eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions

performance improvements and rule improvements

Browse source
This commit is contained in:
Mick Grove 2026-04-17 08:30:05 -07:00
commit 7d16f05df6
1 changed files with 67 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

68
crates/kingfisher-rules/data/rules/aikido.yml
View file

@ -1,11 +1,77 @@
rules:
- name: Aikido Client ID
id: kingfisher.aikido.2
pattern: |
(?x)
\b
(
AIK_CLIENT_[A-Za-z0-9]{24}
)
\b
pattern_requirements:
min_digits: 2
min_uppercase: 2
min_lowercase: 2
min_entropy: 3.0
confidence: medium
visible: false
examples:
- 'AIK_CLIENT_ID=AIK_CLIENT_a1B2c3D4e5F6g7H8i9J0k1L2'
references:
- https://apidocs.aikido.dev/reference/authorization
- https://apidocs.aikido.dev/reference/getaccesstoken
- name: Aikido Client Secret
id: kingfisher.aikido.3
pattern: |
(?x)
\b
(
AIK_SECRET_[A-Za-z0-9]{64}
)
\b
pattern_requirements:
min_digits: 4
min_uppercase: 4
min_lowercase: 4
min_entropy: 3.5
confidence: medium
examples:
- 'AIK_CLIENT_SECRET=AIK_SECRET_a1B2c3D4e5F6g7H8i9J0k1L2m3N4o5P6q7R8s9T0u1V2w3X4y5Z6a7B8c9D0e1F2'
depends_on_rule:
- rule_id: kingfisher.aikido.2
variable: CLIENT_ID
references:
- https://apidocs.aikido.dev/reference/authorization
- https://apidocs.aikido.dev/reference/getaccesstoken
validation:
type: Http
content:
request:
method: POST
url: https://app.aikido.dev/api/oauth/token
headers:
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Authorization: "Basic {{ CLIENT_ID | append: ':' | append: TOKEN | b64enc }}"
body: grant_type=client_credentials
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: JsonValid
- type: WordMatch
words:
- '"access_token"'
- '"token_type"'
- name: Aikido CI Token
id: kingfisher.aikido.1
pattern: |
(?x)
\b
(
AIK_CI_[a-zA-Z0-9]{20,44}
AIK_CI_[A-Za-z0-9]{20,44}
)
\b
min_entropy: 3.0