SecretScanner http server post format

Question

SecretScanner http server post format

Ethonwu opened this issue 2 years ago · comments

Hello,
I run SecretScanner as a http server.
But I do not know how to use curl command to POST data to http server.
This is my example:

curl -X POST http://0.0.0.0:8080/secret-scan -d '{"image_name_with_tag_list": ["<my_image_name:tag>"]}' -H 'Content-Type: application/json'

And output is:

{"error":"Image Name with tag list is required "}

I have trace code, and in http.go file, I found the runSecretScan func in line 49.
But I always POST fail to http server, what is POST data format?

Saurabh Kumar · Answer 1 · Thu Apr 28 2022 20:50:59 GMT+0800 (China Standard Time)

Hi @Ethonwu
Thank you for trying SecretScanner, currently the SecretScanner http server is written for the use with ThreatMapper only. We will get back to you with a generic http service.

Ethon Wu · Answer 2 · Fri Apr 29 2022 11:10:45 GMT+0800 (China Standard Time)

Thank you, i find this api server mode input para is depend on registry_image_save.py options.
I am researching this python code, if I have some research result such as: find some POST data pattern, I will try to update this info on README

Harshvardhan Karn · Answer 3 · Thu Sep 29 2022 23:01:50 GMT+0800 (China Standard Time)

Hi @Ethonwu, the feature to run SecretScanner as a independent HTTP server mode has been added. Please refer to this PR: #67
I'll update the README with this.
thanks

Harshvardhan Karn · Answer 4 · Thu Sep 29 2022 23:03:07 GMT+0800 (China Standard Time)

TODO:

Update Readme with standalone mode