Documentation ¶
Overview ¶
nolint
Index ¶
- Constants
- type Config
- func (c *Config) GetCertInsecureSkipVerify() bool
- func (c *Config) GetCertPath() string
- func (c *Config) GetConfigFilePath() string
- func (c *Config) GetContainerBindProjectPath() string
- func (c *Config) GetCustomRulesPath() string
- func (c *Config) GetDefaultConfigFilePath() string
- func (c *Config) GetDisableDocker() bool
- func (c *Config) GetEnableCommitAuthor() bool
- func (c *Config) GetEnableGitHistoryAnalysis() bool
- func (c *Config) GetEnableInformationSeverity() bool
- func (c *Config) GetFalsePositiveHashes() (output []string)
- func (c *Config) GetFilesOrPathsToIgnore() []string
- func (c *Config) GetFilterPath() string
- func (c *Config) GetHeaders() (headers map[string]string)
- func (c *Config) GetHorusecAPIUri() string
- func (c *Config) GetIsTimeout() bool
- func (c *Config) GetJSONOutputFilePath() string
- func (c *Config) GetLogLevel() string
- func (c *Config) GetMonitorRetryInSeconds() int64
- func (c *Config) GetPrintOutputType() string
- func (c *Config) GetProjectPath() string
- func (c *Config) GetRepositoryAuthorization() string
- func (c *Config) GetRepositoryName() string
- func (c *Config) GetReturnErrorIfFoundVulnerability() bool
- func (c *Config) GetRiskAcceptHashes() (output []string)
- func (c *Config) GetSeveritiesToIgnore() []string
- func (c *Config) GetTimeoutInSecondsAnalysis() int64
- func (c *Config) GetTimeoutInSecondsRequest() int64
- func (c *Config) GetToolsConfig() toolsconfig.MapToolConfig
- func (c *Config) GetToolsToIgnore() (output []string)
- func (c *Config) GetVersion() string
- func (c *Config) GetWorkDir() *workdir.WorkDir
- func (c *Config) IsEmptyRepositoryAuthorization() bool
- func (c *Config) NewConfigsFromCobraAndLoadsCmdGlobalFlags(cmd *cobra.Command) IConfig
- func (c *Config) NewConfigsFromCobraAndLoadsCmdStartFlags(cmd *cobra.Command) IConfig
- func (c *Config) NewConfigsFromEnvironments() IConfig
- func (c *Config) NewConfigsFromViper() IConfig
- func (c *Config) NormalizeConfigs() IConfig
- func (c *Config) SetCertInsecureSkipVerify(certInsecureSkipVerify bool)
- func (c *Config) SetCertPath(certPath string)
- func (c *Config) SetConfigFilePath(configFilePath string)
- func (c *Config) SetContainerBindProjectPath(containerBindProjectPath string)
- func (c *Config) SetCustomRulesPath(customRulesPath string)
- func (c *Config) SetDisableDocker(disableDocker bool)
- func (c *Config) SetEnableCommitAuthor(isEnable bool)
- func (c *Config) SetEnableGitHistoryAnalysis(enableGitHistoryAnalysis bool)
- func (c *Config) SetEnableInformationSeverity(enableInformationSeverity bool)
- func (c *Config) SetFalsePositiveHashes(falsePositive []string)
- func (c *Config) SetFilesOrPathsToIgnore(filesOrPaths []string)
- func (c *Config) SetFilterPath(filterPath string)
- func (c *Config) SetHeaders(headers interface{})
- func (c *Config) SetHorusecAPIURI(horusecAPIURI string)
- func (c *Config) SetIsTimeout(isTimeout bool)
- func (c *Config) SetJSONOutputFilePath(jsonOutputFilePath string)
- func (c *Config) SetLogLevel(logLevel string)
- func (c *Config) SetMonitorRetryInSeconds(retryInterval int64)
- func (c *Config) SetPrintOutputType(printOutputType string)
- func (c *Config) SetProjectPath(projectPath string)
- func (c *Config) SetRepositoryAuthorization(repositoryAuthorization string)
- func (c *Config) SetRepositoryName(repositoryName string)
- func (c *Config) SetReturnErrorIfFoundVulnerability(returnError bool)
- func (c *Config) SetRiskAcceptHashes(riskAccept []string)
- func (c *Config) SetSeveritiesToIgnore(severitiesToIgnore []string)
- func (c *Config) SetTimeoutInSecondsAnalysis(timeoutInSecondsAnalysis int64)
- func (c *Config) SetTimeoutInSecondsRequest(timeoutInSecondsRequest int64)
- func (c *Config) SetToolsConfig(toolsConfig interface{})
- func (c *Config) SetToolsToIgnore(toolsToIgnore []string)
- func (c *Config) SetWorkDir(input interface{})
- func (c *Config) ToBytes(isMarshalIndent bool) (bytes []byte)
- func (c *Config) ToMapLowerCase() map[string]interface{}
- type IConfig
Constants ¶
View Source
const ( // This setting has the purpose of identifying where the url where the horusec-api service is hosted will be // By default is http://0.0.0.0:8000 // Validation: It is mandatory to be a valid url EnvHorusecAPIUri = "HORUSEC_CLI_HORUSEC_API_URI" // This setting will identify how long I want to wait in seconds to send the analysis object to horusec-api // By default is 300 // Validation: It is mandatory to be greater than 10 EnvTimeoutInSecondsRequest = "HORUSEC_CLI_TIMEOUT_IN_SECONDS_REQUEST" // This setting will identify how long I want to wait in seconds to carry out an analysis that includes: // acquiring a project, sending it to analysis containers and acquiring a response // By default is 600 // Validation: It is mandatory to be greater than 10 EnvTimeoutInSecondsAnalysis = "HORUSEC_CLI_TIMEOUT_IN_SECONDS_ANALYSIS" // This setting will identify how many in how many seconds // I want to check if my analysis is close to the timeout // By default is 15 // Validation: It is mandatory to be greater than 10 EnvMonitorRetryInSeconds = "HORUSEC_CLI_MONITOR_RETRY_IN_SECONDS" // This setting is to identify which repository you are analyzing from. // This repository is created within the horusec webapp // By default is 00000000-0000-0000-0000-000000000000 // Validation: If exist It is mandatory to be valid uuid EnvRepositoryAuthorization = "HORUSEC_CLI_REPOSITORY_AUTHORIZATION" // This setting is to know what type of output you want for the analysis (text, json, sonarqube) // By default is text // Validation: It is mandatory to be in text, json, sonarqube EnvPrintOutputType = "HORUSEC_CLI_PRINT_OUTPUT_TYPE" // This setting is to know in which directory you want the output of the json file // generated by the output types json or sonarqube to be located. // By default if the type is json or sonarqube o path is ./output.json // Validation: It is mandatory to be valid path EnvJSONOutputFilePath = "HORUSEC_CLI_JSON_OUTPUT_FILEPATH" // This setting is to find out what types of severity I don't want you to recognize as a vulnerability. // The types are: "LOW", "MEDIUM", "HIGH" // If you want ignore other you can add in value. Ex.: "LOW, MEDIUM, CRITICAL" // This setting is to know what types of severity // I do not want you to recognize as a vulnerability // and will not count towards the return of exit (1) if configured // Validation: It is mandatory to be in "LOW", "MEDIUM", "HIGH" EnvSeveritiesToIgnore = "HORUSEC_CLI_SEVERITIES_TO_IGNORE" // This setting is to know which files and folders I want to ignore to send for analysis // By default we ignore each other: // * Folders: "/.horusec/", "/.idea/", "/.vscode/", "/tmp/", "/bin/", "/node_modules/", "/vendor/" // * Files: ".jpg", ".png", ".gif", ".webp", ".tiff", ".psd", ".raw", ".bmp", ".heif", ".indd", // ".jpeg", ".svg", ".ai", ".eps", ".pdf", ".webm", ".mpg", ".mp2", ".mpeg", ".mpe", // ".mp4", ".m4p", ".m4v", ".avi", ".wmv", ".mov", ".qt", ".flv", ".swf", ".avchd", ".mpv", ".ogg", EnvFilesOrPathsToIgnore = "HORUSEC_CLI_FILES_OR_PATHS_TO_IGNORE" // This setting is to know if I want return exit(1) if I find any vulnerability in the analysis // By default is false // Validation: It is mandatory to be in "false", "true" EnvReturnErrorIfFoundVulnerability = "HORUSEC_CLI_RETURN_ERROR_IF_FOUND_VULNERABILITY" // This setting is to know if I want to change the analysis directory // and do not want to run in the current directory. // If this value is not passed, Horusec will ask if you want to run the analysis in the current directory. // If you pass it it will start the analysis in the directory informed by you without asking anything. // By default is CURRENT DIRECTORY // Validation: It is mandatory to be valid path EnvProjectPath = "HORUSEC_CLI_PROJECT_PATH" // This setting is to know in which directory I want to perform the analysis of each language. // As a key you must pass the name of the language and the value the directory from within your project. // Example: // Let's assume that your project is a netcore app using angular and has the following structure: // - NetCoreProject/ // - controllers/ // - NetCoreProject.csproj // - views/ // - pages/ // - package.json // - package-lock.json // Then your workdir would be: // { // "csharp": ["NetCoreProject"], // "javaScript": ["NetCoreProject/views"] // } // The interface is: // { // go []string // netCore []string DEPRECATED on 23 nov 2020 // csharp []string // ruby []string // python []string // java []string // kotlin []string // javaScript []string // leaks []string // hcl []string // php []string // c []string // yaml []string // generic []string // } // Validation: It is mandatory to be valid interface of workdir to proceed EnvWorkDir = "HORUSEC_CLI_WORK_DIR" // This setting is to setup the path to run analysis keep current path in your base. // By default is empty // Validation: if exists is required valid path EnvFilterPath = "HORUSEC_CLI_FILTER_PATH" // This setting is to know if I want enable run gitleaks tools // and analysis in all git history searching vulnerabilities // By default is false // Validation: It is mandatory to be in "false", "true" EnvEnableGitHistoryAnalysis = "HORUSEC_CLI_ENABLE_GIT_HISTORY_ANALYSIS" // Used to authorize the sending of unsafe requests. Its use is not recommended outside testing scenarios. // By default is false // Validation: It is mandatory to be in "false", "true" EnvCertInsecureSkipVerify = "HORUSEC_CLI_CERT_INSECURE_SKIP_VERIFY" // Used to pass the path to a certificate that will be sent on the http request to the horusec server. // Example: /home/certs/ca.crt // Validation: It must be a valid path EnvCertPath = "HORUSEC_CLI_CERT_PATH" // Used to enable or disable search with vulnerability author. // By default is false // Validation: It is mandatory to be in "false", "true" EnvEnableCommitAuthor = "HORUSEC_CLI_ENABLE_COMMIT_AUTHOR" // Used to send the repository name to the server, must be used together with the company token. // By default is empty EnvRepositoryName = "HORUSEC_CLI_REPOSITORY_NAME" // Used to skip vulnerability of type false positive // By default is empty EnvFalsePositiveHashes = "HORUSEC_CLI_FALSE_POSITIVE_HASHES" // Used to skip vulnerability of type risk accept // By default is empty EnvRiskAcceptHashes = "HORUSEC_CLI_RISK_ACCEPT_HASHES" // DEPRECATED on 16 dec 2020 EnvToolsToIgnore = "HORUSEC_CLI_TOOLS_TO_IGNORE" // Used to set configurations of tools // By default is setup: // { // // } EnvToolsConfig = "HORUSEC_CLI_TOOLS_CONFIG" // Used send others headers on request to send in horusec-api // By default is empty EnvHeaders = "HORUSEC_CLI_HEADERS" // Used to pass project path in host when running horusec cli inside a container // By default is empty EnvContainerBindProjectPath = "HORUSEC_CLI_CONTAINER_BIND_PROJECT_PATH" // Used to run horusec without docker if enabled it will only run the following tools: horusec-csharp, horusec-kotlin, horusec-kubernetes, horusec-leaks, horusec-nodejs. // By default is false // Validation: It is mandatory to be in "false", "true" EnvDisableDocker = "HORUSEC_CLI_DISABLE_DOCKER" // Used to pass the path to the horusec custom rules file. Example: -c="./horusec/horusec-custom-rules.json". // By default is empty // Validation: It is mandatory to be a valida path and contains file name EnvCustomRulesPath = "HORUSEC_CLI_CUSTOM_RULES_PATH" // Used to enable or disable information severity vulnerabilities, information vulnerabilities can contain a lot of false positives. // By default is false // Validation: It is mandatory to be in "false", "true" EnvEnableInformationSeverity = "HORUSEC_CLI_ENABLE_INFORMATION_SEVERITY" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// contains filtered or unexported fields
}
func (*Config) GetCertInsecureSkipVerify ¶
func (*Config) GetCertPath ¶
func (*Config) GetConfigFilePath ¶ added in v1.4.2
func (*Config) GetContainerBindProjectPath ¶ added in v1.4.1
func (*Config) GetCustomRulesPath ¶ added in v1.5.0
func (*Config) GetDefaultConfigFilePath ¶ added in v1.4.2
func (*Config) GetDisableDocker ¶ added in v1.5.0
func (*Config) GetEnableCommitAuthor ¶ added in v1.4.2
func (*Config) GetEnableGitHistoryAnalysis ¶
func (*Config) GetEnableInformationSeverity ¶ added in v1.5.0
func (*Config) GetFalsePositiveHashes ¶ added in v1.1.0
func (*Config) GetFilesOrPathsToIgnore ¶
func (*Config) GetFilterPath ¶
func (*Config) GetHeaders ¶ added in v1.4.0
func (*Config) GetHorusecAPIUri ¶
func (*Config) GetIsTimeout ¶ added in v1.4.2
func (*Config) GetJSONOutputFilePath ¶
func (*Config) GetLogLevel ¶ added in v1.4.2
func (*Config) GetMonitorRetryInSeconds ¶
func (*Config) GetPrintOutputType ¶
func (*Config) GetProjectPath ¶
func (*Config) GetRepositoryAuthorization ¶
func (*Config) GetRepositoryName ¶
func (*Config) GetReturnErrorIfFoundVulnerability ¶
func (*Config) GetRiskAcceptHashes ¶ added in v1.1.0
func (*Config) GetSeveritiesToIgnore ¶ added in v1.4.2
func (*Config) GetTimeoutInSecondsAnalysis ¶
func (*Config) GetTimeoutInSecondsRequest ¶
func (*Config) GetToolsConfig ¶ added in v1.4.2
func (c *Config) GetToolsConfig() toolsconfig.MapToolConfig
func (*Config) GetToolsToIgnore ¶ added in v1.3.0
func (*Config) GetVersion ¶ added in v1.8.0
func (*Config) GetWorkDir ¶
func (*Config) IsEmptyRepositoryAuthorization ¶
func (*Config) NewConfigsFromCobraAndLoadsCmdGlobalFlags ¶ added in v1.4.2
func (*Config) NewConfigsFromCobraAndLoadsCmdStartFlags ¶ added in v1.4.2
nolint
func (*Config) NewConfigsFromEnvironments ¶ added in v1.4.2
nolint
func (*Config) NewConfigsFromViper ¶ added in v1.4.2
nolint
func (*Config) NormalizeConfigs ¶ added in v1.4.2
func (*Config) SetCertInsecureSkipVerify ¶
func (*Config) SetCertPath ¶
func (*Config) SetConfigFilePath ¶ added in v1.4.2
func (*Config) SetContainerBindProjectPath ¶ added in v1.4.1
func (*Config) SetCustomRulesPath ¶ added in v1.5.0
func (*Config) SetDisableDocker ¶ added in v1.5.0
func (*Config) SetEnableCommitAuthor ¶
func (*Config) SetEnableGitHistoryAnalysis ¶
func (*Config) SetEnableInformationSeverity ¶ added in v1.5.0
func (*Config) SetFalsePositiveHashes ¶ added in v1.1.0
func (*Config) SetFilesOrPathsToIgnore ¶
func (*Config) SetFilterPath ¶
func (*Config) SetHeaders ¶ added in v1.4.0
func (c *Config) SetHeaders(headers interface{})
func (*Config) SetHorusecAPIURI ¶
func (*Config) SetIsTimeout ¶ added in v1.4.2
func (*Config) SetJSONOutputFilePath ¶
