SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Convert a lot of command line arguments to snake case (#498)

Browse source 
* Convert a lot of variables to snake case

* Add snakecase for variables made out of two words that had it in no version yet (for consistency)

* Adjust example files too

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
This commit is contained in:
JanHoefelmeyer 2023-11-06 14:33:05 +01:00 committed by GitHub
parent 77cc250561
commit 086c4ab48b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 83 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

8
cmd/csaf_aggregator/config.go
View file

@ -54,7 +54,7 @@ type provider struct {
UpdateInterval *string `toml:"update_interval"` UpdateInterval *string `toml:"update_interval"`
// IgnorePattern is a list of patterns of advisory URLs to be ignored. // IgnorePattern is a list of patterns of advisory URLs to be ignored.
IgnorePattern []string `toml:"ignorepattern"` IgnorePattern []string `toml:"ignore_pattern"`
// ExtraHeader adds extra HTTP header fields to client // ExtraHeader adds extra HTTP header fields to client
ExtraHeader http.Header `toml:"header"` ExtraHeader http.Header `toml:"header"`
@ -63,7 +63,7 @@ type provider struct {
ClientKey *string `toml:"client_key"` ClientKey *string `toml:"client_key"`
ClientPassphrase *string `toml:"client_passphrase"` ClientPassphrase *string `toml:"client_passphrase"`
Range *models.TimeRange `toml:"timerange"` Range *models.TimeRange `toml:"time_range"`
clientCerts []tls.Certificate clientCerts []tls.Certificate
ignorePattern filter.PatternMatcher ignorePattern filter.PatternMatcher
@ -92,7 +92,7 @@ type config struct {
ClientKey *string `toml:"client_key"` ClientKey *string `toml:"client_key"`
ClientPassphrase *string `toml:"client_passphrase"` ClientPassphrase *string `toml:"client_passphrase"`
Range *models.TimeRange `long:"timerange" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"timerange"` Range *models.TimeRange `long:"time_range" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"time_range"`
// LockFile tries to lock to a given file. // LockFile tries to lock to a given file.
LockFile *string `toml:"lock_file"` LockFile *string `toml:"lock_file"`
@ -116,7 +116,7 @@ type config struct {
UpdateInterval *string `toml:"update_interval"` UpdateInterval *string `toml:"update_interval"`
// IgnorePattern is a list of patterns of advisory URLs to be ignored. // IgnorePattern is a list of patterns of advisory URLs to be ignored.
IgnorePattern []string `toml:"ignorepattern"` IgnorePattern []string `toml:"ignore_pattern"`
// ExtraHeader adds extra HTTP header fields to client // ExtraHeader adds extra HTTP header fields to client
ExtraHeader http.Header `toml:"header"` ExtraHeader http.Header `toml:"header"`

14
cmd/csaf_checker/config.go
View file

@ -31,18 +31,18 @@ type config struct {
//lint:ignore SA5008 We are using choice twice: json, html. //lint:ignore SA5008 We are using choice twice: json, html.
Format outputFormat `short:"f" long:"format" choice:"json" choice:"html" description:"Format of report" toml:"format"` Format outputFormat `short:"f" long:"format" choice:"json" choice:"html" description:"Format of report" toml:"format"`
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"` Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"`
ClientCert *string `long:"client-cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE" toml:"client_cert"` ClientCert *string `long:"client_cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE" toml:"client_cert"`
ClientKey *string `long:"client-key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE" toml:"client_key"` ClientKey *string `long:"client_key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE" toml:"client_key"`
ClientPassphrase *string `long:"client-passphrase" description:"Optional passphrase for the client cert (limited, experimental, see downloader doc)" value-name:"PASSPHRASE" toml:"client_passphrase"` ClientPassphrase *string `long:"client_passphrase" description:"Optional passphrase for the client cert (limited, experimental, see downloader doc)" value-name:"PASSPHRASE" toml:"client_passphrase"`
Version bool `long:"version" description:"Display version of the binary" toml:"-"` Version bool `long:"version" description:"Display version of the binary" toml:"-"`
Verbose bool `long:"verbose" short:"v" description:"Verbose output" toml:"verbose"` Verbose bool `long:"verbose" short:"v" description:"Verbose output" toml:"verbose"`
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)" toml:"rate"` Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)" toml:"rate"`
Range *models.TimeRange `long:"timerange" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"timerange"` Range *models.TimeRange `long:"time_range" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"time_range"`
IgnorePattern []string `long:"ignorepattern" short:"i" description:"Do not download files if their URLs match any of the given PATTERNs" value-name:"PATTERN" toml:"ignorepattern"` IgnorePattern []string `long:"ignore_pattern" short:"i" description:"Do not download files if their URLs match any of the given PATTERNs" value-name:"PATTERN" toml:"ignore_pattern"`
ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields" toml:"header"` ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields" toml:"header"`
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL" toml:"validator"` RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL" toml:"validator"`
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE" toml:"validator_cache"` RemoteValidatorCache string `long:"validator_cache" description:"FILE to cache remote validations" value-name:"FILE" toml:"validator_cache"`
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more presets to validate remotely" toml:"validator_preset"` RemoteValidatorPresets []string `long:"validator_preset" description:"One or more presets to validate remotely" toml:"validator_preset"`
Config string `short:"c" long:"config" description:"Path to config TOML file" value-name:"TOML-FILE" toml:"-"` Config string `short:"c" long:"config" description:"Path to config TOML file" value-name:"TOML-FILE" toml:"-"`

