Merge branch 'main' into main

Author: cleong14

CHANGELOG.md

@@ -11,6 +11,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Missing `slog.Error` for KEV validations
 
+## [0.7.0] - 2024-05-17
+
+### Changed
+
+- Use ConfigKit with a metaconfig for all commands
+
+### Added
+
+- Gatecheck Config Encoder & Decoder
+
+## [0.6.2] - 2024-05-15
+
+### Changed
+
+- Remove debug information from semgrep decoding
+
+## [0.6.1] - 2024-05-15
+
+### Changed
+
+- Use a table writing package instead of the builtin package
+
+### Added
+
+- `gatecheck list --markdown` support for rendering markdown tables
+
 ## [0.6.0] - 2024-04-26
 
 ### Changed

cmd/bundle.go

@@ -0,0 +1,108 @@
+package cmd
+
+import (
+	"log/slog"
+	"os"
+	"path"
+
+	"github.com/gatecheckdev/gatecheck/pkg/gatecheck"
+	"github.com/spf13/cobra"
+)
+
+var bundleCmd = &cobra.Command{
+	Use:   "bundle",
+	Short: "create and manage a gatecheck bundle",
+}
+
+var bundleCreateCmd = &cobra.Command{
+	Use:     "create BUNDLE_FILE TARGET_FILE",
+	Short:   "create a new bundle with a new file",
+	Aliases: []string{"init"},
+	Args:    cobra.ExactArgs(2),
+	PreRunE: func(cmd *cobra.Command, args []string) error {
+		bundleFilename := args[0]
+		targetFilename := args[1]
+
+		bundleFile, err := os.OpenFile(bundleFilename, os.O_CREATE|os.O_WRONLY, 0o644)
+		if err != nil {
+			return err
+		}
+		targetFile, err := os.Open(targetFilename)
+		if err != nil {
+			return err
+		}
+
+		RuntimeConfig.bundleFile = bundleFile
+		RuntimeConfig.targetFile = targetFile
+		RuntimeConfig.BundleTagValue = RuntimeConfig.BundleTag.Value().([]string)
+		return nil
+	},
+	RunE: func(cmd *cobra.Command, args []string) error {
+		targetFilename := args[1]
+		label := path.Base(targetFilename)
+		bf, tf := RuntimeConfig.bundleFile, RuntimeConfig.targetFile
+		tags := RuntimeConfig.BundleTagValue
+		return gatecheck.CreateBundle(bf, tf, label, tags)
+	},
+}
+
+var bundleAddCmd = &cobra.Command{
+	Use:   "add BUNDLE_FILE TARGET_FILE",
+	Short: "add a file to a bundle",
+	Args:  cobra.ExactArgs(2),
+	PreRunE: func(cmd *cobra.Command, args []string) error {
+		bundleFilename := args[0]
+		targetFilename := args[1]
+
+		bundleFile, err := os.OpenFile(bundleFilename, os.O_RDWR, 0o644)
+		if err != nil {
+			return err
+		}
+		targetFile, err := os.Open(targetFilename)
+		if err != nil {
+			return err
+		}
+
+		RuntimeConfig.bundleFile = bundleFile
+		RuntimeConfig.targetFile = targetFile
+		RuntimeConfig.BundleTagValue = RuntimeConfig.BundleTag.Value().([]string)
+		return nil
+	},
+	RunE: func(cmd *cobra.Command, args []string) error {
+		targetFilename := args[1]
+		slog.Info("bundle tag", "environment", os.Getenv("GATECHECK_BUNDLE_TAG"))
+		label := path.Base(targetFilename)
+		bf, tf := RuntimeConfig.bundleFile, RuntimeConfig.targetFile
+		tags := RuntimeConfig.BundleTagValue
+		return gatecheck.AppendToBundle(bf, tf, label, tags)
+	},
+}
+
+var bundleRemoveCmd = &cobra.Command{
+	Use:     "remove BUNDLE_FILE TARGET_FILE",
+	Short:   "remove a file from a bundle by label",
+	Aliases: []string{"rm"},
+	Args:    cobra.ExactArgs(2),
+	PreRunE: func(cmd *cobra.Command, args []string) error {
+		bundleFilename := args[0]
+
+		bundleFile, err := os.OpenFile(bundleFilename, os.O_RDWR, 0o644)
+		if err != nil {
+			return err
+		}
+		RuntimeConfig.bundleFile = bundleFile
+		return nil
+	},
+	RunE: func(cmd *cobra.Command, args []string) error {
+		label := args[1]
+		return gatecheck.RemoveFromBundle(RuntimeConfig.bundleFile, label)
+	},
+}
+
+func newBundleCommand() *cobra.Command {
+	RuntimeConfig.BundleTag.SetupCobra(bundleCreateCmd)
+	RuntimeConfig.BundleTag.SetupCobra(bundleAddCmd)
+
+	bundleCmd.AddCommand(bundleCreateCmd, bundleAddCmd, bundleRemoveCmd)
+	return bundleCmd
+}

