WIP

northwood-labs · Feb 22, 2024 · c62dad7 · c62dad7
1 parent 3d4123b
commit c62dad7
Show file tree

Hide file tree

Showing 16 changed files with 144 additions and 271 deletions.
diff --git a/.ecrc b/.ecrc
@@ -11,6 +11,8 @@
         "\\.svg$",
         "\\.terraform\\.lock\\.hcl$",
         "\\.txt$",
+        "docs/man",
+        "docs/markdown",
         "go\\.mod$",
         "go\\.sum$",
         "package-lock\\.json$",

diff --git a/.golangci.yml b/.golangci.yml
@@ -1335,6 +1335,11 @@ issues:
         - gosec
       source: lint:allow_unhandled
 
+    - text: (G304)
+      linters:
+        - gosec
+      source: lint:allow_include_file
+
     - text: (G404)
       linters:
         - gosec

diff --git a/.licensei.toml b/.licensei.toml
@@ -1,14 +1,14 @@
 [header]
 template = """// Copyright 2024, Ryan Parman
 //
-// Licensed under the Apache License, Version 2.0 (the \"License\");
+// Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an \"AS IS\" BASIS,
+// distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License."""
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -45,6 +45,8 @@ repos:
           - --ignore=node_modules
           - --ignore=.github
           - --ignore=.templates
+          - --ignore=docs/man
+          - --ignore=docs/markdown
           - --fix
           - "**/*.md"
 
@@ -71,12 +73,12 @@ repos:
         language: system
         stages: [commit, push]
 
-      - id: go-consistent
-        name: "Go: Consistent Patterns"
-        description: Analyzes Go packages to identify unnecessary type conversions.
-        entry: bash -c 'go-consistent ./...'
-        language: system
-        stages: [commit, push]
+      # - id: go-consistent
+      #   name: "Go: Consistent Patterns"
+      #   description: Analyzes Go packages to identify unnecessary type conversions.
+      #   entry: bash -c 'go-consistent ./...'
+      #   language: system
+      #   stages: [commit, push]
 
       - id: unconvert
         name: "Go: unconvert (current GOOS/GOARCH)"
@@ -85,12 +87,12 @@ repos:
         language: system
         stages: [commit, push]
 
-      - id: smrcptr
-        name: "Go: Same Receiver Pointer"
-        description: Don't mix receiver types. Choose either pointers or struct types for all available methods.
-        entry: bash -c 'smrcptr -skip-std=true --constructor=true ./...'
-        language: system
-        stages: [commit, push]
+      # - id: smrcptr
+      #   name: "Go: Same Receiver Pointer"
+      #   description: Don't mix receiver types. Choose either pointers or struct types for all available methods.
+      #   entry: bash -c 'smrcptr -skip-std=true --constructor=true ./...'
+      #   language: system
+      #   stages: [commit, push]
 
       - id: govulncheck
         name: "Go: Vulnerability check"

diff --git a/Makefile b/Makefile
@@ -68,11 +68,12 @@ install-tools-go:
 	$(GO) install github.com/pelletier/go-toml/v2/cmd/tomljson@latest
 	$(GO) install github.com/quasilyte/go-consistent@latest
 	$(GO) install github.com/securego/gosec/v2/cmd/gosec@latest
+	$(GO) install github.com/spf13/cobra-cli@latest
 	$(GO) install golang.org/x/perf/cmd/benchstat@latest
 	$(GO) install golang.org/x/tools/cmd/godoc@latest
+	$(GO) install golang.org/x/tools/go/analysis/passes/fieldalignment/cmd/fieldalignment@latest
 	$(GO) install golang.org/x/vuln/cmd/govulncheck@latest
 	$(GO) install gotest.tools/gotestsum@latest
-	$(GO) install github.com/spf13/cobra-cli@latest
 
 .PHONY: install-tools-mac
 ## install-tools-mac: [tools]* Install/upgrade the required tools for macOS, including Go packages.

diff --git a/cmd/doc.go b/cmd/doc.go
@@ -0,0 +1,20 @@
+// Copyright 2024, Ryan Parman
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/*
+Package cmd is the entry points for the command-line interface (CLI) of the
+`devsec-tools` application. Each package in this directory is a sub-command of
+the CLI.
+*/
+package cmd
diff --git a/cmd/docs.go b/cmd/docs.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//	http://www.apache.org/licenses/LICENSE-2.0
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -39,7 +39,10 @@ var (
 					logger.Fatal().Err(err).Msg("Failed to generate Manpage documentation.")
 				}
 			} else {
-				cmd.Help()
+				err := cmd.Help()
+				if err != nil {
+					logger.Fatal().Err(err).Msg("Failed to display help.")
+				}
 			}
 		},
 	}

diff --git a/cmd/dockerfile_hasher.go → cmd/hasher.go b/cmd/dockerfile_hasher.go → cmd/hasher.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//	http://www.apache.org/licenses/LICENSE-2.0
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -18,7 +18,7 @@ import (
 	"strings"
 
 	"github.com/lithammer/dedent"
-	hasher "github.com/northwood-labs/devsec-tools/pkg/dockerfile-hasher"
+	"github.com/northwood-labs/devsec-tools/pkg/hasher"
 	"github.com/spf13/cobra"
 )
 
