add simple regex support

main.go

@@ -25,9 +25,11 @@ package main
 // ------------------------------------------------------------------------------
 
 import (
+	"context"
 	"flag"
 	"fmt"
 	"os"
+	"os/signal"
 	"path"
 	"runtime"
 	"strconv"
@@ -38,6 +40,7 @@ import (
 	"github.com/deepfence/SecretScanner/scan"
 	"github.com/deepfence/SecretScanner/server"
 	"github.com/deepfence/SecretScanner/signature"
+	"github.com/deepfence/golang_deepfence_sdk/utils/tasks"
 	"github.com/deepfence/match-scanner/pkg/config"
 	log "github.com/sirupsen/logrus"
 )
@@ -61,7 +64,7 @@ type SecretsWriter interface {
 	AddSecret(output.SecretFound)
 }
 
-func runOnce(filters config.Filters, format string) {
+func runOnce(ctx context.Context, filters config.Filters, format string) {
 	var result SecretsWriter
 	var err error
 	node_type := ""
@@ -95,7 +98,11 @@ func runOnce(filters config.Filters, format string) {
 		}
 	}
 
-	scan.Scan(nil, nodeType, filters, "", node_id, "", func(sf output.SecretFound, s string) {
+	scanCtx := tasks.ScanContext{
+		Context: ctx,
+	}
+
+	scan.Scan(&scanCtx, nodeType, filters, "", node_id, "", func(sf output.SecretFound, s string) {
 		result.AddSecret(sf)
 	})
 
@@ -165,22 +172,21 @@ func main() {
 	// Process and store the read signatures
 	signature.ProcessSignatures(session.Config.Signatures)
 
-	// Build Hyperscan database for fast scanning
-	signature.BuildRegexes()
-
 	flag.Parse()
 
 	if *core.GetSession().Options.Debug {
 		log.SetLevel(log.DebugLevel)
 	}
 
+	ctx, _ := signal.NotifyContext(context.Background(), os.Interrupt)
+
 	if *socketPath != "" {
-		err := server.RunServer(*socketPath, PLUGIN_NAME)
+		err := server.RunServer(ctx, *socketPath, PLUGIN_NAME)
 		if err != nil {
 			log.Fatal("main: failed to serve: %v", err)
 		}
 	} else {
 		extCfg := config.Config2Filter(core.GetSession().ExtractorConfig)
-		runOnce(extCfg, *core.GetSession().Options.OutFormat)
+		runOnce(ctx, extCfg, *core.GetSession().Options.OutFormat)
 	}
 }

scan/scanner.go

@@ -1,10 +1,10 @@
 package scan
 
 import (
-	"context"
 	"fmt"
 	"io"
 	"path/filepath"
+	"sync"
 
 	"github.com/deepfence/SecretScanner/output"
 	"github.com/deepfence/SecretScanner/signature"
@@ -38,11 +38,17 @@ func ScanTypeString(st ScanType) string {
 
 func scanFile(contents io.ReadSeeker, relPath, fileName, fileExtension, layer string, numSecrets *uint, matchedRuleSet map[uint]uint) ([]output.SecretFound, error) {
 
+	simpleSecrets, err := signature.MatchSimpleSignatures(contents, relPath, fileName, fileExtension, layer, numSecrets, matchedRuleSet)
+	if err != nil {
+		return nil, err
+	}
+
 	secrets, err := signature.MatchPatternSignatures(contents, relPath, fileName, fileExtension, layer, numSecrets, matchedRuleSet)
 	if err != nil {
 		return nil, err
 	}
-	return secrets, nil
+
+	return append(simpleSecrets, secrets...), nil
 }
 
 func Scan(ctx *tasks.ScanContext,
@@ -72,17 +78,18 @@ func Scan(ctx *tasks.ScanContext,
 	// results has to be 1 element max
 	// to avoid overwriting the buffer entries
 	results := make(chan []output.SecretFound)
-	defer close(results)
 
+	wg := sync.WaitGroup{}
+	wg.Add(1)
 	go func() {
+		defer wg.Done()
 		for malwares := range results {
 			for _, malware := range malwares {
 				outputFn(malware, scanID)
 			}
 		}
 	}()
-
-	genscan.ApplyScan(context.Background(), extract, func(f extractor.ExtractedFile) {
+	genscan.ApplyScan(ctx.Context, extract, func(f extractor.ExtractedFile) {
 		if ctx != nil {
 			err := ctx.Checkpoint("scan_phase")
 			if err != nil {
@@ -98,5 +105,9 @@ func Scan(ctx *tasks.ScanContext,
 
 		results <- m
 	})
+
+	close(results)
+	wg.Wait()
+
 	return nil
 }

server/grpc.go

@@ -4,10 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net"
-	"os"
-	"os/signal"
 	"sync"
-	"syscall"
 
 	"github.com/deepfence/SecretScanner/jobs"
 	pb "github.com/deepfence/agent-plugins-grpc/srcgo"
@@ -70,37 +67,30 @@ func (s *gRPCServer) FindSecretInfo(c context.Context, r *pb.FindRequest) (*pb.F
 	return &pb.FindResult{}, nil
 }
 
-func RunServer(socket_path string, plugin_name string) error {
-
-	sigs := make(chan os.Signal, 1)
-	done := make(chan bool, 1)
-
-	signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)
+func RunServer(ctx context.Context, socket_path string, plugin_name string) error {
 
 	lis, err := net.Listen("unix", fmt.Sprintf("%s", socket_path))
 	if err != nil {
 		return err
 	}
 	s := grpc.NewServer()
 
-	go func() {
-		<-sigs
-		s.GracefulStop()
-		done <- true
-	}()
-
 	jobs.ScanMap = sync.Map{}
 
 	impl := &gRPCServer{socket_path: socket_path, plugin_name: plugin_name}
 	pb.RegisterAgentPluginServer(s, impl)
 	pb.RegisterSecretScannerServer(s, impl)
 	pb.RegisterScannersServer(s, impl)
 	log.Infof("main: server listening at %v", lis.Addr())
-	if err := s.Serve(lis); err != nil {
-		return err
-	}
+	go func() {
+		if err := s.Serve(lis); err != nil {
+			log.Errorf("server: %v", err)
+		}
+	}()
+
+	<-ctx.Done()
+	s.GracefulStop()
 
-	<-done
 	log.Infof("main: exiting gracefully")
 	return nil
 }