cmd/cli-config.go

@@ -0,0 +1,192 @@
+package cmd
+
+import (
+	"io"
+	"os"
+	"strings"
+
+	"github.com/gatecheckdev/configkit"
+	"github.com/gatecheckdev/gatecheck/pkg/gatecheck"
+	"github.com/spf13/cobra"
+)
+
+var (
+	metadataFlagUsage       = "flag_usage"
+	metadataFieldType       = "field_type"
+	metadataRequired        = "required"
+	metadataActionInputName = "action_input_name"
+)
+
+type metaConfig struct {
+	BundleTag          configkit.MetaField
+	EPSSURL            configkit.MetaField
+	KEVURL             configkit.MetaField
+	EPSSFilename       configkit.MetaField
+	KEVFilename        configkit.MetaField
+	Verbose            configkit.MetaField
+	Silent             configkit.MetaField
+	ConfigFilename     configkit.MetaField
+	Audit              configkit.MetaField
+	BundleTagValue     []string
+	bundleFile         *os.File
+	targetFile         *os.File
+	epssFile           *os.File
+	kevFile            *os.File
+	listSrcReader      io.Reader
+	listSrcName        string
+	listFormat         string
+	listAll            bool
+	configOutputWriter io.Writer
+	configOutputFormat string
+	gatecheckConfig    *gatecheck.Config
+}
+
+var RuntimeConfig = metaConfig{
+	BundleTag: configkit.MetaField{
+		FieldName:    "BundleTag",
+		EnvKey:       "GATECHECK_BUNDLE_TAG",
+		DefaultValue: "",
+		FlagValueP:   new([]string),
+		EnvToValueFunc: func(s string) any {
+			return strings.Split(s, ",")
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "file properties for metadata",
+			metadataFieldType:       "string",
+			metadataActionInputName: "bundle_tag",
+		},
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*[]string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.Flags().StringSliceVarP(valueP, "tag", "t", []string{}, usage)
+		},
+	},
+	EPSSURL: configkit.MetaField{
+		FieldName:    "EPSSURL",
+		EnvKey:       "GATECHECK_EPSS_URL",
+		DefaultValue: "",
+		FlagValueP:   new(string),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.Flags().StringVar(valueP, "epss-url", "", usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "The url for the FIRST.org EPSS API (\"\" will use FIRST.org official API)",
+			metadataFieldType:       "string",
+			metadataActionInputName: "epss_url",
+		},
+	},
+	KEVURL: configkit.MetaField{
+		FieldName:    "KEVURL",
+		EnvKey:       "GATECHECK_KEV_URL",
+		DefaultValue: "",
+		FlagValueP:   new(string),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.Flags().StringVar(valueP, "kev-url", "", usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "The url for the CISA KEV API (\"\" will use CISA Official API)",
+			metadataFieldType:       "string",
+			metadataActionInputName: "kev_url",
+		},
+	},
+	EPSSFilename: configkit.MetaField{
+		FieldName:    "EPSSFilename",
+		EnvKey:       "GATECHECK_EPSS_FILENAME",
+		DefaultValue: "",
+		FlagValueP:   new(string),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.Flags().StringVar(valueP, "epss-filename", "", usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "the filename for a FIRST.org EPSS csv file",
+			metadataFieldType:       "string",
+			metadataActionInputName: "epss_filename",
+		},
+	},
+	KEVFilename: configkit.MetaField{
+		FieldName:    "KEVFilename",
+		EnvKey:       "GATECHECK_EPSS_FILENAME",
+		DefaultValue: "",
+		FlagValueP:   new(string),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.Flags().StringVar(valueP, "kev-filename", "", usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "the filename for a FIRST.org KEV json file",
+			metadataFieldType:       "string",
+			metadataActionInputName: "kev_filename",
+		},
+	},
+	Verbose: configkit.MetaField{
+		FieldName:    "Verbose",
+		EnvKey:       "GATECHECK_VERBOSE",
+		DefaultValue: false,
+		FlagValueP:   new(bool),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*bool)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.PersistentFlags().BoolVarP(valueP, "verbose", "v", false, usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "log level set to debug",
+			metadataFieldType:       "bool",
+			metadataActionInputName: "verbose",
+		},
+	},
+	Silent: configkit.MetaField{
+		FieldName:    "Silent",
+		EnvKey:       "GATECHECK_SILENT",
+		DefaultValue: false,
+		FlagValueP:   new(bool),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*bool)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.PersistentFlags().BoolVar(valueP, "silent", false, usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "log level set to only warnings & errors",
+			metadataFieldType:       "bool",
+			metadataActionInputName: "silent",
+		},
+	},
+	ConfigFilename: configkit.MetaField{
+		FieldName:    "ConfigFilename",
+		EnvKey:       "GATECHECK_CONFIG_FILENAME",
+		DefaultValue: "",
+		FlagValueP:   new(string),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*string)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.PersistentFlags().StringVarP(valueP, "file", "f", "", usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "a validation configuration file",
+			metadataFieldType:       "string",
+			metadataActionInputName: "config_filename",
+		},
+	},
+	Audit: configkit.MetaField{
+		FieldName:    "Audit",
+		EnvKey:       "GATECHECK_AUDIT",
+		DefaultValue: false,
+		FlagValueP:   new(bool),
+		CobraSetupFunc: func(f configkit.MetaField, cmd *cobra.Command) {
+			valueP := f.FlagValueP.(*bool)
+			usage := f.Metadata[metadataFlagUsage]
+			cmd.PersistentFlags().BoolVarP(valueP, "audit", "a", false, usage)
+		},
+		Metadata: map[string]string{
+			metadataFlagUsage:       "audit mode - will run all rules but wil always exit 0 for validation failures",
+			metadataFieldType:       "bool",
+			metadataActionInputName: "audit",
+		},
+	},
+}