32
cmd/csaf_downloader/config.go
View file

@ -44,34 +44,34 @@ const (
type config struct { type config struct {
Directory string `short:"d" long:"directory" description:"DIRectory to store the downloaded files in" value-name:"DIR" toml:"directory"` Directory string `short:"d" long:"directory" description:"DIRectory to store the downloaded files in" value-name:"DIR" toml:"directory"`
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"` Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"`
IgnoreSignatureCheck bool `long:"ignoresigcheck" description:"Ignore signature check results, just warn on mismatch" toml:"ignoresigcheck"` IgnoreSignatureCheck bool `long:"ignore_sigcheck" description:"Ignore signature check results, just warn on mismatch" toml:"ignore_sigcheck"`
ClientCert *string `long:"client-cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE" toml:"client_cert"` ClientCert *string `long:"client_cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE" toml:"client_cert"`
ClientKey *string `long:"client-key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE" toml:"client_key"` ClientKey *string `long:"client_key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE" toml:"client_key"`
ClientPassphrase *string `long:"client-passphrase" description:"Optional passphrase for the client cert (limited, experimental, see doc)" value-name:"PASSPHRASE" toml:"client_passphrase"` ClientPassphrase *string `long:"client_passphrase" description:"Optional passphrase for the client cert (limited, experimental, see doc)" value-name:"PASSPHRASE" toml:"client_passphrase"`
Version bool `long:"version" description:"Display version of the binary" toml:"-"` Version bool `long:"version" description:"Display version of the binary" toml:"-"`
NoStore bool `long:"nostore" short:"n" description:"Do not store files" toml:"no_store"` NoStore bool `long:"no_store" short:"n" description:"Do not store files" toml:"no_store"`
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)" toml:"rate"` Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)" toml:"rate"`
Worker int `long:"worker" short:"w" description:"NUMber of concurrent downloads" value-name:"NUM" toml:"worker"` Worker int `long:"worker" short:"w" description:"NUMber of concurrent downloads" value-name:"NUM" toml:"worker"`
Range *models.TimeRange `long:"timerange" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"timerange"` Range *models.TimeRange `long:"time_range" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"time_range"`
Folder string `long:"folder" short:"f" description:"Download into a given subFOLDER" value-name:"FOLDER" toml:"folder"` Folder string `long:"folder" short:"f" description:"Download into a given subFOLDER" value-name:"FOLDER" toml:"folder"`
IgnorePattern []string `long:"ignorepattern" short:"i" description:"Do not download files if their URLs match any of the given PATTERNs" value-name:"PATTERN" toml:"ignorepattern"` IgnorePattern []string `long:"ignore_pattern" short:"i" description:"Do not download files if their URLs match any of the given PATTERNs" value-name:"PATTERN" toml:"ignore_pattern"`
ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields" toml:"header"` ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields" toml:"header"`
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL" toml:"validator"` RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL" toml:"validator"`
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE" toml:"validatorcache"` RemoteValidatorCache string `long:"validator_cache" description:"FILE to cache remote validations" value-name:"FILE" toml:"validator_cache"`
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more PRESETS to validate remotely" value-name:"PRESETS" toml:"validatorpreset"` RemoteValidatorPresets []string `long:"validator_preset" description:"One or more PRESETS to validate remotely" value-name:"PRESETS" toml:"validator_preset"`
//lint:ignore SA5008 We are using choice twice: strict, unsafe. //lint:ignore SA5008 We are using choice twice: strict, unsafe.
ValidationMode validationMode `long:"validationmode" short:"m" choice:"strict" choice:"unsafe" value-name:"MODE" description:"MODE how strict the validation is" toml:"validation_mode"` ValidationMode validationMode `long:"validation_mode" short:"m" choice:"strict" choice:"unsafe" value-name:"MODE" description:"MODE how strict the validation is" toml:"validation_mode"`
ForwardURL string `long:"forwardurl" description:"URL of HTTP endpoint to forward downloads to" value-name:"URL" toml:"forward_url"` ForwardURL string `long:"forward_url" description:"URL of HTTP endpoint to forward downloads to" value-name:"URL" toml:"forward_url"`
ForwardHeader http.Header `long:"forwardheader" description:"One or more extra HTTP header fields used by forwarding" toml:"forward_header"` ForwardHeader http.Header `long:"forward_header" description:"One or more extra HTTP header fields used by forwarding" toml:"forward_header"`
ForwardQueue int `long:"forwardqueue" description:"Maximal queue LENGTH before forwarder" value-name:"LENGTH" toml:"forward_queue"` ForwardQueue int `long:"forward_queue" description:"Maximal queue LENGTH before forwarder" value-name:"LENGTH" toml:"forward_queue"`
ForwardInsecure bool `long:"forwardinsecure" description:"Do not check TLS certificates from forward endpoint" toml:"forward_insecure"` ForwardInsecure bool `long:"forward_insecure" description:"Do not check TLS certificates from forward endpoint" toml:"forward_insecure"`
LogFile *string `long:"logfile" description:"FILE to log downloading to" value-name:"FILE" toml:"log_file"` LogFile *string `long:"log_file" description:"FILE to log downloading to" value-name:"FILE" toml:"log_file"`
//lint:ignore SA5008 We are using choice or than once: debug, info, warn, error //lint:ignore SA5008 We are using choice or than once: debug, info, warn, error
LogLevel *options.LogLevel `long:"loglevel" description:"LEVEL of logging details" value-name:"LEVEL" choice:"debug" choice:"info" choice:"warn" choice:"error" toml:"log_level"` LogLevel *options.LogLevel `long:"log_level" description:"LEVEL of logging details" value-name:"LEVEL" choice:"debug" choice:"info" choice:"warn" choice:"error" toml:"log_level"`
Config string `short:"c" long:"config" description:"Path to config TOML file" value-name:"TOML-FILE" toml:"-"` Config string `short:"c" long:"config" description:"Path to config TOML file" value-name:"TOML-FILE" toml:"-"`

