rules:
  - name: Coveralls Repo Identifier
    id: kingfisher.coveralls.1
    visible: false
    confidence: medium
    min_entropy: 2.0
    pattern: |
      (?xi)
      (?:
        coveralls\.io/
        (?:
          (?:
            github|bitbucket|gitlab
          )
          /
          (
            [A-Z0-9_.-]+
          )
          /
          (
            [A-Z0-9_.-]+
          )
        )
        |
        api/v1/repos/
        (
          github|bitbucket|gitlab
        )
        /
        (
          [A-Z0-9_.-]+
        )
      )
    examples:
      - https://coveralls.io/github/lemurheavy/coveralls-public
      - https://coveralls.io/gitlab/group/project
      - https://coveralls.io/api/v1/repos/github/octocat/hello-world

  - name: Coveralls Personal API Token
    id: kingfisher.coveralls.2
    pattern: |
      (?xi)
      \b
      coveralls
      (?:.|[\n\r]){0,1}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [A-Z0-9-]{37}
      )
      \b
    pattern_requirements:
      min_digits: 3
    min_entropy: 3.3
    confidence: medium
    examples:
      - coveralls_SECRETTOKEN abcdefghijklmnopqrstuvwxyzab12345cdef
      - coveralls-SECRET-KEY mnopqrstuvwxyzabcdefghi12345678901234
      - coveralls_PRIVATEKEY-1234567890abcdefghijklmnopqrstuvwxyza
    references:
      - https://docs.coveralls.io/api-repos-endpoint
      - https://docs.coveralls.io/api-introduction
    depends_on_rule:
      - rule_id: kingfisher.coveralls.1
        variable: COVERALLS_REPO_ID
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://coveralls.io/api/v1/repos/{{ COVERALLS_REPO_ID }}"
          headers:
            Authorization: "token {{ TOKEN }}"
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: WordMatch
              words: ['"service"', '"name"', '"id"']