Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

credscan support customize output dir #98

Merged
merged 1 commit into from
Apr 24, 2024
Merged

credscan support customize output dir #98

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 18 additions & 4 deletions commands/credential_scan.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (

type CredentialScanCommand struct {
workingDir string
outputDir string
swaggerRepoPath string
swaggerIndexFile string
verbose bool
Expand All @@ -27,6 +28,7 @@ func (c *CredentialScanCommand) flags() *flag.FlagSet {
fs := defaultFlagSet("test")
fs.BoolVar(&c.verbose, "v", false, "whether show terraform logs")
fs.StringVar(&c.workingDir, "working-dir", "", "path to directory containing Terraform configuration files")
fs.StringVar(&c.outputDir, "output-dir", "", "path to directory to save output files, default to working-dir")
fs.StringVar(&c.swaggerRepoPath, "swagger-repo", "", "path to the swagger repo specification directory")
fs.StringVar(&c.swaggerIndexFile, "swagger-index-file", "", "path to the swagger index file, omit this will use the online swagger index file or locally build index")
fs.Usage = func() { logrus.Error(c.Help()) }
Expand All @@ -35,7 +37,7 @@ func (c *CredentialScanCommand) flags() *flag.FlagSet {

func (c CredentialScanCommand) Help() string {
helpText := `
Usage: armstrong credscan [-v] [-working-dir <path to directory containing Terraform configuration files>] [-swagger-repo <path to the swagger repo specification directory>] [-swagger-index-file <path to the swagger index file>]
Usage: armstrong credscan [-v] [-working-dir <path to directory containing Terraform configuration files>] [-swagger-repo <path to the swagger repo specification directory>] [-swagger-index-file <path to the swagger index file>] [-output-dir <path to directory to save output files>]
` + c.Synopsis() + "\n\n" + helpForFlags(c.flags())

return strings.TrimSpace(helpText)
Expand Down Expand Up @@ -105,6 +107,16 @@ func (c CredentialScanCommand) Execute() int {
}
}

outputDir := wd
if c.outputDir != "" {
outputDir, err = filepath.Abs(c.outputDir)
if err != nil {
logrus.Errorf("output directory is invalid: %+v", err)
return 1
}

}

tfFiles, err := hcl.FindTfFiles(wd)
if err != nil {
logrus.Errorf("failed to find tf files for %q: %+v", wd, err)
Expand Down Expand Up @@ -334,7 +346,7 @@ func (c CredentialScanCommand) Execute() int {
}
}

storeCredScanErrors(wd, credScanErrors)
storeCredScanErrors(outputDir, credScanErrors)

return 0
}
Expand Down Expand Up @@ -404,7 +416,8 @@ func storeCredScanErrors(wd string, credScanErrors []CredScanError) {
credScanErrorsMarkdown += fmt.Sprintf("| %s | %d | %s | %s | %s | %s |\n", r.FileName, r.LineNumber, r.Name, r.Type, r.PropertyName, r.ErrorMessage)
}

err = os.WriteFile(path.Join(reportDir, markdownFileName), []byte(credScanErrorsMarkdown), 0644)
markdownFileName = path.Join(reportDir, markdownFileName)
err = os.WriteFile(markdownFileName, []byte(credScanErrorsMarkdown), 0644)
if err != nil {
logrus.Errorf("failed to save markdown report to %s: %+v", markdownFileName, err)
} else {
Expand All @@ -417,7 +430,8 @@ func storeCredScanErrors(wd string, credScanErrors []CredScanError) {
logrus.Errorf("failed to marshal json content %+v: %+v", credScanErrors, err)
}

err = os.WriteFile(path.Join(reportDir, jsonFileName), jsonContent, 0644)
jsonFileName = path.Join(reportDir, jsonFileName)
err = os.WriteFile(jsonFileName, jsonContent, 0644)
if err != nil {
logrus.Errorf("failed to save json report to %s: %+v", jsonFileName, err)
} else {
Expand Down
3 changes: 2 additions & 1 deletion readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,8 @@ Supported options:
1. `-working-dir`: Specify the working directory containing Terraform config files, default is current directory.
2. `-swagger-repo`: Specify the swagger repo path used to match credentials, omit this will use the online swagger repo.
3. `-swagger-index-file`: Specify the path to the swagger index file, omit this will use the online swagger index file or locally build index. If the specified file is not found, the downloaded or built index will be saved in the provided file.
4. `-v`: Enable verbose mode, default is false.
4. `-output-dir`: Specify the working directory to save output files, default is working directory.
5. `-v`: Enable verbose mode, default is false.

Armstrong also output different kinds of reports:
1. `errors.json`: A json report which contains scan errors.
Expand Down
Loading