14
cmd/csaf_uploader/config.go
View file

@ -35,18 +35,18 @@ type config struct {
URL string `short:"u" long:"url" description:"URL of the CSAF provider" value-name:"URL" toml:"url"` URL string `short:"u" long:"url" description:"URL of the CSAF provider" value-name:"URL" toml:"url"`
//lint:ignore SA5008 We are using choice many times: csaf, white, green, amber, red. //lint:ignore SA5008 We are using choice many times: csaf, white, green, amber, red.
TLP string `short:"t" long:"tlp" choice:"csaf" choice:"white" choice:"green" choice:"amber" choice:"red" description:"TLP of the feed" toml:"tlp"` TLP string `short:"t" long:"tlp" choice:"csaf" choice:"white" choice:"green" choice:"amber" choice:"red" description:"TLP of the feed" toml:"tlp"`
ExternalSigned bool `short:"x" long:"external-signed" description:"CSAF files are signed externally. Assumes .asc files beside CSAF files." toml:"external_signed"` ExternalSigned bool `short:"x" long:"external_signed" description:"CSAF files are signed externally. Assumes .asc files beside CSAF files." toml:"external_signed"`
NoSchemaCheck bool `short:"s" long:"no-schema-check" description:"Do not check files against CSAF JSON schema locally." toml:"no_schema_check"` NoSchemaCheck bool `short:"s" long:"no_schema_check" description:"Do not check files against CSAF JSON schema locally." toml:"no_schema_check"`
Key *string `short:"k" long:"key" description:"OpenPGP key to sign the CSAF files" value-name:"KEY-FILE" toml:"key"` Key *string `short:"k" long:"key" description:"OpenPGP key to sign the CSAF files" value-name:"KEY-FILE" toml:"key"`
Password *string `short:"p" long:"password" description:"Authentication password for accessing the CSAF provider" value-name:"PASSWORD" toml:"password"` Password *string `short:"p" long:"password" description:"Authentication password for accessing the CSAF provider" value-name:"PASSWORD" toml:"password"`
Passphrase *string `short:"P" long:"passphrase" description:"Passphrase to unlock the OpenPGP key" value-name:"PASSPHRASE" toml:"passphrase"` Passphrase *string `short:"P" long:"passphrase" description:"Passphrase to unlock the OpenPGP key" value-name:"PASSPHRASE" toml:"passphrase"`
ClientCert *string `long:"client-cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE.crt" toml:"client_cert"` ClientCert *string `long:"client_cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE.crt" toml:"client_cert"`
ClientKey *string `long:"client-key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE.pem" toml:"client_key"` ClientKey *string `long:"client_key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE.pem" toml:"client_key"`
ClientPassphrase *string `long:"client-passphrase" description:"Optional passphrase for the client cert (limited, experimental, see downloader doc)" value-name:"PASSPHRASE" toml:"client_passphrase"` ClientPassphrase *string `long:"client_passphrase" description:"Optional passphrase for the client cert (limited, experimental, see downloader doc)" value-name:"PASSPHRASE" toml:"client_passphrase"`
PasswordInteractive bool `short:"i" long:"password-interactive" description:"Enter password interactively" toml:"password_interactive"` PasswordInteractive bool `short:"i" long:"password_interactive" description:"Enter password interactively" toml:"password_interactive"`
PassphraseInteractive bool `short:"I" long:"passphrase-interactive" description:"Enter OpenPGP key passphrase interactively" toml:"passphrase_interactive"` PassphraseInteractive bool `short:"I" long:"passphrase_interactive" description:"Enter OpenPGP key passphrase interactively" toml:"passphrase_interactive"`
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"` Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"`

4
cmd/csaf_validator/main.go
View file

@ -25,8 +25,8 @@ import (
type options struct { type options struct {
Version bool `long:"version" description:"Display version of the binary"` Version bool `long:"version" description:"Display version of the binary"`
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL"` RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL"`
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE"` RemoteValidatorCache string `long:"validator_cache" description:"FILE to cache remote validations" value-name:"FILE"`
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more presets to validate remotely" default:"mandatory"` RemoteValidatorPresets []string `long:"validator_preset" description:"One or more presets to validate remotely" default:"mandatory"`
Output string `short:"o" long:"output" description:"If a remote validator was used, display AMOUNT ('all', 'important' or 'short') results" value-name:"AMOUNT"` Output string `short:"o" long:"output" description:"If a remote validator was used, display AMOUNT ('all', 'important' or 'short') results" value-name:"AMOUNT"`
} }

10
docs/csaf_aggregator.md
View file

@ -6,7 +6,7 @@
csaf_aggregator [OPTIONS] csaf_aggregator [OPTIONS]
Application Options: Application Options:
-t, --timerange=RANGE RANGE of time from which advisories to download -t, --time_range=RANGE RANGE of time from which advisories to download
-i, --interim Perform an interim scan -i, --interim Perform an interim scan
--version Display version of the binary --version Display version of the binary
-c, --config=TOML-FILE Path to config TOML file -c, --config=TOML-FILE Path to config TOML file
@ -104,12 +104,12 @@ lock_file // path to lockfile, to stop other instances if one is n
interim_years // limiting the years for which interim documents are searched (default 0) interim_years // limiting the years for which interim documents are searched (default 0)
verbose // print more diagnostic output, e.g. https requests (default false) verbose // print more diagnostic output, e.g. https requests (default false)
allow_single_provider // debugging option (default false) allow_single_provider // debugging option (default false)
ignorepattern // patterns of advisory URLs to be ignored (see checker doc for details) ignore_pattern // patterns of advisory URLs to be ignored (see checker doc for details)
client_cert // path to client certificate to access access-protected advisories client_cert // path to client certificate to access access-protected advisories
client_key // path to client key to access access-protected advisories client_key // path to client key to access access-protected advisories
client_passphrase // optional client cert passphrase (limited, experimental, see downloader doc) client_passphrase // optional client cert passphrase (limited, experimental, see downloader doc)
header // adds extra HTTP header fields to the client header // adds extra HTTP header fields to the client
timerange // Accepted time range of advisories to handle. See downloader docs for details. time_range // Accepted time range of advisories to handle. See downloader docs for details.
``` ```
Next we have two TOML _tables_: Next we have two TOML _tables_:
@ -139,7 +139,7 @@ category
update_interval update_interval
create_service_document create_service_document
categories categories
ignorepattern ignore_pattern
client_cert client_cert
client_key client_key
client_passphrase client_passphrase
@ -229,7 +229,7 @@ insecure = true
# If aggregator.category == "aggregator", set for an entry that should # If aggregator.category == "aggregator", set for an entry that should
# be listed in addition: # be listed in addition:
category = "lister" category = "lister"
# ignorepattern = [".*white.*", ".*red.*"] # ignore_pattern = [".*white.*", ".*red.*"]
``` ```
<!-- MARKDOWN-AUTO-DOCS:END --> <!-- MARKDOWN-AUTO-DOCS:END -->

