/pipeleak
29+
run: go tool cover -func=coverage.out
30+
31+
- name: Upload coverage reports
32+
uses: codecov/codecov-action@v5
33+
with:
34+
files: ./src/pipeleak/coverage.out
35+
flags: unittests
36+
name: codecov-umbrella
37+
continue-on-error: true

.gitignore

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,5 @@ rules.yml
33
dist
44
renovate-enum-out
55
cli-docs
6-
site
6+
site
7+
src/pipeleak/pipeleak

readme.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ It supports the following platforms:
1414
* GitHub
1515
* BitBucket
1616
* Azure DevOps
17+
* Gitea
1718

1819
Once secrets are discovered, further exploitation often requires additional tooling. Pipeleak provides several helper commands to assist with this process.
1920

Lines changed: 24 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,20 @@
1-
package gitea
1+
package enum
22

33
import (
4+
"fmt"
5+
46
"code.gitea.io/sdk/gitea"
57
"github.com/CompassSecurity/pipeleak/helper"
68
"github.com/rs/zerolog/log"
79
"github.com/spf13/cobra"
810
)
911

12+
var (
13+
giteaApiToken string
14+
giteaUrl string
15+
verbose bool
16+
)
17+
1018
func NewEnumCmd() *cobra.Command {
1119
enumCmd := &cobra.Command{
1220
Use: "enum",
@@ -24,17 +32,26 @@ func NewEnumCmd() *cobra.Command {
2432
func Enum(cmd *cobra.Command, args []string) {
2533
helper.SetLogLevel(verbose)
2634

27-
client, err := gitea.NewClient(giteaUrl, gitea.SetToken(giteaApiToken))
35+
if err := runEnum(giteaUrl, giteaApiToken); err != nil {
36+
log.Fatal().Stack().Err(err).Msg("Enumeration failed")
37+
}
38+
}
39+
40+
// runEnum contains the core enumeration logic and returns errors instead of calling Fatal
41+
func runEnum(giteaURL, apiToken string) error {
42+
client, err := gitea.NewClient(giteaURL, gitea.SetToken(apiToken))
2843
if err != nil {
29-
log.Fatal().Stack().Err(err).Msg("Failed creating gitea client")
30-
return
44+
return err
3145
}
3246

3347
log.Info().Msg("Enumerating User")
3448
user, _, err := client.GetMyUserInfo()
3549
if err != nil {
36-
log.Fatal().Stack().Err(err).Msg("Failed fetching current user")
37-
return
50+
return err
51+
}
52+
53+
if user == nil {
54+
return fmt.Errorf("failed fetching current user (nil response)")
3855
}
3956

4057
log.Debug().Interface("user", user).Msg("Full user data structure")
@@ -185,4 +202,5 @@ func Enum(cmd *cobra.Command, args []string) {
185202
}
186203

187204
log.Info().Msg("Done")
205+
return nil
188206
}

0 commit comments

Comments
 (0)