kingfisher/data/rules/sentry.yml

rules:
  - name: Sentry Access Token
    id: kingfisher.sentry.1
    pattern: |
      (?xi)
      \b
      sentry
      (?:.|[\n\r]){0,32}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [a-f0-9]{64}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.0
    confidence: medium
    examples:
      - SENTRY_TOKEN=cbadefcbadefcbadefcbadefcbadefcbadefcbadefcbadefcbadefcbadefcbad
      - '"sentry-key": "3214567890cbadef3214567890cbadef3214567890cbadef3214567890cbadef"'
    references:
      - https://docs.sentry.io/api/auth/
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://sentry.io/api/0/projects/
          headers:
            Authorization: 'Bearer {{ TOKEN }}'
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status:
                - 200

  - name: Sentry Organization Token
    id: kingfisher.sentry.2
    pattern: |
      (?x)
      \b
      (
        sntrys_eyJpYXQiO
        [a-zA-Z0-9+/]{10,192}
        (?:
          LCJyZWdpb25fdXJs
          | InJlZ2lvbl91cmwi
          | cmVnaW9uX3VybCI6
        )
        [a-zA-Z0-9+/]{10,192}
        ={0,2}
        _
        [a-zA-Z0-9+/]{43}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 4.5
    confidence: medium
    examples:
      - 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
      - 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
    references:
      - https://docs.sentry.io/api/auth/
      - https://github.com/getsentry/rfcs/blob/main/text/0091-ci-upload-tokens.md
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://sentry.io/api/0/projects/
          headers:
            Authorization: 'Bearer {{ TOKEN }}'
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status:
                - 200

  - name: Sentry User Token
    id: kingfisher.sentry.3
    pattern: |
      (?xi)
      \b
      (
        sntryu_[a-f0-9]{64}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - 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
      - SNTRY_USER="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"
    references:
      - https://docs.sentry.io/api/auth/
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://sentry.io/api/0/projects/
          headers:
            Authorization: 'Bearer {{ TOKEN }}'
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status:
                - 200