cmd

package
v0.26.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2022 License: Apache-2.0 Imports: 65 Imported by: 0

Documentation

Overview

Author:: Salim Afiune Maya (<afiune@lacework.net>) Copyright:: Copyright 2020, Lacework Inc. License:: Apache License, Version 2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	// DisableTelemetry is an environment variable that can be used to
	// disable telemetry sent to Honeycomb
	DisableTelemetry = "LW_TELEMETRY_DISABLE"

	// HomebrewInstall is an environment variable that denotes the
	// install method was via homebrew package manager
	HomebrewInstall = "LW_HOMEBREW_INSTALL"
)
View Source 
const (
	AzureCloudEnv = "POWERSHELL_DISTRIBUTION_CHANNEL"
)

Env variables found in GCP, AWS and Azure cloudshell. Used to determine if cli is running on cloudshell.

View Source 
const ConfigBackupDir = "cfg_backups"

The name of the directory we will store backups of configuration files before migrating them

View Source 
const MaxCacheSize = 1024 * 1024 * 1024

Variables

View Source 
var (
	QuestionRunTfPlan        = "Run Terraform plan now?"
	QuestionUsePreviousCache = "Previous IaC generation detected, load cached values?"
)
View Source 
var (
	// Define question text here so they can be reused in testing
	QuestionAwsEnableConfig             = "Enable Config Integration?"
	QuestionEnableCloudtrail            = "Enable Cloudtrail Integration?"
	QuestionAwsRegion                   = "Specify the AWS region to be used by Cloudtrail, SNS, and S3:"
	QuestionConsolidatedCloudtrail      = "Use consolidated Cloudtrail?"
	QuestionUseExistingCloudtrail       = "Use an existing Cloudtrail?"
	QuestionCloudtrailExistingBucketArn = "Specify an existing bucket ARN used for Cloudtrail logs:"
	QuestionForceDestroyS3Bucket        = "Should the new S3 bucket have force destroy enabled?"
	QuestionExistingIamRoleName         = "Specify an existing IAM role name for Cloudtrail access:"
	QuestionExistingIamRoleArn          = "Specify an existing IAM role ARN for Cloudtrail access:"
	QuestionExistingIamRoleExtID        = "Specify the external ID to be used with the existing IAM role:"
	QuestionPrimaryAwsAccountProfile    = "Before adding subaccounts, your primary AWS account profile name must be set; which profile should the main account use?"
	QuestionSubAccountProfileName       = "Supply the profile name for this additional AWS account:"
	QuestionSubAccountRegion            = "What region should be used for this account?"
	QuestionSubAccountAddMore           = "Add another AWS account?"
	QuestionSubAccountReplace           = "Currently configured AWS subaccounts: %s, replace?"
	QuestionAwsConfigAdvanced           = "Configure advanced integration options?"
	QuestionAwsAnotherAdvancedOpt       = "Configure another advanced integration option"
	QuestionAwsCustomizeOutputLocation  = "Provide the location for the output to be written:"

	// select options
	AwsAdvancedOptDone     = "Done"
	AdvancedOptCloudTrail  = "Additional Cloudtrail options"
	AdvancedOptIamRole     = "Configure Lacework integration with an existing IAM role"
	AdvancedOptAwsAccounts = "Add additional AWS Accounts to Lacework"
	AwsAdvancedOptLocation = "Customize output location"

	// AwsArnRegex original source: https://regex101.com/r/pOfxYN/1
	AwsArnRegex = `` /* 154-byte string literal not displayed */
	// AwsRegionRegex regex used for validating region input; note intentionally does not match gov cloud
	AwsRegionRegex  = `(us|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\d`
	AwsProfileRegex = `([A-Za-z_0-9-]+)`

	GenerateAwsCommandState      = &aws.GenerateAwsTfConfigurationArgs{}
	GenerateAwsExistingRoleState = &aws.ExistingIamRoleDetails{}
	GenerateAwsCommandExtraState = &AwsGenerateCommandExtraState{}
	ValidateSubAccountFlagRegex  = fmt.Sprintf(`%s:%s`, AwsProfileRegex, AwsRegionRegex)
	CachedAwsAssetIacParams      = "iac-aws-generate-params"
	CachedAssetAwsExtraState     = "iac-aws-extra-state"
)
View Source 
var (
	// HoneyApiKey is a variable that is injected at build time via
	// the cross-platform directive inside the Makefile, this key is
	// used to send events to Honeycomb so that we can understand how
	// our customers use the Lacework CLI
	HoneyApiKey = "unknown"

