analyze

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 19, 2024 License: GPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Command = &cobra.Command{
	Use:   "analyze",
	Short: "Analyze an image for secrets",
	Long:  `Analyze an image for secrets, either statically or dynamically.`,
	PersistentPreRun: func(cmd *cobra.Command, args []string) {
		var (
			cfg  config.File
			spnr *spinner.Spinner
			ctx  = context.Background()
		)

		imageName, _ := cmd.Flags().GetString("image")

		spnr = logging.StartSpinner("parsing configuration")
		err := viper.Unmarshal(&cfg)
		logrus.Infof("parsing regular expression detection configuration")
		rules, invalidRules := secrets.ParseRules(cfg.Rules)

		logging.FinishSpinnerWithError(spnr, err)
		if len(invalidRules) > 0 && viper.GetBool("ignore-invalid") {
			for _, iR := range invalidRules {
				logrus.Debugf("invalid pattern '%s'", iR.Pattern)
			}
			logging.Msg("%d invalid rules found, ignoring due to flag `ignore-invalid`", len(invalidRules))
		}

		detector := secrets.NewDetector(secrets.Opts{UseDefaultRules: !cfg.ExcludeDefaultRules}, rules...)
		ctx = context.WithValue(ctx, detectorContextKey, detector)

		spnr = logging.StartSpinner("connecting to docker daemon")
		i, err := image.NewImage(imageName)
		logging.FinishSpinnerWithError(spnr, err)

		if pull, _ := cmd.Flags().GetBool("pull"); pull {
			spnr = logging.StartSpinner("pulling image from remote")
			err = i.Pull()
			logging.FinishSpinnerWithError(spnr, err)
		}
		ctx = context.WithValue(ctx, imageContextKey, i)
		cmd.SetContext(ctx)
	},

	PersistentPostRun: func(cmd *cobra.Command, args []string) {

		ctx := cmd.Context()

		findings, ok := ctx.Value(findingsContextKey).([]analysis.Finding)
		if !ok {
			logging.Fatal(errorMsgFmt, "error parsing findings from context")
		}

		var formatter analysis.Formatter
		switch format, _ := cmd.Flags().GetString("output"); format {
		case "json":
			formatter = analysis.JSONFormatter
		default:
			formatter = analysis.DefaultFormatter
		}

		if len(findings) == 0 {
			logging.Header("no secret strings found", logging.H1)
		} else {
			logging.Header(fmt.Sprintf("%d secrets found", len(findings)), logging.H1)
			logging.Msg("")
			output, err := formatter(findings)
			if err != nil {
				logrus.Errorf("error formatting findings: %s", err)
				logging.Fatal(errorMsgFmt, "error formatting findings")
			}
			logging.Msg(output)
		}
	},
}

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.