config

package
v1.0.1-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 2, 2020 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// This setting has the purpose of identifying where the url where the horusec-api service is hosted will be
	// By default is http://0.0.0.0:8000
	// Validation: It is mandatory to be a valid url
	EnvHorusecAPIUri = "HORUSEC_CLI_HORUSEC_API_URI"
	// This setting will identify how long I want to wait in seconds to send the analysis object to horusec-api
	// By default is 300
	// Validation: It is mandatory to be greater than 10
	EnvTimeoutInSecondsRequest = "HORUSEC_CLI_TIMEOUT_IN_SECONDS_REQUEST"
	// This setting will identify how long I want to wait in seconds to carry out an analysis that includes:
	// acquiring a project, sending it to analysis containers and acquiring a response
	// By default is 600
	// Validation: It is mandatory to be greater than 10
	EnvTimeoutInSecondsAnalysis = "HORUSEC_CLI_TIMEOUT_IN_SECONDS_ANALYSIS"
	// This setting will identify how many in how many seconds
	// I want to check if my analysis is close to the timeout
	// By default is 15
	// Validation: It is mandatory to be greater than 10
	EnvMonitorRetryInSeconds = "HORUSEC_CLI_MONITOR_RETRY_IN_SECONDS"
	// This setting is to identify which repository you are analyzing from.
	// This repository is created within the horusec webapp
	// By default is 00000000-0000-0000-0000-000000000000
	// Validation: If exist It is mandatory to be valid uuid
	EnvRepositoryAuthorization = "HORUSEC_CLI_REPOSITORY_AUTHORIZATION"
	// This setting is to know what type of output you want for the analysis (text, json, sonarqube)
	// By default is text
	// Validation: It is mandatory to be in text, json, sonarqube
	EnvPrintOutputType = "HORUSEC_CLI_PRINT_OUTPUT_TYPE"
	// This setting is to know in which directory you want the output of the json file
	// generated by the output types json or sonarqube to be located.
	// By default if the type is json or sonarqube o path is ./output.json
	// Validation: It is mandatory to be valid path
	EnvJSONOutputFilePath = "HORUSEC_CLI_JSON_OUTPUT_FILEPATH"
	// This setting is to find out what types of severity I don't want you to recognize as a vulnerability.
	// The types are: "LOW", "MEDIUM", "HIGH", "NOSEC", "AUDIT"
	// If you want ignore other you can add in value. Ex.: "LOW, MEDIUM, NOSEC"
	// This setting is to know what types of severity
	// I do not want you to recognize as a vulnerability
	// and will not count towards the return of exit (1) if configured
	// Validation: It is mandatory to be in "LOW", "MEDIUM", "HIGH", "NOSEC", "AUDIT"
	EnvTypesOfVulnerabilitiesToIgnore = "HORUSEC_CLI_TYPES_OF_VULNERABILITIES_TO_IGNORE"
	// This setting is to know which files and folders I want to ignore to send for analysis
	// By default we ignore each other:
	//   * Folders: "/.horusec/", "/.idea/", "/.vscode/", "/tmp/", "/bin/", "/node_modules/", "/vendor/"
	//   * Files: ".jpg", ".png", ".gif", ".webp", ".tiff", ".psd", ".raw", ".bmp", ".heif", ".indd",
	//		".jpeg", ".svg", ".ai", ".eps", ".pdf", ".webm", ".mpg", ".mp2", ".mpeg", ".mpe",
	//		".mp4", ".m4p", ".m4v", ".avi", ".wmv", ".mov", ".qt", ".flv", ".swf", ".avchd", ".mpv", ".ogg",
	EnvFilesOrPathsToIgnore = "HORUSEC_CLI_FILES_OR_PATHS_TO_IGNORE"
	// This setting is to know if I want return exit(1) if I find any vulnerability in the analysis
	// By default is false
	// Validation: It is mandatory to be in "false", "true"
	EnvReturnErrorIfFoundVulnerability = "HORUSEC_CLI_RETURN_ERROR_IF_FOUND_VULNERABILITY"
