From cb8048abf8dc57a2678741af37a2147d130596b3 Mon Sep 17 00:00:00 2001 From: Leonardo Fontes <77800309+LeonardoLordelloFontes@users.noreply.github.com> Date: Tue, 17 Sep 2024 10:33:09 +0100 Subject: [PATCH] fix: readme details (#248) Updated dockerfile images and upgraded go to version 1.23.1 Added clarity to the commands used for Confluence, distinguishing between public and private spaces. Fixed description of - Paligo username - Discord messages count - Slack messages count --- .github/workflows/pr-validation.yml | 2 +- Dockerfile | 6 +++--- README.md | 21 ++++++++++++++------- go.mod | 2 +- 4 files changed, 19 insertions(+), 12 deletions(-) diff --git a/.github/workflows/pr-validation.yml b/.github/workflows/pr-validation.yml index 55b763e8..d67fb0a6 100644 --- a/.github/workflows/pr-validation.yml +++ b/.github/workflows/pr-validation.yml @@ -30,7 +30,7 @@ jobs: git diff --exit-code - name: Go Linter - run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.57.2 golangci-lint run -v -E gofmt --timeout=5m --out-format github-actions + run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.61.0 golangci-lint run -v -E gofmt --timeout=5m --out-format github-actions - name: Go Test run: go test -v ./... diff --git a/Dockerfile b/Dockerfile index 966bcc27..6e64b7d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # and "Missing User Instruction" since 2ms container is stopped after scan # Builder image -FROM cgr.dev/chainguard/go@sha256:a06a462f22445088e8bbb4478dedf83228af0db9003cd4f4cde5981694bc3d3d AS builder +FROM cgr.dev/chainguard/go@sha256:1e17e06119fc26b78a9a2208aeab6209f9ef90b6a19f3fc69d4cc581e70d09bf AS builder WORKDIR /app @@ -14,9 +14,9 @@ COPY . . RUN go build -o /app/2ms . # Runtime image -FROM cgr.dev/chainguard/wolfi-base@sha256:6bc98699de679ce5e9d1d53b9d06b99acde93584bf539690d61ec538916b1e74 +FROM cgr.dev/chainguard/git@sha256:02660563e96b553d6aeb4093e3fcc3e91b2ad3a86e05c65b233f37f035e5044e -RUN apk add --no-cache bash=5.2.21-r1 git=2.45.1-r0 glibc=2.39-r5 glibc-locale-posix=2.39-r5 ld-linux==2.39-r5 libcrypt1=2.39-r5 && git config --global --add safe.directory /repo +RUN apk add --no-cache bash=5.2.21-r1 git=2.45.1-r0 git-lfs=3.5.1-r8 libcurl-openssl4=8.10.0-r0 glibc=2.39-r5 glibc-locale-posix=2.39-r5 ld-linux==2.39-r5 libcrypt1=2.39-r5 && git config --global --add safe.directory /repo COPY --from=builder /app/2ms . diff --git a/README.md b/README.md index d389ec96..3051b615 100644 --- a/README.md +++ b/README.md @@ -263,11 +263,18 @@ This command is used to scan a [Confluence](https://www.atlassian.com/software/c For example: -```bash -2ms confluence https://checkmarx.atlassian.net/wiki --spaces secrets -``` +- To scan public spaces: + + ```bash + 2ms confluence https://checkmarx.atlassian.net/wiki --spaces secrets + ``` + 💡 [The `secrets` Confluence site](https://checkmarx.atlassian.net/wiki/spaces/secrets) purposely created with plain example secrets as a test subject for this demo -- 💡 [The `secrets` Confluence site](https://checkmarx.atlassian.net/wiki/spaces/secrets) purposely created with plain example secrets as a test subject for this demo +- To scan private spaces, authentication is required + ```bash + 2ms confluence --username --token --spaces + ``` + [How to get a Confluence API token](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/). [![asciicast](https://asciinema.org/a/607179.svg)](https://asciinema.org/a/607179) @@ -279,7 +286,7 @@ Scans [Paligo](https://paligo.net/) content management system instance. | ------------ | ------ | ------------------------------- | ------------------------------------------------ | | `--instance` | string | - | Instance name | | `--token` | string | - | API token for authentication | -| `--username` | string | - | Confluence user name or email for authentication | +| `--username` | string | - | Paligo username | | `--folder` | string | scanning all instance's folders | Folder ID | | `--auth` | string | - | Base64 auth header encoded username:password | @@ -291,7 +298,7 @@ Scans [Discord](https://discord.com/) chat application history. | ------------------ | -------- | -------------------------------- | ------------------------------------------------------------------------------------------------------ | | `--token` | string | - | Discord token | | `--channel` | strings | all channels will be scanned | Discord channel IDs to scan | -| `--messages-count` | int | 0 = all messages will be scanned | Confluence user name or email for authentication | +| `--messages-count` | int | 0 = all messages will be scanned | The number of messages to scan | | `--duration` | duration | 14 days | The time interval to scan from the current time. For example, 24h for 24 hours or 336h0m0s for 14 days | | `--server` | strings | - | Discord servers IDs to scan | @@ -311,7 +318,7 @@ Scans [Slack](https://slack.com/) chat application history. | ------------------ | -------- | -------------------------------- | ------------------------------------------------------------------------------------------------------ | | `--token` | string | - | Slack token | | `--channel` | strings | all channels will be scanned | Slack channel IDs to scan | -| `--messages-count` | int | 0 = all messages will be scanned | Confluence user name or email for authentication | +| `--messages-count` | int | 0 = all messages will be scanned | The number of messages to scan | | `--duration` | duration | 14 days | The time interval to scan from the current time. For example, 24h for 24 hours or 336h0m0s for 14 days | | `--team` | string | - | Slack team name or ID | diff --git a/go.mod b/go.mod index 2d530408..b3e54405 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/checkmarx/2ms -go 1.22.3 +go 1.23.1 require ( github.com/bwmarrin/discordgo v0.27.1