Skip to content

Feat/bare clone option #108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
noambivalence wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Feat/bare clone option #108

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8f2f106
feat: adds a --bare-clone option (defaults to false) to be able to ma…
noambivalence Oct 7, 2025
d6bb1de
feat: defaults to false to preserve the current beahviour
noambivalence Oct 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions cmd/scan/scm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,11 @@ var (
scanArgs scan.ScanArgs
scmConfig scm.ScmConfig

noArchived bool
sshClone bool
filesOnly bool
noProgress bool
noArchived bool
sshClone bool
filesOnly bool
noProgress bool
noBareClone bool

verbose bool
noColor bool
Expand Down Expand Up @@ -77,6 +78,7 @@ func preRun(cmd *cobra.Command, args []string) {
scanArgs.ScanType = scan.ScanTypeFilesOnly
}
scanArgs.ShowProgress = !noProgress
scanArgs.BareClone = !noBareClone

log.Debug().
Str("scan_type", scanArgs.ScanType.String()).
Expand All @@ -86,6 +88,7 @@ func preRun(cmd *cobra.Command, args []string) {
Str("baseline_path", scanArgs.BaselinePath).
Int("max_concurrency", scanArgs.MaxConcurrency).
Bool("show_progress", scanArgs.ShowProgress).
Bool("bare_clone", scanArgs.BareClone).
Msg("parsed scan args")
}

Expand All @@ -106,6 +109,7 @@ func registerCommonFlags(cmd *cobra.Command) {
cmd.Flags().StringVar(&scannerTrufflehogPath, "scanner-trufflehog-path", "trufflehog", "Custom path to the trufflehog binary")
cmd.Flags().BoolVar(&filesOnly, "files-only", false, "Only run the scan on the files of the default branch")
cmd.Flags().BoolVar(&noProgress, "no-progress", false, "Hide progress bar during scan")
cmd.Flags().BoolVar(&noBareClone, "no-bare-clone", false, "Clone repositories with working directory")

// log flags
cmd.Flags().BoolVar(&noColor, "no-color", false, "Disable color output")
Expand Down
7 changes: 4 additions & 3 deletions internal/scan/scan.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,14 +86,15 @@ type ScanArgs struct {
BaselinePath string
MaxConcurrency int
ShowProgress bool
BareClone bool
}

func repoScanTask(ctx context.Context, repository string, s scm.Scm, full bool, w report.ReportWriter) error {
func repoScanTask(ctx context.Context, repository string, s scm.Scm, full bool, bareClone bool, w report.ReportWriter) error {
destination := path.Join(utils.TempDirPath(), repository)

url := s.GitRepoUrl(repository)

err := git.Clone(ctx, url, destination, !full, true)
err := git.Clone(ctx, url, destination, !full, bareClone, true)
if err != nil {
// if remote is empty, scan next repository
if errors.Is(err, transport.ErrEmptyRemoteRepository) {
Expand Down Expand Up @@ -170,7 +171,7 @@ func Scan(ctx context.Context, s scm.Scm, args ScanArgs) error {
for _, repo := range repos {
repo := repo // closure
tasks = append(tasks, progress.NewTask(func(ctx context.Context) error {
return repoScanTask(ctx, repo, s, args.ScanType == ScanTypeFull, writer)
return repoScanTask(ctx, repo, s, args.ScanType == ScanTypeFull, args.BareClone, writer)
}))
}

Expand Down
4 changes: 2 additions & 2 deletions internal/scan/scanners/ignore_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import (
var testPath string = path.Join(utils.TempDirPath(), "tests")

func TestIsLineIgnored(t *testing.T) {
err := git.Clone(context.Background(), "https://github.com/gitleaks/gitleaks", path.Join(testPath, "gitleaks"), false, true)
err := git.Clone(context.Background(), "https://github.com/gitleaks/gitleaks", path.Join(testPath, "gitleaks"), false, false, true)
if err != nil {
t.Fatalf(`git.Clone("https://github.com/gitleaks/gitleaks", ...) = %v, nil`, err)
}
Expand All @@ -24,7 +24,7 @@ func TestIsLineIgnored(t *testing.T) {
t.Fatalf(`IsLineIgnored(gitleaks, "abfd0f3fdcb7925ff94184fba67b5d444cc42f92", ...) = %t, %v, want %t, nil`, test, err, want)
}

err = git.Clone(context.Background(), "https://github.com/trufflesecurity/trufflehog", path.Join(testPath, "trufflehog"), false, true)
err = git.Clone(context.Background(), "https://github.com/trufflesecurity/trufflehog", path.Join(testPath, "trufflehog"), false, false, true)
if err != nil {
t.Fatalf(`git.Clone("https://github.com/trufflesecurity/trufflehog", ...) = %v, nil`, err)
}
Expand Down
4 changes: 2 additions & 2 deletions internal/scm/git/clone.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ import (
"github.com/go-git/go-git/v5"
)

func Clone(ctx context.Context, url string, destination string, shallow bool, fetchIfExists bool) error {
func Clone(ctx context.Context, url string, destination string, shallow bool, bare bool, fetchIfExists bool) error {
opts := &git.CloneOptions{URL: url}
if shallow {
opts.SingleBranch = true
opts.Tags = git.NoTags
opts.Depth = 1
}

_, err := git.PlainCloneContext(ctx, destination, true, opts)
_, err := git.PlainCloneContext(ctx, destination, bare, opts)
if err != nil {
// if the path already exists, it means the repostiory has already been cloned and it is not an error
if errors.Is(err, git.ErrRepositoryAlreadyExists) {
Expand Down