Merge pull request #293 from bancolombia/fix/engine_secret

cajlopezor · web-flow · commit 70d292ca9ee9 · 2025-01-20T12:08:40.000-05:00
fix(engine_secret): download custom rules if enabled
diff --git a/tools/devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py b/tools/devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py
@@ -72,7 +72,8 @@ def run_tool_secret_scan(
         exclude_path = f"{agent_work_folder}/excludedPath.txt"
         include_paths = self.config_include_path(files_commits, agent_work_folder, agent_os)
         enable_custom_rules = config_tool[tool]["ENABLE_CUSTOM_RULES"]
-        Utils().configurate_external_checks(tool, config_tool, secret_tool, secret_external_checks, agent_work_folder)
+        if enable_custom_rules:
+            Utils().configurate_external_checks(tool, config_tool, secret_tool, secret_external_checks, agent_work_folder)
 
         with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool[tool]["NUMBER_THREADS"]) as executor:
             results = executor.map(
