horusec-api/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Links

Open Source Insights

README ¶

HORUSEC-API

Horusec-API is responsible for receiving Horusec-CLI requests via http request to start a new analysis. In addition to being responsible for acquiring and returning the analysis saved in the system!

This service will have two features:

Receive a new code analysis:
- Acquire zip file sent by HORUSEC-CLI;
- Unzip and save in shared volume;
- Perform a language detection and which language should run;
- Publish to the HORUSEC-ANALYSER queue to start performing vulnerability detection.
Check if the analysisID exists in the database and return your model.

You can see more details about this service in image /assets/horusec-api.jpg

Running

To run the service you can run the follow command

go run ./horusec-api/cmd/app/main.go

And you see the log

service running on port :8000
swagger running on url:  http://localhost:8000/swagger/index.html

Generate new version

To generate a new version go to the root directory you can run the follow command, and it will generate a new version on dokerhub.

make update-api

Environments

To change variables environment to run your analysis also you set new values.

Environment Name	Default Value	Description
HORUSEC_SWAGGER_HOST	localhost	This environment get host to run in swagger
HORUSEC_DATABASE_SQL_URI	postgres	This environment get uri to connect on database POSTGRES
HORUSEC_DATABASE_SQL_DIALECT	postgresql://root:root@localhost:5432/horusec_db?sslmode=disable	This environment get dialect to connect on database POSTGRES
HORUSEC_DATABASE_SQL_LOG_MODE	false	This environment get bool to enable logs on POSTGRES
HORUSEC_PORT	8000	This environment get the port that the service will start
HORUSEC_GRPC_AUTH_URL	localhost:8007	This environment get horusec url to mount horusec auth url
HORUSEC_GRPC_USE_CERTS	false	This environment get if use of certificates is active or not
HORUSEC_GRPC_CERT_PATH		This environment get grpc certificate path
HORUSEC_DISABLED_BROKER	false	Disable broker dispatch in this service used to webhook dispatch
HORUSEC_BROKER_HOST	127.0.0.1	This environment get host to connect on broker RABBIT
HORUSEC_BROKER_PORT	5672	This environment get port to connect on broker RABBIT
HORUSEC_BROKER_USERNAME	guest	This environment get username to connect on broker RABBIT
HORUSEC_BROKER_PASSWORD	guest	This environment get password to connect on broker RABBIT

Swagger

To update swagger.json, you need run command into root horusec-api folder

swag init -g ./cmd/app/main.go

Directories ¶

Path	Synopsis
cmd
app
config
app
broker
cors
grpc
swagger
docs
internal
controllers/analysis
controllers/management
controllers/tokens/company
controllers/tokens/repository
handlers/analysis
handlers/health
handlers/management
handlers/tokens/company
handlers/tokens/repository
router nolint	nolint
router/routes
usecases/management
usecases/tokens

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL