mirror of
https://github.com/gocsaf/csaf.git
synced 2025-12-22 11:55:40 +01:00
Load config from TOML file
This commit is contained in:
Sascha L. Teichmann
parent
12ad7706e3
commit
bfcf98464f
2 changed files with 106 additions and 37 deletions
|
|
@ -11,28 +11,109 @@ package main
|
|||
import (
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
|
||||
"github.com/BurntSushi/toml"
|
||||
"github.com/csaf-poc/csaf_distribution/v2/util"
|
||||
"github.com/jessevdk/go-flags"
|
||||
"github.com/mitchellh/go-homedir"
|
||||
)
|
||||
|
||||
type config struct {
|
||||
Output string `short:"o" long:"output" description:"File name of the generated report" value-name:"REPORT-FILE"`
|
||||
Format string `short:"f" long:"format" choice:"json" choice:"html" description:"Format of report" default:"json"`
|
||||
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider"`
|
||||
ClientCert *string `long:"client-cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE"`
|
||||
ClientKey *string `long:"client-key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE"`
|
||||
Version bool `long:"version" description:"Display version of the binary"`
|
||||
Verbose bool `long:"verbose" short:"v" description:"Verbose output"`
|
||||
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)"`
|
||||
Years *uint `long:"years" short:"y" description:"Number of years to look back from now" value-name:"YEARS"`
|
||||
ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields"`
|
||||
Output string `short:"o" long:"output" description:"File name of the generated report" value-name:"REPORT-FILE" toml:"output"`
|
||||
Format string `short:"f" long:"format" choice:"json" choice:"html" description:"Format of report" default:"json" toml:"format"`
|
||||
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider" toml:"insecure"`
|
||||
ClientCert *string `long:"client-cert" description:"TLS client certificate file (PEM encoded data)" value-name:"CERT-FILE" toml:"client_cert"`
|
||||
ClientKey *string `long:"client-key" description:"TLS client private key file (PEM encoded data)" value-name:"KEY-FILE" toml:"client_key"`
|
||||
Version bool `long:"version" description:"Display version of the binary" toml:"-"`
|
||||
Verbose bool `long:"verbose" short:"v" description:"Verbose output" toml:"verbose"`
|
||||
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second (defaults to unlimited)" toml:"rate"`
|
||||
Years *uint `long:"years" short:"y" description:"Number of years to look back from now" value-name:"YEARS" toml:"years"`
|
||||
ExtraHeader http.Header `long:"header" short:"H" description:"One or more extra HTTP header fields" toml:"header"`
|
||||
|
||||
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL"`
|
||||
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE"`
|
||||
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more presets to validate remotely" default:"mandatory"`
|
||||
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL" toml:"validator"`
|
||||
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE" toml:"validator_cache"`
|
||||
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more presets to validate remotely" default:"mandatory" toml:"validator_preset"`
|
||||
|
||||
Config *string `short:"c" long:"config" description:"Path to config TOML file" value-name:"TOML-FILE" toml:"-"`
|
||||
|
||||
clientCerts []tls.Certificate
|
||||
}
|
||||
|
||||
// parseArgsConfig parse the command arguments and loads configuration
|
||||
// from a configuration file.
|
||||
func parseArgsConfig() ([]string, *config, error) {
|
||||
cfg := &config{
|
||||
RemoteValidatorPresets: []string{"mandatory"},
|
||||
}
|
||||
|
||||
parser := flags.NewParser(cfg, flags.Default)
|
||||
parser.Usage = "[OPTIONS] domain..."
|
||||
args, err := parser.Parse()
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
if cfg.Version {
|
||||
fmt.Println(util.SemVersion)
|
||||
os.Exit(0)
|
||||
}
|
||||
|
||||
if cfg.Config != nil {
|
||||
path, err := homedir.Expand(*cfg.Config)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
if err := cfg.load(path); err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
} else if path := findConfigFile(); path != "" {
|
||||
if err := cfg.load(path); err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return args, cfg, nil
|
||||
}
|
||||
|
||||
// configPaths are the potential file locations of the the config file.
|
||||
var configPaths = []string{
|
||||
"~/.config/csaf/checker.toml",
|
||||
"~/.csaf_checker.toml",
|
||||
"csaf_checker.toml",
|
||||
}
|
||||
|
||||
// findConfigFile looks for a file in the pre-defined paths in "configPaths".
|
||||
// The returned value will be the name of file if found, otherwise an empty string.
|
||||
func findConfigFile() string {
|
||||
for _, f := range configPaths {
|
||||
name, err := homedir.Expand(f)
|
||||
if err != nil {
|
||||
log.Printf("warn: %v\n", err)
|
||||
continue
|
||||
}
|
||||
if _, err := os.Stat(name); err == nil {
|
||||
return name
|
||||
}
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// load loads a configuration from file.
|
||||
func (cfg *config) load(path string) error {
|
||||
md, err := toml.DecodeFile(path, &cfg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if undecoded := md.Undecoded(); len(undecoded) != 0 {
|
||||
return fmt.Errorf("could not parse %q from %q", undecoded, path)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// protectedAccess returns true if we have client certificates or
|
||||
// extra http headers configured.
|
||||
// This may be a wrong assumption, because the certs are not checked
|
||||
|
|
@ -41,6 +122,7 @@ func (cfg *config) protectedAccess() bool {
|
|||
return len(cfg.clientCerts) > 0 || len(cfg.ExtraHeader) > 0
|
||||
}
|
||||
|
||||
// prepare prepares internal state of a loaded configuration.
|
||||
func (cfg *config) prepare() error {
|
||||
// Load client certs.
|
||||
switch hasCert, hasKey := cfg.ClientCert != nil, cfg.ClientKey != nil; {
|
||||
|
|
@ -57,3 +139,13 @@ func (cfg *config) prepare() error {
|
|||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// errCheck checks if err is not nil and terminates the program if so.
|
||||
func errCheck(err error) {
|
||||
if err != nil {
|
||||
if flags.WroteHelp(err) {
|
||||
os.Exit(0)
|
||||
}
|
||||
log.Fatalf("error: %v\n", err)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue