generated from Ostorlab/template_agent
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathostorlab.yaml
55 lines (54 loc) · 2.23 KB
/
ostorlab.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
kind: Agent
name: trufflehog
version: 0.4.5
description: |
This repository is an implementation of [OXO Agent](https://pypi.org/project/ostorlab/) for the [trufflehog tool] https://github.com/trufflesecurity/trufflehog by trufflesecurity.
## Getting Started
To perform your first scan, simply run the following command:
```shell
oxo scan run --install --agent agent/ostorlab/trufflehog file [YOUR_TARGET_FILE]
```
This command will download and install `agent/ostorlab/trufflehog` and the target file`.
For more information, please refer to the [OXO Documentation](https://oxo.ostorlab.co/docs)
## Usage
Agent TruffleHog can be installed directly from the oxo agent store or built from this repository.
### Install directly from oxo agent store
```shell
oxo agent install agent/ostorlab/trufflehog
```
You can then run the agent with the following command:
```shell
oxo scan run --agent agent/ostorlab/trufflehog file [YOUR_TARGET_FILE]
```
### Build directly from the repository
1. To build the trufflehog agent you need to have [oxo](https://pypi.org/project/ostorlab/) installed in your machine. If you have already installed oxo, you can skip this step.
```shell
pip3 install ostorlab
```
2. Clone this repository.
```shell
git clone [email protected]:Ostorlab/agent_trufflehog.git && cd agent_trufflehog
```
3. Build the agent image using oxo cli.
```shell
oxo agent build --file=ostorlab.yaml
```
You can pass the optional flag `--organization` or `-o` to specify your organisation. The organization is empty by default.
4. Run the agent using on of the following commands:
* If you did not specify an organization when building the image:
```shell
oxo scan run --agent agent//trufflehog file [YOUR_TARGET_FILE]
```
* If you specified an organization when building the image:
```shell
oxo scan run --agent agent/[ORGANIZATION]/trufflehog file [YOUR_TARGET_FILE]
```
in_selectors:
- v3.asset.file
- v3.asset.link
- v3.capture.logs
- v3.capture.request_response
out_selectors:
- v3.report.vulnerability
docker_file_path : Dockerfile # Dockerfile path for automated release build.
docker_build_root : . # Docker build dir for automated release build.