Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion config/global-defaults
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@
# Per-engagement /workspace/$TARGET/.env overrides these.

# ── Default Exegol container ────────────────────────────
export EXEGOL_CONTAINER="exegol"
# Leave unset → dotsec auto-detects the running exegol container.
# Uncomment to force a specific one:
# export EXEGOL_CONTAINER="exegol-myname"

# ── Default Bug Bounty User-Agent ───────────────────────
export UA="H1-yourhandle"
Expand Down
14 changes: 8 additions & 6 deletions lib/core.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,17 @@ __dotsec_load_global() {
if [[ -f "${DOTSEC_CONFIG}/config" ]]; then
source "${DOTSEC_CONFIG}/config"
fi
# Auto-detect Exegol container if not set
if [[ -z "${EXEGOL_CONTAINER:-}" ]]; then
# Resolve the Exegol container: detect when unset OR when the configured one
# no longer exists (e.g. removed/recreated) — so a stale config value never
# sticks. Prefer a running container, fall back to any.
if [[ -z "${EXEGOL_CONTAINER:-}" ]] || ! docker container inspect "${EXEGOL_CONTAINER}" >/dev/null 2>&1; then
local detected
detected=$(docker ps -a --filter "name=exegol" --format '{{.Names}}' 2>/dev/null | head -1)
detected=$(docker ps --filter "name=exegol" --format '{{.Names}}' 2>/dev/null | head -1)
[[ -z "$detected" ]] && detected=$(docker ps -a --filter "name=exegol" --format '{{.Names}}' 2>/dev/null | head -1)
[[ -n "$detected" ]] && EXEGOL_CONTAINER="$detected"
fi
# Last statement must not leak a non-zero status: under `set -e` this
# function is called top-level and a falsy [[ -n ]] above would abort dotsec
# on any host without an exegol container.
# Last statement must not leak a non-zero status under `set -e` (this
# function runs top-level; a falsy [[ -n ]] above would otherwise abort dotsec).
return 0
}

Expand Down
1 change: 0 additions & 1 deletion lib/engagement.sh
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@ cmd_new() {
# Merge global config defaults (only if key not already set)
__dotsec_load_global
[[ -n "${UA:-}" ]] && sed -i "s|H1-yourhandle|${UA}|g" "${ws}/.env"
[[ -n "${EXEGOL_CONTAINER:-}" ]] && sed -i "s|exegol-default|${EXEGOL_CONTAINER}|g" "${ws}/.env"
[[ -n "${PROXY_PORT:-}" ]] && sed -i "s|PROXY_PORT=\"9999\"|PROXY_PORT=\"${PROXY_PORT}\"|g" "${ws}/.env"
[[ -n "${WEB_PORT:-}" ]] && sed -i "s|WEB_PORT=\"9998\"|WEB_PORT=\"${WEB_PORT}\"|g" "${ws}/.env"

Expand Down
2 changes: 1 addition & 1 deletion templates/.env.engagement
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export NO_PROXY="localhost,127.0.0.1"
export WORKSPACE="/workspace/acme-corp"

# ── Exegol ──────────────────────────────────────────────
export EXEGOL_CONTAINER="exegol"
# EXEGOL_CONTAINER is global infra (auto-detected), not per-engagement.

# ── Secrets (auto-generated, never committed) ───────────
# Generated by `dotsec new` into .env.secrets (chmod 600):
Expand Down
20 changes: 20 additions & 0 deletions tests/smoke.bats
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,26 @@ load test_helper
[[ "$output" == *REACHED* ]]
}

@test "__dotsec_load_global re-detects when the configured container is gone" {
run env DOTSEC_HOME="$DOTSEC_HOME" bash -euo pipefail -c '
DOTSEC_CONFIG=$(mktemp -d)
docker() {
case "$1" in
container) [[ "$2" == "inspect" ]] && return 1 ;; # configured one gone
ps) echo "exegol-a" ;; # a running exegol exists
esac
return 0
}
source "$DOTSEC_HOME/lib/ui.sh"
source "$DOTSEC_HOME/lib/core.sh"
EXEGOL_CONTAINER="exegol-dead"
__dotsec_load_global
echo "GOT=$EXEGOL_CONTAINER"
'
[ "$status" -eq 0 ]
[[ "$output" == *"GOT=exegol-a"* ]]
}

@test "dotsec list exits 0 when engagements exist" {
local ws cfg
ws="$(mktemp -d)"; cfg="$(mktemp -d)"
Expand Down
Loading