From 7e0e40126607899cfec71481fa0d61e39e47c9e7 Mon Sep 17 00:00:00 2001 From: salvacybersec Date: Mon, 6 Apr 2026 12:55:52 +0300 Subject: [PATCH] feat(13-03): wire 4 Phase 13 sources into RegisterAll (32 total) - Register DockerHub, Kubernetes, Terraform, Helm as credentialless sources - Update RegisterAll tests and integration test to expect 32 sources --- pkg/recon/sources/integration_test.go | 4 ++-- pkg/recon/sources/register.go | 22 ++++++++++++++++++++-- pkg/recon/sources/register_test.go | 14 +++++++++----- 3 files changed, 31 insertions(+), 9 deletions(-) diff --git a/pkg/recon/sources/integration_test.go b/pkg/recon/sources/integration_test.go index 6068ce0..76adff0 100644 --- a/pkg/recon/sources/integration_test.go +++ b/pkg/recon/sources/integration_test.go @@ -524,8 +524,8 @@ func TestRegisterAll_Phase12(t *testing.T) { }) names := eng.List() - if n := len(names); n != 28 { - t.Fatalf("expected 28 sources from RegisterAll, got %d: %v", n, names) + if n := len(names); n != 32 { + t.Fatalf("expected 32 sources from RegisterAll, got %d: %v", n, names) } // Build lookup for source access. diff --git a/pkg/recon/sources/register.go b/pkg/recon/sources/register.go index 72f57f5..29eb1a1 100644 --- a/pkg/recon/sources/register.go +++ b/pkg/recon/sources/register.go @@ -56,8 +56,8 @@ type SourcesConfig struct { } // RegisterAll registers every Phase 10 code-hosting, Phase 11 search engine / -// paste site, and Phase 12 IoT scanner / cloud storage source on engine -// (28 sources total). +// paste site, Phase 12 IoT scanner / cloud storage, and Phase 13 container / +// IaC source on engine (32 sources total). // // All sources are registered unconditionally so that cmd/recon.go can surface // the full catalog via `keyhunter recon list` regardless of which credentials @@ -212,4 +212,22 @@ func RegisterAll(engine *recon.Engine, cfg SourcesConfig) { Registry: reg, Limiters: lim, }) + + // Phase 13: Container and IaC sources (credentialless). + engine.Register(&DockerHubSource{ + Registry: reg, + Limiters: lim, + }) + engine.Register(&KubernetesSource{ + Registry: reg, + Limiters: lim, + }) + engine.Register(&TerraformSource{ + Registry: reg, + Limiters: lim, + }) + engine.Register(&HelmSource{ + Registry: reg, + Limiters: lim, + }) } diff --git a/pkg/recon/sources/register_test.go b/pkg/recon/sources/register_test.go index d5cf1db..8ce73b8 100644 --- a/pkg/recon/sources/register_test.go +++ b/pkg/recon/sources/register_test.go @@ -16,9 +16,9 @@ func registerTestRegistry() *providers.Registry { }) } -// TestRegisterAll_WiresAllTwentyEightSources asserts that RegisterAll registers -// every Phase 10 + Phase 11 + Phase 12 source by its stable name on a fresh engine. -func TestRegisterAll_WiresAllTwentyEightSources(t *testing.T) { +// TestRegisterAll_WiresAllThirtyTwoSources asserts that RegisterAll registers +// every Phase 10 + Phase 11 + Phase 12 + Phase 13 source by its stable name on a fresh engine. +func TestRegisterAll_WiresAllThirtyTwoSources(t *testing.T) { eng := recon.NewEngine() cfg := SourcesConfig{ Registry: registerTestRegistry(), @@ -36,6 +36,7 @@ func TestRegisterAll_WiresAllTwentyEightSources(t *testing.T) { "censys", "codeberg", "codesandbox", + "dockerhub", "duckduckgo", "fofa", "gcs", @@ -44,7 +45,9 @@ func TestRegisterAll_WiresAllTwentyEightSources(t *testing.T) { "github", "gitlab", "google", + "helm", "huggingface", + "k8s", "kaggle", "netlas", "pastebin", @@ -54,6 +57,7 @@ func TestRegisterAll_WiresAllTwentyEightSources(t *testing.T) { "sandboxes", "shodan", "spaces", + "terraform", "yandex", "zoomeye", } @@ -73,8 +77,8 @@ func TestRegisterAll_MissingCredsStillRegistered(t *testing.T) { Limiters: recon.NewLimiterRegistry(), }) - if n := len(eng.List()); n != 28 { - t.Fatalf("expected 28 sources registered, got %d: %v", n, eng.List()) + if n := len(eng.List()); n != 32 { + t.Fatalf("expected 32 sources registered, got %d: %v", n, eng.List()) } // SweepAll with an empty config should filter out cred-gated sources