kingfisher/data/rules/jenkins.yml

rules:
  - name: Jenkins Token or Crumb
    id: kingfisher.jenkins.1
    pattern: '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b'
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.3
    confidence: medium
    examples:
      - |
        jenkins_user = 'root'
        # jenkins_passwd = '116365fd86d63bf507aba962606a5c8956'  Pre token
        jenkins_passwd = '11811f784531053132519844d047186074'   # Dev Token
        jenkins_url = 'http://10.1.188.121'
      - |
        export JENKINS_USER=justin-admin-edit-view
        export JENKINS_TOKEN=11f4274ec59be12eace9a08b08ee13d54b
        export JENKINS=jenkins-cicd.apps.sno.openshiftlabs.net
      - |
        sh "curl -X POST 'http://jenkins.lsfusion.luxsoft.by/job/${Paths.updateParentVersionsJob}/build' --user ${USERPASS} -H 'Jenkins-Crumb:440561953171ba44ace9740562d172bb'"
    references:
      - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/
      - https://www.jenkins.io/doc/book/security/csrf-protection/