safedep/vet
1
0
Fork 0
mirror of https://github.com/safedep/vet.git synced 2025-12-11 01:01:10 -06:00
Code Issues Packages Projects Releases 68 Wiki Activity

#7: Add support for verify auth before scan

Browse Source
This commit is contained in:
abhisek 2023-03-10 10:33:41 +05:30
parent 115b7e4f0b
commit 430d002c3c
No known key found for this signature in database
GPG Key ID: CB92A4990C02A88F
3 changed files with 34 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
auth.go
View File

@ -49,8 +49,9 @@ func configureAuthCommand() *cobra.Command {
} }
err = auth.Configure(auth.Config{ err = auth.Configure(auth.Config{
ApiUrl: authInsightApiBaseUrl, ApiUrl: authInsightApiBaseUrl,
ApiKey: string(key), ApiKey: string(key),
ControlPlaneApiUrl: authControlPlaneApiBaseUrl,
}) })
if err != nil { if err != nil {

9
internal/auth/auth.go
View File

@ -21,8 +21,9 @@ const (
) )
type Config struct { type Config struct {
ApiUrl string `yaml:"api_url"` ApiUrl string `yaml:"api_url"`
ApiKey string `yaml:"api_key"` ApiKey string `yaml:"api_key"`
ControlPlaneApiUrl string `yaml:"cp_api_url"`
} }
// Global config to be used during runtime // Global config to be used during runtime
@ -42,6 +43,10 @@ func DefaultApiUrl() string {
} }
func DefaultControlPlaneApiUrl() string { func DefaultControlPlaneApiUrl() string {
if (globalConfig != nil) && (globalConfig.ControlPlaneApiUrl != "") {
return globalConfig.ControlPlaneApiUrl
}
return defaultControlPlaneApiUrl return defaultControlPlaneApiUrl
} }

38
scan.go
View File

@ -5,6 +5,7 @@ import (
"os" "os"
"github.com/safedep/dry/utils" "github.com/safedep/dry/utils"
"github.com/safedep/vet/internal/auth"
"github.com/safedep/vet/internal/ui" "github.com/safedep/vet/internal/ui"
"github.com/safedep/vet/pkg/analyzer" "github.com/safedep/vet/pkg/analyzer"
"github.com/safedep/vet/pkg/models" "github.com/safedep/vet/pkg/models"
@ -15,20 +16,21 @@ import (
) )
var ( var (
lockfiles []string lockfiles []string
lockfileAs string lockfileAs string
baseDirectory string baseDirectory string
transitiveAnalysis bool transitiveAnalysis bool
transitiveDepth int transitiveDepth int
concurrency int concurrency int
dumpJsonManifestDir string dumpJsonManifestDir string
celFilterExpression string celFilterExpression string
celFilterSuiteFile string celFilterSuiteFile string
celFilterFailOnMatch bool celFilterFailOnMatch bool
markdownReportPath string markdownReportPath string
consoleReport bool consoleReport bool
summaryReport bool summaryReport bool
silentScan bool silentScan bool
disableAuthVerifyBeforeScan bool
) )
func newScanCommand() *cobra.Command { func newScanCommand() *cobra.Command {
@ -68,6 +70,8 @@ func newScanCommand() *cobra.Command {
"Filter packages using CEL Filter Suite from file") "Filter packages using CEL Filter Suite from file")
cmd.Flags().BoolVarP(&celFilterFailOnMatch, "filter-fail", "", false, cmd.Flags().BoolVarP(&celFilterFailOnMatch, "filter-fail", "", false,
"Fail the scan if the filter match any package (security gate)") "Fail the scan if the filter match any package (security gate)")
cmd.Flags().BoolVarP(&disableAuthVerifyBeforeScan, "no-verify-auth", "", false,
"Do not verify auth token before starting scan")
cmd.Flags().StringVarP(&markdownReportPath, "report-markdown", "", "", cmd.Flags().StringVarP(&markdownReportPath, "report-markdown", "", "",
"Generate consolidated markdown report to file") "Generate consolidated markdown report to file")
cmd.Flags().BoolVarP(&consoleReport, "report-console", "", false, cmd.Flags().BoolVarP(&consoleReport, "report-console", "", false,
@ -97,6 +101,12 @@ func listParsersCommand() *cobra.Command {
} }
func startScan() { func startScan() {
if !disableAuthVerifyBeforeScan {
failOnError("auth/verify", auth.Verify(&auth.VerifyConfig{
ControlPlaneApiUrl: auth.DefaultControlPlaneApiUrl(),
}))
}
failOnError("scan", internalStartScan()) failOnError("scan", internalStartScan())
} }