@@ -44,7 +44,7 @@ var (
 		Run: func(cmd *cobra.Command, args []string) {
 			dockerfile, rawParser, stageList, err := hasher.ReadFile(fDockerfile, logger)
 			if err != nil {
-				panic(err)
+				logger.Fatal().Err(err).Msg("Failed to read/parse the Dockerfile.")
 			}
 
 			dockerfileLines, err := hasher.ModifyFromLines(
@@ -54,7 +54,7 @@ var (
 				logger,
 			)
 			if err != nil {
-				panic(err)
+				logger.Fatal().Err(err).Msg("Failed to modify the image references.")
 			}
 
 			outputStream := ""
@@ -64,7 +64,7 @@ var (
 
 			bites, err := hasher.WriteFile(dockerfileLines, outputStream, logger)
 			if err != nil {
-				panic(err)
+				logger.Fatal().Err(err).Msg("Failed to write the changes back to disk.")
 			}
 
 			logger.Info().Int("bytes", bites).Msgf("Wrote %d bytes.", bites)
@@ -80,7 +80,10 @@ func init() { // lint:allow_init
 		&fDockerfile, "dockerfile", "f", "Dockerfile", "Path to the Dockerfile to parse/rewrite.",
 	)
 
-	dockerfileHasherCmd.MarkFlagRequired("dockerfile")
+	err := dockerfileHasherCmd.MarkFlagRequired("dockerfile")
+	if err != nil {
+		logger.Fatal().Err(err).Msg("The --dockerfile flag was missing from the command.")
+	}
 
 	rootCmd.AddCommand(dockerfileHasherCmd)
 }
diff --git a/cmd/root.go b/cmd/root.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//	http://www.apache.org/licenses/LICENSE-2.0
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ -15,7 +15,6 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 	"os"
 	"strconv"
@@ -30,7 +29,6 @@ import (
 var (
 	// Color text.
 	colorHeader = color.New(color.FgWhite, color.BgBlue, color.OpBold)
-	ctx         = context.Background()
 	logger      zerolog.Logger
 
 	fQuiet   bool
@@ -55,15 +53,6 @@ var (
 	}
 )
 
-// Execute adds all child commands to the root command and sets flags appropriately.
-// This is called by main.main(). It only needs to happen once to the rootCmd.
-func Execute() {
-	err := rootCmd.Execute()
-	if err != nil {
-		os.Exit(1)
-	}
-}
-
 func init() {
 	rootCmd.PersistentFlags().BoolVarP(
 		&fVerbose, "verbose", "v", false, "Enable verbose output.",
@@ -75,43 +64,54 @@ func init() {
 	rootCmd.MarkFlagsMutuallyExclusive("verbose", "quiet")
 }
 
+// Execute adds all child commands to the root command and sets flags appropriately.
+// This is called by main.main(). It only needs to happen once to the rootCmd.
+func Execute() {
+	err := rootCmd.Execute()
+	if err != nil {
+		os.Exit(1)
+	}
+}
+
 func getLogger(useJSON bool) zerolog.Logger {
 	var zlog zerolog.Logger
 
 	zerolog.CallerMarshalFunc = func(pc uintptr, file string, line int) string {
 		short := file
+
 		for i := len(file) - 1; i > 0; i-- {
 			if file[i] == '/' {
 				short = file[i+1:]
 				break
 			}
 		}
+
 		file = short
 
 		return file + ":" + strconv.Itoa(line)
 	}
 
-	// JSON output
-	if useJSON {
-		zlog = zerolog.New(os.Stderr).With().
-			Caller().
-			Timestamp().
-			Logger()
-	}
-
 	output := zerolog.ConsoleWriter{
 		Out:        os.Stderr,
 		TimeFormat: zerolog.TimeFormatUnix,
 	}
 
-	output.FormatLevel = func(i interface{}) string {
+	output.FormatLevel = func(i any) string {
 		return strings.ToUpper(fmt.Sprintf("| %-6s|", i))
 	}
 
 	zlog = zerolog.New(output).With().
 		Timestamp().
 		Logger()
 
+	// JSON output
+	if useJSON {
+		zlog = zerolog.New(os.Stderr).With().
+			Caller().
+			Timestamp().
+			Logger()
+	}
+
 	zlog = zlog.Level(zerolog.InfoLevel)
 	if fQuiet {
 		zlog = zlog.Level(zerolog.ErrorLevel)

diff --git a/lambda/dockerfile-hasher/main.go b/lambda/dockerfile-hasher/main.go
diff --git a/lambda/hasher/main.go b/lambda/hasher/main.go
@@ -0,0 +1,36 @@
+// Copyright 2024, Ryan Parman
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"context"
+
+	"github.com/aws/aws-lambda-go/lambda"
+	"github.com/aws/aws-lambda-go/lambdacontext"
+	"github.com/northwood-labs/golang-utils/debug"
+)
+
+func main() {
+	lambda.Start(HandleRequest)
+}
+
+func HandleRequest(ctx context.Context, event any) error {
+	lctx, _ := lambdacontext.FromContext(ctx)
+
+	pp := debug.GetSpew()
+	pp.Dump(lctx)
+
+	return nil
+}
diff --git a/main.go b/main.go
@@ -4,7 +4,7 @@
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
-//	http://www.apache.org/licenses/LICENSE-2.0
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,