From 94438f9b16ff409ec9b283548e6565297bdc5c94 Mon Sep 17 00:00:00 2001 From: Tom Date: Sat, 22 Jun 2024 15:13:40 +0100 Subject: [PATCH] enhancement: Gitleaks schema improvements (#3675) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * GitLeaks - Added missing schema properties * cosmetic * Reordered and added missing default * Wording change --------- Co-authored-by: Edouard Choinière <27212526+echoix@users.noreply.github.com> --- CHANGELOG.md | 1 + .../repository.megalinter-descriptor.yml | 6 +++--- .../megalinter-configuration.jsonschema.json | 18 ++++++++++++++++++ 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 96997bd21b6..3ca83bd5a08 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -26,6 +26,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - [Powershell](https://github.com/PowerShell/PSScriptAnalyzer#readme) Error table truncation improvements - [yamllint](https://github.com/adrienverge/yamllint) fix error/warning count to work with different log output formats - Improve support for single argument in `get_list_args` function + - [GitLeaks](https://github.com/gitleaks/gitleaks) add missing schema properties - [DevSkim](https://github.com/microsoft/DevSkim) fixed fatal errors when scanning and ability to override config path - [Powershell](https://github.com/PowerShell/PSScriptAnalyzer#readme) added missing schema property `POWERSHELL_POWERSHELL_FORMATTER_OUTPUT_ENCODING` - [tflint](https://github.com/terraform-linters/tflint) added missing schema property `TERRAFORM_TFLINT_SECURED_ENV` diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml index 224a685ba72..b9862e13516 100644 --- a/megalinter/descriptors/repository.megalinter-descriptor.yml +++ b/megalinter/descriptors/repository.megalinter-descriptor.yml @@ -255,13 +255,13 @@ linters: - COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ variables: - name: REPOSITORY_GITLEAKS_PR_COMMITS_SCAN - description: Scan only PR commits on Pull Request + description: Scan only commits in the current Pull Request/Merge Request default_value: "false" - name: REPOSITORY_GITLEAKS_PR_SOURCE_SHA - description: Pull Request source commit sha (N/A to supported scenarios) + description: Source commit SHA of the Pull Request/Merge Request default_value: "" - name: REPOSITORY_GITLEAKS_PR_TARGET_SHA - description: Pull Request target commit sha (N/A to supported scenarios) + description: Target commit SHA of the Pull Request/Merge Request default_value: "" # GRYPE diff --git a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json index 85a7b1fcbca..7ce7cfb5f4b 100644 --- a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json +++ b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json @@ -15736,6 +15736,24 @@ "title": "REPOSITORY_GITLEAKS: Define or override a list of bash commands to run before the linter", "type": "array" }, + "REPOSITORY_GITLEAKS_PR_COMMITS_SCAN": { + "$id": "#/properties/REPOSITORY_GITLEAKS_PR_COMMITS_SCAN", + "default": false, + "title": "REPOSITORY_GITLEAKS: Scan only commits in the current Pull Request/Merge Request", + "type": "boolean" + }, + "REPOSITORY_GITLEAKS_PR_SOURCE_SHA": { + "$id": "#/properties/REPOSITORY_GITLEAKS_PR_SOURCE_SHA", + "default": "", + "title": "REPOSITORY_GITLEAKS: Source commit SHA of the Pull Request/Merge Request", + "type": "string" + }, + "REPOSITORY_GITLEAKS_PR_TARGET_SHA": { + "$id": "#/properties/REPOSITORY_GITLEAKS_PR_TARGET_SHA", + "default": "", + "title": "REPOSITORY_GITLEAKS: Target commit SHA of the Pull Request/Merge Request", + "type": "string" + }, "REPOSITORY_GITLEAKS_RULES_PATH": { "$id": "#/properties/REPOSITORY_GITLEAKS_RULES_PATH", "description": "REPOSITORY_GITLEAKS: Path where to find linter configuration file",