-
Notifications
You must be signed in to change notification settings - Fork 4
/
scan.go
148 lines (126 loc) · 3.23 KB
/
scan.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
package cmd
import (
"bytes"
"fmt"
"io/ioutil"
"log"
"os"
"path/filepath"
"github.com/controlplaneio/badrobot/pkg/report"
"github.com/controlplaneio/badrobot/pkg/ruler"
"github.com/spf13/cobra"
"go.uber.org/zap"
)
type ScanFailedValidationError struct {
}
func (e *ScanFailedValidationError) Error() string {
return "BadRobot scan failed"
}
var debug bool
var absolutePath bool
var format string
var template string
var schemaDir string
var outputLocation string
var exitCode int
func init() {
scanCmd.Flags().BoolVar(&debug, "debug", false, "turn on debug logs")
scanCmd.Flags().BoolVar(&absolutePath, "absolute-path", false, "use the absolute path for the file name")
scanCmd.Flags().StringVarP(&format, "format", "f", "json", "Set output format (json, template)")
scanCmd.Flags().StringVar(&schemaDir, "schema-dir", "", "Sets the directory for the json schemas")
scanCmd.Flags().StringVarP(&template, "template", "t", "", "Set output template, it will check for a file or read input as the")
scanCmd.Flags().StringVarP(&outputLocation, "output", "o", "", "Set output location")
scanCmd.Flags().IntVar(&exitCode, "exit-code", 2, "Set the exit-code to use on failure")
rootCmd.AddCommand(scanCmd)
}
// File holds the name and contents
type File struct {
fileName string
fileBytes []byte
}
func getInput(args []string) (File, error) {
var file File
if len(args) == 1 && (args[0] == "-" || args[0] == "/dev/stdin") {
fileBytes, err := ioutil.ReadAll(os.Stdin)
if err != nil {
return file, err
}
file = File{
fileName: "STDIN",
fileBytes: fileBytes,
}
return file, nil
}
fileName := args[0]
filePath, err := filepath.Abs(fileName)
if err != nil {
return file, err
}
if absolutePath {
fileName = filePath
}
fileBytes, err := ioutil.ReadFile(filePath)
if err != nil {
return file, err
}
file = File{
fileName: fileName,
fileBytes: fileBytes,
}
return file, nil
}
var scanCmd = &cobra.Command{
Use: `scan [file]`,
Short: "Scans Kubernetes Operator resource YAML or JSON",
Example: ` badrobot scan ./operator.yaml`,
RunE: func(cmd *cobra.Command, args []string) error {
if len(args) < 1 {
return fmt.Errorf("file path is required")
}
if debug {
z, err := zap.NewDevelopment()
if err != nil {
log.Fatalf("can't initialize zap logger: %v", err)
}
logger = z.Sugar()
}
rootCmd.SilenceErrors = true
rootCmd.SilenceUsage = true
file, err := getInput(args)
if err != nil {
return err
}
reports, err := ruler.NewRuleset(logger).Run(file.fileName, file.fileBytes, schemaDir)
if err != nil {
return err
}
if len(reports) == 0 {
return fmt.Errorf("invalid input %s", file.fileName)
}
var lowScore bool
for _, r := range reports {
if r.Score <= 0 {
lowScore = true
break
}
}
var buff bytes.Buffer
err = report.WriteReports(format, &buff, reports, template)
if err != nil {
return err
}
if outputLocation != "" {
err = ioutil.WriteFile(outputLocation, buff.Bytes(), 0644)
if err != nil {
logger.Debugf("Couldn't write output to %s", outputLocation)
}
}
out := buff.String()
fmt.Println(out)
if len(reports) > 0 && !lowScore {
return nil
}
os.Exit(exitCode)
return &ScanFailedValidationError{}
},
}