From 7681bfad4f3c293bc6dabc7da61ed2b5285ad6db Mon Sep 17 00:00:00 2001 From: Richard Gomez Date: Wed, 11 Dec 2024 18:40:21 -0500 Subject: [PATCH] feat(engine): make |detectionTimeout| configurable --- main.go | 4 ++++ pkg/engine/engine.go | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/main.go b/main.go index 2fca7aed67337..4c5cf29828637 100644 --- a/main.go +++ b/main.go @@ -68,6 +68,7 @@ var ( fail = cli.Flag("fail", "Exit with code 183 if results are found.").Bool() verifiers = cli.Flag("verifier", "Set custom verification endpoints.").StringMap() customVerifiersOnly = cli.Flag("custom-verifiers-only", "Only use custom verification endpoints.").Bool() + detectorTimeout = cli.Flag("detector-timeout", "Maximum time to spend scanning chunks per detector (e.g., 30s).").Duration() archiveMaxSize = cli.Flag("archive-max-size", "Maximum size of archive to scan. (Byte units eg. 512B, 2KB, 4MB)").Bytes() archiveMaxDepth = cli.Flag("archive-max-depth", "Maximum depth of archive to scan.").Int() archiveTimeout = cli.Flag("archive-timeout", "Maximum time to spend extracting an archive.").Duration() @@ -439,6 +440,9 @@ func run(state overseer.State) { } } + if *detectorTimeout != 0 { + engine.SetDetectorTimeout(*detectorTimeout) + } if *archiveMaxSize != 0 { handlers.SetArchiveMaxSize(int(*archiveMaxSize)) } diff --git a/pkg/engine/engine.go b/pkg/engine/engine.go index 9ec11dccc181c..7d856c84ab45d 100644 --- a/pkg/engine/engine.go +++ b/pkg/engine/engine.go @@ -30,7 +30,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/sources" ) -const detectionTimeout = 10 * time.Second +var detectionTimeout = 10 * time.Second var errOverlap = errors.New( "More than one detector has found this result. For your safety, verification has been disabled." + @@ -316,6 +316,9 @@ func NewEngine(ctx context.Context, cfg *Config) (*Engine, error) { return engine, nil } +// SetDetectorTimeout sets the maximum timeout for each detector to scan a chunk. +func SetDetectorTimeout(timeout time.Duration) { detectionTimeout = timeout } + // setDefaults ensures that if specific engine properties aren't provided, // they're set to reasonable default values. It makes the engine robust to // incomplete configuration.