From 6ac1587b1eb468f6cb439950be755c590d1425be Mon Sep 17 00:00:00 2001
From: Tim Kelly <austimkelly@gmail.com>
Date: Fri, 2 Feb 2024 08:00:30 -0500
Subject: [PATCH] try a brew install to get unit test to run on gitleaks
 execution

---
 .github/workflows/unit_tests.yml | 6 ++++++
 org-scan/secretsynth.py          | 3 ++-
 org-scan/ss_unittests.py         | 7 +++++++
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
index fd6da50..49bff39 100644
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@@ -20,10 +20,16 @@ jobs:
       with:
         python-version: 3.8
 
+    - name: Install Homebrew
+      run: |
+        /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
         pip install -r ./org-scan/requirements.txt
+        brew install gitleaks
+        brew install trufflehog
 
     - name: Run tests
       working-directory: ./org-scan
diff --git a/org-scan/secretsynth.py b/org-scan/secretsynth.py
index be02a6f..8111314 100644
--- a/org-scan/secretsynth.py
+++ b/org-scan/secretsynth.py
@@ -305,7 +305,8 @@ def count_top_level_dirs(directory):
 gitleaks_merged_report_filename = f"{REPORTS_DIR}/gitleaks_report_merged_filename_{timestamp}.csv"
 if not SKIP_GITLEAKS:
     print("Concatenating gitleaks report CSV files...")
-    concatenate_gitleaks_csv_files(gitleaks_merged_report_filename, GITLEAKS_REPORTS_DIR, LOGGER)
+    if not DRY_RUN:
+        concatenate_gitleaks_csv_files(gitleaks_merged_report_filename, GITLEAKS_REPORTS_DIR, LOGGER)
 
 ghas_secret_alerts_filename = f"{REPORTS_DIR}/ghas_secret_alerts_{timestamp}.csv"
 if not SKIP_GHAS:
diff --git a/org-scan/ss_unittests.py b/org-scan/ss_unittests.py
index bd5d205..555e200 100644
--- a/org-scan/ss_unittests.py
+++ b/org-scan/ss_unittests.py
@@ -24,5 +24,12 @@ def test_skip_all_scanners(self):
         # Check that the command completed successfully
         self.assertEqual(result.returncode, 0)
 
+    def test_skip_only_run_gitleaks(self):
+        # Run the command with arguments to skip some scanners and capture the output
+        result = subprocess.run(['python3', 'secretsynth.py', '--org-type', 'users', '--owners', 'swell-consulting', '--skip-ghas', '--skip-trufflehog', '--skip-noseyparker'], capture_output=True)
+
+        # Check that the command completed successfully
+        self.assertEqual(result.returncode, 0)
+
 if __name__ == '__main__':
     unittest.main()
\ No newline at end of file