update docs and support multi platform docker images

.github/workflows/release.yml

@@ -1,30 +1,47 @@
 name: release
 
+# on:
+#   push:
+#     tags:
+#       - 'v*'
+
 on:
   push:
     tags:
-      - 'v*'
+      - v*
+    branches:
+      - main
+  pull_request:
+
+permissions:
+  contents: write
 
 jobs:
-  goreleaser:
+  Release:
     runs-on: ubuntu-latest
+    env:
+      DOCKER_CLI_EXPERIMENTAL: "enabled"
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      -
-        name: Set up Go
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      - name: Docker Login
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Set up Go
         uses: actions/setup-go@v2
         with:
           go-version: 1.17
-      -
-        name: Run GoReleaser
+      - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2
         with:
-          distribution: goreleaser
           version: latest
           args: release --rm-dist
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -1 +1,2 @@
 .idea
+dist

.goreleaser.yml

@@ -0,0 +1,45 @@
+builds:
+- env: [CGO_ENABLED=0]
+  binary: trufflehog
+  goos:
+  - linux
+  - windows
+  - darwin
+  goarch:
+  - amd64
+  - arm64
+dockers:
+- image_templates: ["ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64"]
+  dockerfile: Dockerfile.goreleaser
+  use: buildx
+  build_flag_templates:
+  - --platform=linux/amd64
+  - --label=org.opencontainers.image.title={{ .ProjectName }}
+  - --label=org.opencontainers.image.description={{ .ProjectName }}
+  - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }}
+  - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }}
+  - --label=org.opencontainers.image.version={{ .Version }}
+  - --label=org.opencontainers.image.revision={{ .FullCommit }}
+  - --label=org.opencontainers.image.licenses=AGPL-3.0
+- image_templates: ["ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8"]
+  goarch: arm64
+  dockerfile: Dockerfile.goreleaser
+  use: buildx
+  build_flag_templates:
+  - --platform=linux/arm64/v8
+  - --label=org.opencontainers.image.title={{ .ProjectName }}
+  - --label=org.opencontainers.image.description={{ .ProjectName }}
+  - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }}
+  - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }}
+  - --label=org.opencontainers.image.version={{ .Version }}
+  - --label=org.opencontainers.image.revision={{ .FullCommit }}
+  - --label=org.opencontainers.image.licenses=AGPL-3.0
+docker_manifests:
+- name_template: ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}
+  image_templates:
+  - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64
+  - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8
+- name_template: ghcr.io/trufflesecurity/{{ .ProjectName }}:latest
+  image_templates:
+  - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64
+  - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8

Dockerfile.goreleaser

@@ -0,0 +1,6 @@
+FROM golang:bullseye as builder
+
+FROM scratch
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+COPY trufflehog /usr/bin/trufflehog
+ENTRYPOINT ["/usr/bin/trufflehog"]

README.md

@@ -1,6 +1,11 @@
 # TruffleHog
 
-# Join The Slack
+[![CI Status](https://github.com/trufflesecurity/trufflehog2/workflows/release/badge.svg)](https://github.com/trufflesecurity/trufflehog2/actions)
+[![Go Report Card](https://goreportcard.com/badge/github.com/trufflesecurity/trufflehog2)](https://goreportcard.com/report/github.com/trufflesecurity/trufflehog2)
+[![Docker Hub Build Status](https://img.shields.io/docker/cloud/build/trufflesecurity/trufflehog2.svg)](https://hub.docker.com/r/trufflesecurity/trufflehog2/)
+![GitHub](https://img.shields.io/github/license/trufflesecurity/trufflehog2)
+
+## Join The Slack
 Have questions? Feedback? Jump in slack and hang out with us
 
 https://join.slack.com/t/trufflehog-community/shared_invite/zt-pw2qbi43-Aa86hkiimstfdKH9UCpPzQ
@@ -14,8 +19,28 @@ Several options:
 
 ### 2. [Release binaries](https://github.com/trufflesecurity/trufflehog2/releases)
 
-### 3. Docker (TODO)
-`docker run ...`
+### 3. Docker
+```bash
+$ docker run -v "$PWD:/pwd" ghcr.io/trufflesecurity/trufflehog2:latest github --repo https://github.com/dustin-decker/secretsandstuff.git     
+🐷🔑🐷  TruffleHog. Unearth your secrets. 🐷🔑🐷
+
+Found verified result 🐷🔑
+Detector Type: AWS
+File: aws
+Link: https://github.com/dustin-decker/secretsandstuff/blob/90c75f884c65dc3638ca1610bd9844e668f213c2/aws
+Repository: https://github.com/dustin-decker/secretsandstuff.git
+Commit: 90c75f884c65dc3638ca1610bd9844e668f213c2
+Email: dustindecker@protonmail.com
+
+Found unverified result 🐷🔑❓
+Detector Type: Github
+File: slack
+Link: https://github.com/dustin-decker/secretsandstuff/blob/8afb0ecd4998b1179e428db5ebbcdc8221214432/slack
+Repository: https://github.com/dustin-decker/secretsandstuff.git
+Commit: 8afb0ecd4998b1179e428db5ebbcdc8221214432
+Email: dustindecker@protonmail.com
+...
+```
 
 ### 4. Pip (TODO)
 pip install trufflehog

pkg/engine/git.go

@@ -3,9 +3,10 @@ package engine
 import (
 	"context"
 	"fmt"
-	"github.com/go-git/go-git/v5/plumbing/object"
 	"runtime"
 
+	"github.com/go-git/go-git/v5/plumbing/object"
+
 	gogit "github.com/go-git/go-git/v5"
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/sirupsen/logrus"