func (*Config) SetLogLevel ¶ added in v1.4.2
func (*Config) SetMonitorRetryInSeconds ¶
func (*Config) SetPrintOutputType ¶
func (*Config) SetProjectPath ¶
func (*Config) SetRepositoryAuthorization ¶
func (*Config) SetRepositoryName ¶
func (*Config) SetReturnErrorIfFoundVulnerability ¶
func (*Config) SetRiskAcceptHashes ¶ added in v1.1.0
func (*Config) SetSeveritiesToIgnore ¶ added in v1.4.2
func (*Config) SetTimeoutInSecondsAnalysis ¶
func (*Config) SetTimeoutInSecondsRequest ¶
func (*Config) SetToolsConfig ¶ added in v1.4.2
func (c *Config) SetToolsConfig(toolsConfig interface{})
func (*Config) SetToolsToIgnore ¶ added in v1.3.0
func (*Config) SetWorkDir ¶
func (c *Config) SetWorkDir(input interface{})
func (*Config) ToMapLowerCase ¶ added in v1.6.2
nolint:funlen is necessary to return complety map
type IConfig ¶ added in v1.4.2
type IConfig interface { NewConfigsFromCobraAndLoadsCmdGlobalFlags(cmd *cobra.Command) IConfig NewConfigsFromCobraAndLoadsCmdStartFlags(cmd *cobra.Command) IConfig NewConfigsFromViper() IConfig NewConfigsFromEnvironments() IConfig GetVersion() string GetDefaultConfigFilePath() string GetConfigFilePath() string SetConfigFilePath(configFilePath string) GetLogLevel() string SetLogLevel(logLevel string) GetHorusecAPIUri() string SetHorusecAPIURI(horusecAPIURI string) GetTimeoutInSecondsRequest() int64 SetTimeoutInSecondsRequest(timeoutInSecondsRequest int64) GetTimeoutInSecondsAnalysis() int64 SetTimeoutInSecondsAnalysis(timeoutInSecondsAnalysis int64) GetMonitorRetryInSeconds() int64 SetMonitorRetryInSeconds(retryInterval int64) GetRepositoryAuthorization() string SetRepositoryAuthorization(repositoryAuthorization string) GetPrintOutputType() string SetPrintOutputType(printOutputType string) GetJSONOutputFilePath() string SetJSONOutputFilePath(jsonOutputFilePath string) GetSeveritiesToIgnore() []string SetSeveritiesToIgnore(severitiesToIgnore []string) GetFilesOrPathsToIgnore() []string SetFilesOrPathsToIgnore(filesOrPaths []string) GetReturnErrorIfFoundVulnerability() bool SetReturnErrorIfFoundVulnerability(returnError bool) GetProjectPath() string SetProjectPath(projectPath string) GetFilterPath() string SetFilterPath(filterPath string) GetWorkDir() *workdir.WorkDir SetWorkDir(toParse interface{}) GetEnableGitHistoryAnalysis() bool SetEnableGitHistoryAnalysis(enableGitHistoryAnalysis bool) GetCertInsecureSkipVerify() bool SetCertInsecureSkipVerify(certInsecureSkipVerify bool) GetCertPath() string SetCertPath(certPath string) GetEnableCommitAuthor() bool SetEnableCommitAuthor(isEnable bool) GetRepositoryName() string SetRepositoryName(repositoryName string) GetRiskAcceptHashes() (output []string) SetRiskAcceptHashes(riskAccept []string) GetFalsePositiveHashes() (output []string) SetFalsePositiveHashes(falsePositive []string) GetToolsToIgnore() (output []string) SetToolsToIgnore(toolsToIgnore []string) GetHeaders() (headers map[string]string) SetHeaders(headers interface{}) GetContainerBindProjectPath() string SetContainerBindProjectPath(containerBindProjectPath string) GetIsTimeout() bool SetIsTimeout(isTimeout bool) GetToolsConfig() toolsconfig.MapToolConfig SetToolsConfig(toolsConfig interface{}) GetDisableDocker() bool SetDisableDocker(disableDocker bool) GetEnableInformationSeverity() bool SetEnableInformationSeverity(enableInformationSeverity bool) GetCustomRulesPath() string SetCustomRulesPath(customRulesPath string) IsEmptyRepositoryAuthorization() bool ToBytes(isMarshalIndent bool) (bytes []byte) ToMapLowerCase() map[string]interface{} NormalizeConfigs() IConfig }
Click to show internal directories.
Click to hide internal directories.