	// This setting is to know if I want to change the analysis directory
	// and do not want to run in the current directory.
	// If this value is not passed, Horusec will ask if you want to run the analysis in the current directory.
	// If you pass it it will start the analysis in the directory informed by you without asking anything.
	// By default is CURRENT DIRECTORY
	// Validation: It is mandatory to be valid path
	EnvProjectPath = "HORUSEC_CLI_PROJECT_PATH"
	// This setting is to know in which directory I want to perform the analysis of each language.
	// As a key you must pass the name of the language and the value the directory from within your project.
	// Example:
	// Let's assume that your project is a netcore app using angular and has the following structure:
	// - NetCoreProject/
	//   - controllers/
	//   - NetCoreProject.csproj
	//   - views/
	//     - pages/
	//     - package.json
	//     - package-lock.json
	// Then your workdir would be:
	// {
	//   "netCore": "NetCoreProject",
	//   "javaScript": "NetCoreProject/views"
	// }
	// The interface is:
	// {
	//   go string
	//   netCore string
	//   ruby string
	//   python string
	//   java string
	//   kotlin string
	//   javaScript string
	//   git string
	// }
	// Validation: It is mandatory to be valid interface of workdir to proceed
	EnvWorkDirPath = "HORUSEC_CLI_WORK_DIR"
	// This setting is to setup the path to run analysis keep current path in your base.
	// By default is empty
	// Validation: if exists is required valid path
	EnvFilterPath = "HORUSEC_CLI_FILTER_PATH"
	// This setting is to know if I want enable run gitleaks tools
	// and analysis in all git history searching vulnerabilities
	// By default is false
	// Validation: It is mandatory to be in "false", "true"
	EnvEnableGitHistoryAnalysis = "HORUSEC_CLI_ENABLE_GIT_HISTORY_ANALYSIS"
	// Used to authorize the sending of unsafe requests. Its use is not recommended outside testing scenarios.
	// By default is false
	// Validation: It is mandatory to be in "false", "true"
	EnvCertInsecureSkipVerify = "HORUSEC_CLI_CERT_INSECURE_SKIP_VERIFY"
	// Used to pass the path to a certificate that will be sent on the http request to the horusec server.
	// Example: /home/certs/ca.crt
	// Validation: It must be a valid path
	EnvCertPath = "HORUSEC_CLI_CERT_PATH"
	// Used to enable or disable search with vulnerability author.
	// By default is false
	// Validation: It is mandatory to be in "false", "true"
	EnvEnableCommitAuthor = "HORUSEC_CLI_ENABLE_COMMIT_AUTHOR"
	// Used to send the repository name to the server, must be used together with the company token.
	// By default is empty
	EnvRepositoryName = "HORUSEC_CLI_REPOSITORY_NAME"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	ConfigFilePath                  string
	HorusecAPIUri                   string
	TimeoutInSecondsRequest         int64
	IsTimeout                       bool
	TimeoutInSecondsAnalysis        int64
	MonitorRetryInSeconds           int64
	RepositoryAuthorization         string
	PrintOutputType                 string
	JSONOutputFilePath              string
	TypesOfVulnerabilitiesToIgnore  string
	FilesOrPathsToIgnore            string
	ReturnErrorIfFoundVulnerability bool
	ProjectPath                     string
	WorkDir                         *workdir.WorkDir
	FilterPath                      string
	EnableGitHistoryAnalysis        bool
	CertInsecureSkipVerify          bool
	CertPath                        string
	EnableCommitAuthor              bool
	RepositoryName                  string
}

