我有一个服务器上的bitbucket存储库列表:
[user@lonapdbitbucket1 repositories]$ ls
1039 1044 1059 2165 2656 3958 3958 9284 9274 8274 7264 7263 8274如果我cd到其中一个仓库,运行git grep来搜索Ansible加密字符串,那么它就能正常工作-- git grep设法找到一个Ansible加密字符串:
[user@lonapdbitbucket1 repositories]$ cd 1044
[user@lonapdbitbucket1 repositories]$ git grep -P '\$ANSIBLE_VAULT;[0-9]\.[0-];AES256' $(git rev-list --all)为了跨多个回购协议执行此操作,我想将其转换为bash脚本:
# secret_scan.sh
repos_root=/var/lib/docker/volumes/bitbucket/_data/shared/data/repositories
git_grep_cmd=git grep -P '\$ANSIBLE_VAULT;[0-9]\.[0-];AES256' $(git rev-list --all)
for dir in ./*
do
# below line is just to clean up the directory string
repo_dir="$(d{dir#./}"
cd "${repos_root}${repo_dir}"; \
eval "git_grep_cmd"
done不幸的是,这不起作用:
[user@lonapdbitbucket1 repositories]$ ./secret_scan.sh
fatal: not a git repository (or any parent up to mount point /var/lib)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
fatal: this operation must be run in a work tree
[user@lonapdbitbucket1 repositories]$ _有没有人能在这里提出一个解决方案,本质上是cd到多个仓库,然后在每个仓库上运行git grep,复制结果,就像我在命令行上做的那样?
1条答案
按热度按时间qacovj5a1#
我不知道你想用eval和repo_dir来达到什么目的,这应该很简单:
因为
repos_root是绝对的,所以不需要返回到原始目录。但是我怀疑
git rev-list --all是否可以被替换,它的输出会很大。你是不是想在所有提交中找到这个字符串?要在完整的历史记录中搜索一个字符串,请检查Search all of Git history for a string和How to grep Git commit diffs or contents for a certain word