Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Gitlab key scanner. Key note: This won't scale. If you are above 50% disk utilization even just on your Gitlab server, consider using a storage solution like NFS to offload things.
#!/bin/bash
# Change this to your location on your Gitlab server
REPO_LOCATION="/home/gitlab/repositories"
cp_repos() {
echo "Removing past repo data"
rm -rf /tmp/scanresults
echo "Creating directory structure"
mkdir -p /tmp/scanresults
echo "Copying repo data from production"
cp -r "$REPO_LOCATION" /tmp/scanresults
}
scan_repo() {
echo "Passed: $1"
mkdir -p /tmp/activescanning
repo=$(echo -n $1| rev|cut -d\/ -f1|cut -d. -f2-|rev)
namespace=$(echo -n $1| rev|cut -d\/ -f2|rev)
echo "Scanning $repo in $namespace"
mkdir -p "/tmp/activescanning/$repo/"
cp -r "$1" "/tmp/activescanning/$repo/.git/"
cd "/tmp/activescanning/$repo/"
# Make sure we're in a good state in the repo
git init 2>/dev/null
git checkout master 2>/dev/null
mkdir -p "/tmp/results/$repo"
trufflehog file://. --entropy=False --regex
}
cleanup() {
rm -rf /tmp/results
rm -rf /tmp/scanresults
rm -rf /tmp/activescanning
}
cleanup
cp_repos
find /tmp/scanresults -name "*.git" | while read -r D
do
scan_repo $D
done
cleanup
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.