func (*Config) GetCertInsecureSkipVerify

func (c *Config) GetCertInsecureSkipVerify() bool

func (*Config) GetCertPath

func (c *Config) GetCertPath() string

func (*Config) GetEnableGitHistoryAnalysis

func (c *Config) GetEnableGitHistoryAnalysis() bool

func (*Config) GetFilesOrPathsToIgnore

func (c *Config) GetFilesOrPathsToIgnore() string

func (*Config) GetFilterPath

func (c *Config) GetFilterPath() string

func (*Config) GetHorusecAPIUri

func (c *Config) GetHorusecAPIUri() string

func (*Config) GetJSONOutputFilePath

func (c *Config) GetJSONOutputFilePath() string

func (*Config) GetMonitorRetryInSeconds

func (c *Config) GetMonitorRetryInSeconds() int64

func (*Config) GetPrintOutputType

func (c *Config) GetPrintOutputType() string

func (*Config) GetProjectPath

func (c *Config) GetProjectPath() string

func (*Config) GetRepositoryAuthorization

func (c *Config) GetRepositoryAuthorization() string

func (*Config) GetRepositoryName

func (c *Config) GetRepositoryName() string

func (*Config) GetReturnErrorIfFoundVulnerability

func (c *Config) GetReturnErrorIfFoundVulnerability() bool

func (*Config) GetTimeoutInSecondsAnalysis

func (c *Config) GetTimeoutInSecondsAnalysis() int64

func (*Config) GetTimeoutInSecondsRequest

func (c *Config) GetTimeoutInSecondsRequest() int64

func (*Config) GetTypesOfVulnerabilitiesToIgnore

func (c *Config) GetTypesOfVulnerabilitiesToIgnore() string

func (*Config) GetWorkDir

func (c *Config) GetWorkDir() *workdir.WorkDir

func (*Config) IsCommitAuthorEnable

func (c *Config) IsCommitAuthorEnable() bool

func (*Config) IsEmptyRepositoryAuthorization

func (c *Config) IsEmptyRepositoryAuthorization() bool

func (*Config) SetCertInsecureSkipVerify

func (c *Config) SetCertInsecureSkipVerify(certInsecureSkipVerify bool)

func (*Config) SetCertPath

func (c *Config) SetCertPath(certPath string)

func (*Config) SetConfigsFromEnvironments

func (c *Config) SetConfigsFromEnvironments()

nolint

func (*Config) SetConfigsFromViper

func (c *Config) SetConfigsFromViper()

nolint

func (*Config) SetEnableCommitAuthor

func (c *Config) SetEnableCommitAuthor(isEnable bool)

func (*Config) SetEnableGitHistoryAnalysis

func (c *Config) SetEnableGitHistoryAnalysis(enableGitHistoryAnalysis bool)

func (*Config) SetFilesOrPathsToIgnore

func (c *Config) SetFilesOrPathsToIgnore(filesOrPaths string)

func (*Config) SetFilterPath

func (c *Config) SetFilterPath(filterPath string)

func (*Config) SetHorusecAPIURI

func (c *Config) SetHorusecAPIURI(horusecAPIURI string)

func (*Config) SetJSONOutputFilePath

func (c *Config) SetJSONOutputFilePath(jsonOutputFilePath string)

func (*Config) SetMonitorRetryInSeconds

func (c *Config) SetMonitorRetryInSeconds(retryInterval int64)

func (*Config) SetPrintOutputType

func (c *Config) SetPrintOutputType(printOutputType string)

func (*Config) SetProjectPath

func (c *Config) SetProjectPath(projectPath string)

func (*Config) SetRepositoryAuthorization

func (c *Config) SetRepositoryAuthorization(repositoryAuthorization string)

func (*Config) SetRepositoryName

func (c *Config) SetRepositoryName(repositoryName string)

func (*Config) SetReturnErrorIfFoundVulnerability

func (c *Config) SetReturnErrorIfFoundVulnerability(returnError bool)

func (*Config) SetTimeoutInSecondsAnalysis

func (c *Config) SetTimeoutInSecondsAnalysis(timeoutInSecondsAnalysis int64)

func (*Config) SetTimeoutInSecondsRequest

func (c *Config) SetTimeoutInSecondsRequest(timeoutInSecondsRequest int64)

func (*Config) SetTypesOfVulnerabilitiesToIgnore

func (c *Config) SetTypesOfVulnerabilitiesToIgnore(typesOfVulnerabilitiesToIgnore string)

func (*Config) SetWorkDir

func (c *Config) SetWorkDir(toParse interface{})

func (*Config) ToBytes

func (c *Config) ToBytes(isMarshalIndent bool) (bytes []byte)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL