Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create kubeconfig detector #2894

wants to merge 1 commit into
base: main
Choose a base branch


Copy link

@rgmz rgmz commented May 29, 2024


This creates a detector to match both JSON and YAML kubeconfig files12.

While it works, it clashes against many of TruffleHog's current limitations.

  1. Using regular expression to match/parse structured data
  2. It requires all the relevant data to be committed at once, otherwise it won't be detected (Multi-part secrets are not reliably detected #2267).
  3. It won't work on larger configs that get split by the chunker
    // ChunkSize is the maximum size of a chunk.
    ChunkSize = 10 * 1024
✅ Found verified result 🐷🔑
Detector Type: KubeConfig
Decoder Type: PLAIN
Raw result: eyJhbGci...
User: system:serviceaccount:default:namespace/sa-name
Type: TokenAuth
Namespaces: default,kube1,kube2,kube3,kube4 (+ more)
File: /home/user/.kube/config
Line: 59



  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?




@rgmz rgmz force-pushed the feat/detector/kubeconfig branch 4 times, most recently from 024c706 to c87e45a Compare June 5, 2024 00:38
@rgmz rgmz force-pushed the feat/detector/kubeconfig branch 3 times, most recently from 4701e16 to af6698e Compare June 21, 2024 02:56
@rgmz rgmz force-pushed the feat/detector/kubeconfig branch from af6698e to 1ea2766 Compare June 30, 2024 16:27
@rgmz rgmz force-pushed the feat/detector/kubeconfig branch from 1ea2766 to 6bf45f5 Compare July 1, 2024 18:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

1 participant