docs/src/secret-scanning/data/public-docs-schema.ts at 583e609d3c09e9e2880ce0b64a4ff55f826e79dd · github/docs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
// The secret-scanning.json contains an array of objects that look like this:
// {
//   "provider": "Azure",
//   "supportedSecret": "Azure SQL Connection String",
//   "secretType": "azure_sql_connection_string",
//   "isPublic": true,
//   "isPrivateWithGhas": true,
//   "hasPushProtection": false,
//   "hasValidityCheck": false,
//   "base64Supported": false,
//   "isduplicate": false,
// },

export interface SecretScanningEntry {
  provider: string
  supportedSecret: string
  secretType: string
  isPublic: boolean | string
  isPrivateWithGhas: boolean | string
  hasPushProtection: boolean | string
  hasValidityCheck: boolean | string
  hasExtendedMetadata: boolean | string
  base64Supported: boolean | string
  isduplicate: boolean
}

export default {
  type: 'array',
  items: {
    type: 'object',
    additionalProperties: false,
    required: [
      'provider',
      'supportedSecret',
      'secretType',
      'isPublic',
      'isPrivateWithGhas',
      'hasPushProtection',
      'hasValidityCheck',
      'hasExtendedMetadata',
    ],
    properties: {
      provider: {
        description: 'the name of the provider',
        type: 'string',
      },
      supportedSecret: {
        description: 'the name of the secret',
        type: 'string',
      },
      secretType: {
        description: 'the secret type',
        type: 'string',
        pattern: '[A-Za-z0-9_-]',
      },
      isPublic: {
        description: 'whether the secret is publicly available',
        type: ['boolean', 'string'],
      },
      isPrivateWithGhas: {
        description: 'whether the secret is available in GHAS',
        type: ['boolean', 'string'],
      },
      hasPushProtection: {
        description: 'whether the secret has push protection',
        type: ['boolean', 'string'],
      },
      hasValidityCheck: {
        description: 'whether the secret has its validation status checked',
        type: ['boolean', 'string'],
      },
      hasExtendedMetadata: {
        description: 'whether extended metadata is available for this secret',
        type: ['boolean', 'string'],
      },
      base64Supported: {
        description: 'whether scanning for base64-encoded versions of this type is supported',
        type: ['boolean', 'string'],
      },
      isduplicate: {
        description:
          'whether the token has more than one version, meaning there is more than one token description with the same token key',
        type: ['boolean'],
      },
    },
  },
}