16
docs/csaf_checker.md
View file

@ -10,18 +10,18 @@ Application Options:
-o, --output=REPORT-FILE File name of the generated report -o, --output=REPORT-FILE File name of the generated report
-f, --format=[json|html] Format of report (default: json) -f, --format=[json|html] Format of report (default: json)
--insecure Do not check TLS certificates from provider --insecure Do not check TLS certificates from provider
--client-cert=CERT-FILE TLS client certificate file (PEM encoded data) --client_cert=CERT-FILE TLS client certificate file (PEM encoded data)
--client-key=KEY-FILE TLS client private key file (PEM encoded data) --client_key=KEY-FILE TLS client private key file (PEM encoded data)
--client-passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see downloader doc) --client_passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see downloader doc)
--version Display version of the binary --version Display version of the binary
-v, --verbose Verbose output -v, --verbose Verbose output
-r, --rate= The average upper limit of https operations per second (defaults to unlimited) -r, --rate= The average upper limit of https operations per second (defaults to unlimited)
-t, --timerange=RANGE RANGE of time from which advisories to download -t, --time_range=RANGE RANGE of time from which advisories to download
-i, --ignorepattern=PATTERN Do not download files if their URLs match any of the given PATTERNs -i, --ignore_pattern=PATTERN Do not download files if their URLs match any of the given PATTERNs
-H, --header= One or more extra HTTP header fields -H, --header= One or more extra HTTP header fields
--validator=URL URL to validate documents remotely --validator=URL URL to validate documents remotely
--validatorcache=FILE FILE to cache remote validations --validator_cache=FILE FILE to cache remote validations
--validatorpreset= One or more presets to validate remotely (default: [mandatory]) --validator_preset= One or more presets to validate remotely (default: [mandatory])
-c, --config=TOML-FILE Path to config TOML file -c, --config=TOML-FILE Path to config TOML file
Help Options: Help Options:
@ -50,7 +50,7 @@ insecure = false
# client_passphrase # not set by default # client_passphrase # not set by default
verbose = false verbose = false
# rate # not set by default # rate # not set by default
# timerange # not set by default # time_range # not set by default
# header # not set by default # header # not set by default
# validator # not set by default # validator # not set by default
# validator_cache # not set by default # validator_cache # not set by default

36
docs/csaf_downloader.md
View file

@ -9,26 +9,26 @@ csaf_downloader [OPTIONS] domain...
Application Options: Application Options:
-d, --directory=DIR DIRectory to store the downloaded files in -d, --directory=DIR DIRectory to store the downloaded files in
--insecure Do not check TLS certificates from provider --insecure Do not check TLS certificates from provider
--ignoresigcheck Ignore signature check results, just warn on mismatch --ignore_sigcheck Ignore signature check results, just warn on mismatch
--client-cert=CERT-FILE TLS client certificate file (PEM encoded data) --client_cert=CERT-FILE TLS client certificate file (PEM encoded data)
--client-key=KEY-FILE TLS client private key file (PEM encoded data) --client_key=KEY-FILE TLS client private key file (PEM encoded data)
--client-passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see doc) --client_passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see doc)
--version Display version of the binary --version Display version of the binary
-n, --nostore Do not store files -n, --no_store Do not store files
-r, --rate= The average upper limit of https operations per second (defaults to unlimited) -r, --rate= The average upper limit of https operations per second (defaults to unlimited)
-w, --worker=NUM NUMber of concurrent downloads (default: 2) -w, --worker=NUM NUMber of concurrent downloads (default: 2)
-t, --timerange=RANGE RANGE of time from which advisories to download -t, --time_range=RANGE RANGE of time from which advisories to download
-f, --folder=FOLDER Download into a given subFOLDER -f, --folder=FOLDER Download into a given subFOLDER
-i, --ignorepattern=PATTERN Do not download files if their URLs match any of the given PATTERNs -i, --ignore_pattern=PATTERN Do not download files if their URLs match any of the given PATTERNs
-H, --header= One or more extra HTTP header fields -H, --header= One or more extra HTTP header fields
--validator=URL URL to validate documents remotely --validator=URL URL to validate documents remotely
--validatorcache=FILE FILE to cache remote validations --validator_cache=FILE FILE to cache remote validations
--validatorpreset=PRESETS One or more PRESETS to validate remotely (default: [mandatory]) --validator_preset=PRESETS One or more PRESETS to validate remotely (default: [mandatory])
-m, --validationmode=MODE[strict|unsafe] MODE how strict the validation is (default: strict) -m, --validation_mode=MODE[strict|unsafe] MODE how strict the validation is (default: strict)
--forwardurl=URL URL of HTTP endpoint to forward downloads to --forward_url=URL URL of HTTP endpoint to forward downloads to
--forwardheader= One or more extra HTTP header fields used by forwarding --forward_header= One or more extra HTTP header fields used by forwarding
--forwardqueue=LENGTH Maximal queue LENGTH before forwarder (default: 5) --forward_queue=LENGTH Maximal queue LENGTH before forwarder (default: 5)
--forwardinsecure Do not check TLS certificates from forward endpoint --forward_insecure Do not check TLS certificates from forward endpoint
--logfile=FILE FILE to log downloading to (default: downloader.log) --logfile=FILE FILE to log downloading to (default: downloader.log)
--loglevel=LEVEL[debug|info|warn|error] LEVEL of logging details (default: info) --loglevel=LEVEL[debug|info|warn|error] LEVEL of logging details (default: info)
-c, --config=TOML-FILE Path to config TOML file -c, --config=TOML-FILE Path to config TOML file
@ -65,13 +65,13 @@ insecure = false
ignoresigcheck = false ignoresigcheck = false
# rate # set to unlimited # rate # set to unlimited
worker = 2 worker = 2
# timerange # not set by default # time_range # not set by default
# folder # not set by default # folder # not set by default
# ignorepattern # not set by default # ignore_pattern # not set by default
# header # not set by default # header # not set by default
# validator # not set by default # validator # not set by default
# validatorcache # not set by default # validator_cache # not set by default
validatorpreset = ["mandatory"] validator_preset = ["mandatory"]
validation_mode = "strict" validation_mode = "strict"
# forward_url # not set by default # forward_url # not set by default
# forward_header # not set by default # forward_header # not set by default

14
docs/csaf_uploader.md
View file

@ -9,16 +9,16 @@ Application Options:
-a, --action=[upload|create] Action to perform (default: upload) -a, --action=[upload|create] Action to perform (default: upload)
-u, --url=URL URL of the CSAF provider (default: https://localhost/cgi-bin/csaf_provider.go) -u, --url=URL URL of the CSAF provider (default: https://localhost/cgi-bin/csaf_provider.go)
-t, --tlp=[csaf|white|green|amber|red] TLP of the feed (default: csaf) -t, --tlp=[csaf|white|green|amber|red] TLP of the feed (default: csaf)
-x, --external-signed CSAF files are signed externally. Assumes .asc files beside CSAF files. -x, --external_signed CSAF files are signed externally. Assumes .asc files beside CSAF files.
-s, --no-schema-check Do not check files against CSAF JSON schema locally. -s, --no_schema_check Do not check files against CSAF JSON schema locally.
-k, --key=KEY-FILE OpenPGP key to sign the CSAF files -k, --key=KEY-FILE OpenPGP key to sign the CSAF files
-p, --password=PASSWORD Authentication password for accessing the CSAF provider -p, --password=PASSWORD Authentication password for accessing the CSAF provider
-P, --passphrase=PASSPHRASE Passphrase to unlock the OpenPGP key -P, --passphrase=PASSPHRASE Passphrase to unlock the OpenPGP key
--client-cert=CERT-FILE.crt TLS client certificate file (PEM encoded data) --client_cert=CERT-FILE.crt TLS client certificate file (PEM encoded data)
--client-key=KEY-FILE.pem TLS client private key file (PEM encoded data) --client_key=KEY-FILE.pem TLS client private key file (PEM encoded data)
--client-passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see downloader doc) --client_passphrase=PASSPHRASE Optional passphrase for the client cert (limited, experimental, see downloader doc)
-i, --password-interactive Enter password interactively -i, --password_interactive Enter password interactively
-I, --passphrase-interactive Enter OpenPGP key passphrase interactively -I, --passphrase_interactive Enter OpenPGP key passphrase interactively
--insecure Do not check TLS certificates from provider --insecure Do not check TLS certificates from provider
-c, --config=TOML-FILE Path to config TOML file -c, --config=TOML-FILE Path to config TOML file
--version Display version of the binary --version Display version of the binary

4
docs/csaf_validator.md
View file

@ -10,8 +10,8 @@ csaf_validator [OPTIONS] files...
Application Options: Application Options:
--version Display version of the binary --version Display version of the binary
--validator=URL URL to validate documents remotely --validator=URL URL to validate documents remotely
--validatorcache=FILE FILE to cache remote validations --validator_cache=FILE FILE to cache remote validations
--validatorpreset= One or more presets to validate remotely (default: mandatory) --validator_preset= One or more presets to validate remotely (default: mandatory)
-o AMOUNT, --output=AMOUNT If a remote validator was used, display the results in JSON format -o AMOUNT, --output=AMOUNT If a remote validator was used, display the results in JSON format
AMOUNT: AMOUNT:

6
docs/examples/aggregator.toml
View file

@ -10,7 +10,7 @@ insecure = true
#interim_years = #interim_years =
#passphrase = #passphrase =
#write_indices = false #write_indices = false
#timerange = #time_range =
# specification requires at least two providers (default), # specification requires at least two providers (default),
# to override for testing, enable: # to override for testing, enable:
@ -32,7 +32,7 @@ insecure = true
create_service_document = true create_service_document = true
# rate = 1.5 # rate = 1.5
# insecure = true # insecure = true
# timerange = # time_range =
[[providers]] [[providers]]
name = "local-dev-provider2" name = "local-dev-provider2"
@ -54,4 +54,4 @@ insecure = true
# If aggregator.category == "aggreator", set for an entry that should # If aggregator.category == "aggreator", set for an entry that should
# be listed in addition: # be listed in addition:
category = "lister" category = "lister"
# ignorepattern = [".*white.*", ".*red.*"] # ignore_pattern = [".*white.*", ".*red.*"]

4
docs/scripts/testChecker.sh
View file

@ -14,8 +14,8 @@ echo '==== run checker (twice)'
cd ~/csaf_distribution cd ~/csaf_distribution
./bin-linux-amd64/csaf_checker -f html -o ../checker-results.html --insecure \ ./bin-linux-amd64/csaf_checker -f html -o ../checker-results.html --insecure \
--client-cert ~/devca1/testclient1.crt \ --client_cert ~/devca1/testclient1.crt \
--client-key ~/devca1/testclient1-key.pem \ --client_key ~/devca1/testclient1-key.pem \
--verbose --insecure localhost --verbose --insecure localhost
cat ../checker-results.html cat ../checker-results.html

4
docs/scripts/uploadToProvider.sh
View file

@ -23,7 +23,7 @@ for f in $(ls csaf_examples); do
../../bin-linux-amd64/csaf_uploader --insecure -P security123 -a upload \ ../../bin-linux-amd64/csaf_uploader --insecure -P security123 -a upload \
-t ${TLPs[$((COUNTER++ % 4))]} \ -t ${TLPs[$((COUNTER++ % 4))]} \
-u https://localhost:8443/cgi-bin/csaf_provider.go \ -u https://localhost:8443/cgi-bin/csaf_provider.go \
--client-cert ~/devca1/testclient1.crt \ --client_cert ~/devca1/testclient1.crt \
--client-key ~/devca1/testclient1-key.pem \ --client_key ~/devca1/testclient1-key.pem \
./csaf_examples/"$f" ./csaf_examples/"$f"
done done