add Temporal API key to scanner

README.md

@@ -77,3 +77,4 @@ Click on each header to find the patterns and additional information for that se
 - Okta token
 - DataDog API key
 - DataDog APP key
+- Temporal API key

vendors/README.md

@@ -490,4 +490,26 @@ Add these additional matches to the [Secret Scanning Custom Pattern](https://doc
 - Not Match: `a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9`
 
 </p>
-</details>
+</details>
+
+## Temporal API key
+
+
+
+*version: v0.1*
+
+**Comments / Notes:**
+
+- Temporal API Keys start with prefix tmprl_
+
+
+<details>
+<summary>Pattern Format</summary>
+<p>
+
+```regex
+tmprl_[a-zA-Z0-9]+_[a-zA-Z0-9]+
+```
+
+</p>
+</details>

vendors/patterns.yml

@@ -159,7 +159,7 @@ patterns:
       end: |
         (\z|[^0-9A-Za-z_+/=-])
       additional_not_match:
-        # Avoid long runs of hexadecimal only 
+        # Avoid long runs of hexadecimal only
         - "[0-9A-Fa-f-]{30}"
         # Avoid long runs of alphabetic and _ - only
         - "[a-zA-Z_-]{30}"
@@ -259,3 +259,36 @@ patterns:
     comments:
       - "Looks for surrounding context to confirm this is a DataDog App key, not some other 40-byte hex string"
 
+  - name: Temporal API key
+    type: temporal_api_key
+    regex:
+      version: 0.1
+      pattern: |
+        tmprl_[a-zA-Z0-9]+_[a-zA-Z0-9]+
+    expected:
+      - name: temporal.txt
+        start_offset: 28
+        end_offset: 131
+      - name: temporal.txt
+        start_offset: 180
+        end_offset: 283
+      - name: temporal.txt
+        start_offset: 311
+        end_offset: 414
+      - name: temporal.txt
+        start_offset: 469
+        end_offset: 572
+      - name: temporal.txt
+        start_offset: 626
+        end_offset: 729
+      - name: temporal.txt
+        start_offset: 808
+        end_offset: 911
+      - name: temporal.txt
+        start_offset: 969
+        end_offset: 1072
+      - name: temporal.txt
+        start_offset: 1123
+        end_offset: 1226
+    comments:
+      - "Temporal API Keys start with prefix tmprl_"

vendors/temporal.txt

@@ -0,0 +1,29 @@
+# env vars
+TEMPORAL_API_KEY=tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl
+
+# some other config format
+TEMPORAL_API_KEY = "tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl"
+
+# YAML
+temporal_api_key: tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl
+
+# Docker
+env:
+  - name: TEMPORAL_API_KEY
+    value: "tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl"
+
+# Winston config
+new TemporalWinston({
+    apiKey:'tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl'
+});
+
+# shell script use of terraformer
+terraformer import temporal --api-key=tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl
+
+# content of .tf file
+provider "temporal" {
+	api_key = "tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl"
+}
+
+# Capistrano, Capfile
+set :temporal_api_key, "tmprl_LZDV3buJhgjdeiNMwvU9F3JQpOccnVP6_XQPtInroPz3ik8kDcba6IFpyzFLiMrGOtHYzg98iAjRg74RGQOMDezmE8Hlkrjrl"