feat(07-01): Importer interface and TruffleHog v3 JSON adapter

- pkg/importer/importer.go: shared Importer interface (Name, Import) - pkg/importer/trufflehog.go: TruffleHogImporter with v3 JSON decoding, detector-name normalization (OpenAI/GithubV2/AWS -> canonical ids), SourceMetadata path+line extraction for Git/Filesystem/Github - pkg/importer/testdata/trufflehog-sample.json: 3-record fixture - pkg/importer/trufflehog_test.go: Name, Import, NormalizeName, EmptyArray, InvalidJSON tests -- all passing
2026-04-05 23:55:24 +03:00
parent 6a3d5b0cb7
commit 46eec328d2
4 changed files with 383 additions and 0 deletions
--- a/pkg/importer/importer.go
+++ b/pkg/importer/importer.go
@@ -0,0 +1,24 @@
+// Package importer provides adapters that parse output from external secret
+// scanners (TruffleHog, Gitleaks, ...) and normalize them into KeyHunter's
+// engine.Finding model so they can be inserted into the unified storage layer.
+package importer
+
+import (
+	"io"
+
+	"github.com/salvacybersec/keyhunter/pkg/engine"
+)
+
+// Importer parses output from an external secret scanner and returns
+// normalized engine.Finding records. Implementations must be stateless
+// and safe for reuse across calls.
+type Importer interface {
+	// Name returns the short identifier of the source format
+	// (e.g. "trufflehog", "gitleaks"). Used by the CLI --format flag.
+	Name() string
+
+	// Import reads scanner output from r and returns the normalized findings.
+	// Implementations should return a wrapped error on malformed input and an
+	// empty slice with nil error on empty input.
+	Import(r io.Reader) ([]engine.Finding, error)
+}