safedep/vet
1
0
Fork 0
mirror of https://github.com/safedep/vet.git synced 2025-12-11 17:44:20 -06:00
Code Issues Packages Projects Releases 68 Wiki Activity

#7: Add support for verify auth before scan

Browse Source
This commit is contained in:
abhisek 2023-03-10 10:33:41 +05:30
parent 115b7e4f0b
commit 430d002c3c
No known key found for this signature in database
GPG Key ID: CB92A4990C02A88F
3 changed files with 34 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
auth.go
View File

@ -51,6 +51,7 @@ func configureAuthCommand() *cobra.Command {
err = auth.Configure(auth.Config{ err = auth.Configure(auth.Config{
ApiUrl: authInsightApiBaseUrl, ApiUrl: authInsightApiBaseUrl,
ApiKey: string(key), ApiKey: string(key),
ControlPlaneApiUrl: authControlPlaneApiBaseUrl,
}) })
if err != nil { if err != nil {

5
internal/auth/auth.go
View File

@ -23,6 +23,7 @@ const (
type Config struct { type Config struct {
ApiUrl string `yaml:"api_url"` ApiUrl string `yaml:"api_url"`
ApiKey string `yaml:"api_key"` ApiKey string `yaml:"api_key"`
ControlPlaneApiUrl string `yaml:"cp_api_url"`
} }
// Global config to be used during runtime // Global config to be used during runtime
@ -42,6 +43,10 @@ func DefaultApiUrl() string {
} }
func DefaultControlPlaneApiUrl() string { func DefaultControlPlaneApiUrl() string {
if (globalConfig != nil) && (globalConfig.ControlPlaneApiUrl != "") {
return globalConfig.ControlPlaneApiUrl
}
return defaultControlPlaneApiUrl return defaultControlPlaneApiUrl
} }

10
scan.go
View File

@ -5,6 +5,7 @@ import (
"os" "os"
"github.com/safedep/dry/utils" "github.com/safedep/dry/utils"
"github.com/safedep/vet/internal/auth"
"github.com/safedep/vet/internal/ui" "github.com/safedep/vet/internal/ui"
"github.com/safedep/vet/pkg/analyzer" "github.com/safedep/vet/pkg/analyzer"
"github.com/safedep/vet/pkg/models" "github.com/safedep/vet/pkg/models"
@ -29,6 +30,7 @@ var (
consoleReport bool consoleReport bool
summaryReport bool summaryReport bool
silentScan bool silentScan bool
disableAuthVerifyBeforeScan bool
) )
func newScanCommand() *cobra.Command { func newScanCommand() *cobra.Command {
@ -68,6 +70,8 @@ func newScanCommand() *cobra.Command {
"Filter packages using CEL Filter Suite from file") "Filter packages using CEL Filter Suite from file")
cmd.Flags().BoolVarP(&celFilterFailOnMatch, "filter-fail", "", false, cmd.Flags().BoolVarP(&celFilterFailOnMatch, "filter-fail", "", false,
"Fail the scan if the filter match any package (security gate)") "Fail the scan if the filter match any package (security gate)")
cmd.Flags().BoolVarP(&disableAuthVerifyBeforeScan, "no-verify-auth", "", false,
"Do not verify auth token before starting scan")
cmd.Flags().StringVarP(&markdownReportPath, "report-markdown", "", "", cmd.Flags().StringVarP(&markdownReportPath, "report-markdown", "", "",
"Generate consolidated markdown report to file") "Generate consolidated markdown report to file")
cmd.Flags().BoolVarP(&consoleReport, "report-console", "", false, cmd.Flags().BoolVarP(&consoleReport, "report-console", "", false,
@ -97,6 +101,12 @@ func listParsersCommand() *cobra.Command {
} }
func startScan() { func startScan() {
if !disableAuthVerifyBeforeScan {
failOnError("auth/verify", auth.Verify(&auth.VerifyConfig{
ControlPlaneApiUrl: auth.DefaultControlPlaneApiUrl(),
}))
}
failOnError("scan", internalStartScan()) failOnError("scan", internalStartScan())
} }