Add initial structure and commands

2025-12-10 13:43:01 -06:00 · 2022-12-30 10:36:56 +05:30 · 2022-12-30 10:36:56 +05:30 · 561408de8b
commit 561408de8b
parent 2bc580e693
8 changed files with 254 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -13,3 +13,4 @@

 # Dependency directories (remove the comment below to include it)
 # vendor/
+/vet
--- a/auth.go
+++ b/auth.go
@ -0,0 +1,58 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+)
+
+var (
+	authInsightApiBaseUrl string
+)
+
+func newAuthCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use: "auth",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			fmt.Printf("You must choose an appropriate command: configure, verify\n")
+			os.Exit(1)
+			return nil
+		},
+	}
+
+	cmd.AddCommand(configureAuthCommand())
+	cmd.AddCommand(verifyAuthCommand())
+
+	return cmd
+}
+
+func configureAuthCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use: "configure",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			// Run auth.Configure()
+			os.Exit(1)
+			return nil
+		},
+	}
+
+	cmd.Flags().StringVarP(&authInsightApiBaseUrl, "api", "", "https://api.safedep.io/insights/v1",
+		"Base URL of Insights API")
+
+	return cmd
+
+}
+
+func verifyAuthCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use: "verify",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			// Run auth.Verify()
+			os.Exit(1)
+			return nil
+		},
+	}
+
+	return cmd
+}
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,14 @@
+module github.com/safedep/vet
+
+go 1.18
+
+require (
+	github.com/sirupsen/logrus v1.9.0
+	github.com/spf13/cobra v1.6.1
+)
+
+require (
+	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+)
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,24 @@
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc=
+github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
+github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=
+github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/main.go
+++ b/main.go
@ -0,0 +1,39 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+)
+
+var (
+	verbose bool
+	debug   bool
+)
+
+func main() {
+	cmd := &cobra.Command{
+		Use:              "vet [OPTIONS] COMMAND [ARG...]",
+		Short:            "Vet your 3rd party dependencies for security risks",
+		TraverseChildren: true,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if len(args) == 0 {
+				return cmd.Help()
+			}
+
+			return fmt.Errorf("vet: %s is not a valid command", args[0])
+		},
+	}
+
+	cmd.PersistentFlags().BoolVarP(&verbose, "verbose", "v", false, "Show verbose logs")
+	cmd.PersistentFlags().BoolVarP(&debug, "debug", "d", false, "Show debug logs")
+
+	cmd.AddCommand(newAuthCommand())
+	cmd.AddCommand(newScanCommand())
+	cmd.AddCommand(newVersionCommand())
+
+	if err := cmd.Execute(); err != nil {
+		os.Exit(1)
+	}
+}
--- a/pkg/common/logger/logger.go
+++ b/pkg/common/logger/logger.go
@ -0,0 +1,49 @@
+package logger
+
+import (
+	"os"
+
+	"github.com/sirupsen/logrus"
+)
+
+func init() {
+	logrus.SetOutput(os.Stdout)
+	logrus.SetLevel(logrus.InfoLevel)
+}
+
+func SetLogLevel(verbose, debug bool) {
+	if verbose {
+		logrus.SetLevel(logrus.InfoLevel)
+	}
+
+	if debug {
+		logrus.SetLevel(logrus.DebugLevel)
+		logrus.SetReportCaller(true)
+	}
+}
+
+func Infof(msg string, args ...any) {
+	logrus.Infof(msg, args...)
+}
+
+func Errorf(msg string, args ...any) {
+	logrus.Errorf(msg, args...)
+}
+
+func Warnf(msg string, args ...any) {
+	logrus.Warnf(msg, args...)
+}
+
+func Debugf(msg string, args ...any) {
+	logrus.Debugf(msg, args...)
+}
+
+func LoggerWith(key string, value any) *logrus.Entry {
+	return logrus.WithFields(logrus.Fields{
+		key: value,
+	})
+}
+
+func LoggerWithError(err error) *logrus.Entry {
+	return LoggerWith("error", err.Error())
+}
--- a/scan.go
+++ b/scan.go
@ -0,0 +1,43 @@
+package main
+
+import (
+	"os"
+
+	"github.com/safedep/vet/pkg/common/logger"
+	"github.com/spf13/cobra"
+)
+
+var (
+	lockfiles     []string
+	lockfileAs    string
+	baseDirectory string
+)
+
+func newScanCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use: "scan",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			startScan()
+			return nil
+		},
+	}
+
+	wd, err := os.Getwd()
+	if err != nil {
+		panic(err)
+	}
+
+	cmd.Flags().StringVarP(&baseDirectory, "directory", "D", wd,
+		"The directory to scan for lockfiles")
+	cmd.Flags().StringArrayVarP(&lockfiles, "lockfiles", "L", []string{},
+		"List of lockfiles to scan")
+	cmd.Flags().StringVarP(&baseDirectory, "lockfile-as", "", "",
+		"Ecosystem to interpret the lockfile as")
+
+	return cmd
+}
+
+func startScan() {
+	logger.SetLogLevel(verbose, debug)
+	logger.Infof("Starting vet scanner")
+}
--- a/version.go
+++ b/version.go
@ -0,0 +1,26 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+)
+
+var GITCOMMIT string
+var VERSION string
+
+func newVersionCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use: "version",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			fmt.Fprintf(os.Stdout, "Version: %s\n", VERSION)
+			fmt.Fprintf(os.Stdout, "CommitSHA: %s\n", GITCOMMIT)
+
+			os.Exit(1)
+			return nil
+		},
+	}
+
+	return cmd
+}