Add ability to scan multiple repositories at once

Yelp / detect-secrets-server

Apache License 2.0

108 stars 34 forks source link

Add ability to scan multiple repositories at once #10

Open domanchi opened 5 years ago

domanchi commented 5 years ago

Context

If you want to manually scan more than one repository at once, you need to do them in separate invocations.

$ detect-secrets-server scan https://github.com/Yelp/detect-secrets
$ detect-secrets-server scan https://github.com/Yelp/detect-secrets-server

It would be convenient if you could specify more than one repository inline.

$ detect-secrets-server scan https://github.com/Yelp/detect-secrets https://github.com/Yelp/detect-secrets-server

This way, you could chain it with other CLI tools.

$ detect-secrets-server list | xargs detect-secrets-server scan

Proposed Fix

As described above.

chetmancini commented 5 years ago

I found myself trying to scan passing in the same config file I used to add. Seems like that should be sufficient?

domanchi commented 5 years ago

@chetmancini : which version of detect-secrets-server are you referring to? I think v0.1 supported config files in scan, but not v0.2 IIRC.

chetmancini commented 5 years ago

Interesting. I'm using the latest version. I'm brand new and am trying to setup this up first time to scan multiple repos. I'm still getting up to speed but will see if I can help enhance anything down the road.

domanchi commented 5 years ago

How curious.

Could you provide your example invocation for posterity?

chetmancini commented 5 years ago

Sure. I was thinking I could pass the repos.yaml file as the parameter to scanning, so you could have your configuration passed directly into the scan process.

# add them
$ detect-secrets-server add --config examples/repos.yaml
# scan them
$ detect-secrets-server scan --config examples/repos.yaml

akshayatplivo commented 5 years ago

@domanchi Any update on multiple repo scanning in 0.2? eagerly awaiting this enhancement

domanchi commented 5 years ago

@chetmancini : Ah yes, that was the original intent. Since this is a server-side tool, configuration files allow source controlled declaration of repositories to scan. I agree that feature is a "nice-to-have", rather than a much needed improvement due to this.

@akshayatplivo : You're always welcome to help contribute to this repository! My bandwidth is quite limited to work on this, but I had previously flagged this as a good first issue, so maybe this is a good opportunity to get your feet wet. 😃