	// HoneyDataset is the dataset in Honeycomb that we send tracing
	// data this variable will be set depending on the environment we
	// are running on. During development, we send all events and
	// tracing data to a default dataset.
	HoneyDataset = "lacework-cli-dev"
)
View Source 
var (
	// All the following "unknown" variables are being injected at
	// build time via the cross-platform directive inside the Makefile
	//
	// Version is the semver coming from the VERSION file
	Version = "unknown"

	// GitSHA is the git ref that the cli was built from
	GitSHA = "unknown"

	// BuildTime is a human-readable time when the cli was built at
	BuildTime = "unknown"

	// The name of the version cache file needed for daily version checks
	VersionCacheFile = "version_cache"
)
View Source 
var (
	RecommendationIDRegex = "^[A-Z]+[A-Z_]*[0-9]*"
)
View Source 
var SupportedPackageManagers = []string{"dpkg-query", "rpm"} // @afiune can we support yum and apk?

Functions

func CacheTransform added in v0.10.0 

func CacheTransform(key string) *diskv.PathKey

func DisplayTerraformPlanChanges added in v0.23.0 

func DisplayTerraformPlanChanges(tf *tfexec.Terraform, data TfPlanChangesSummary) (bool, error)

used to display the results of a plan

returns true if apply should run, false to exit

func Execute 

func Execute() (err error)

Execute adds all child commands to the root command and sets flags appropriately. This is called by main.main(). It only needs to happen once to the rootCmd.

func GenerateMarkdownDocs added in v0.2.4 

func GenerateMarkdownDocs(location string) error

func InverseCacheTransform added in v0.10.0 

func InverseCacheTransform(pathKey *diskv.PathKey) string

func IsDefault added in v0.15.0 

func IsDefault(isDefault int) string

func LocateOrInstallTerraform added in v0.23.0 

func LocateOrInstallTerraform(forceInstall bool, workingDir string) (*tfexec.Terraform, error)

Determine if terraform is installed, if that version is new enough, and if not install a new ephemeral binary of the correct version into tmp location

forceInstall: if set always install ephemeral binary

func NewDefaultState added in v0.1.3 

func NewDefaultState() *cliState

NewDefaultState creates a new cliState with some defaults

func NewVulnerabilityPolicyError added in v0.4.0 

func NewVulnerabilityPolicyError(
	assessment api.VulnerabilityAssessment,
	failOnSeverity string, failOnFixable bool,
) *vulnerabilityPolicyError

func SurveyMultipleQuestionWithValidation added in v0.23.0 

func SurveyMultipleQuestionWithValidation(questions []SurveyQuestionWithValidationArgs, checks ...bool) error

SurveyMultipleQuestionWithValidation Prompt for many values at once

checks: If supplied check(s) are true, questions will be asked

func SurveyQuestionInteractiveOnly added in v0.23.0 

func SurveyQuestionInteractiveOnly(question SurveyQuestionWithValidationArgs) error

SurveyQuestionInteractiveOnly Prompt use for question, only if the CLI is in interactive mode

func TerraformExecApply added in v0.23.0 

func TerraformExecApply(tf *tfexec.Terraform) error

Run terraform apply using the workingDir from *tfexec.Terraform

- Run plan - Get plan file details (returned)

func TerraformExecutePreRunCheck added in v0.23.0 

func TerraformExecutePreRunCheck(outputLocation string) (bool, error)

func TerraformInit added in v0.23.0 

func TerraformInit(tf *tfexec.Terraform) error

func TerraformPlanAndExecute added in v0.23.0 

func TerraformPlanAndExecute(workingDir string) error

Execute a terraform plan & execute

Types

type AwsGenerateCommandExtraState added in v0.23.0 

type AwsGenerateCommandExtraState struct {
	Output                string
	UseExistingCloudtrail bool
	AwsSubAccounts        []string
	TerraformApply        bool
}

type CmdFilters added in v0.25.0 

type CmdFilters struct {
	Filters []string
}

Used to store the list of available filters from a CLI command

E.g. get available filters for a cobra.Command.Long

```go 

dummyCmdState = struct {
    // The available filters
    AvailableFilters CmdFilters

    // List of filters to apply
    Filters []string
	}{}

dummyCmdState := &cobra.Command{
    Long: `The available keys for this command are:

` + stringSliceToMarkdownList( 

dummyCmdState.AvailableFilters.GetFiltersFrom(
    api.MachineDetailEntity{},
 ),

)} ```

func (*CmdFilters) GetFiltersFrom added in v0.25.0 

func (f *CmdFilters) GetFiltersFrom(T interface{}) []string

type Honeyvent added in v0.2.12 

type Honeyvent struct {
	Version       string      `json:"version"`
	CfgVersion    int         `json:"config_version"`
	Os            string      `json:"os"`
	Arch          string      `json:"arch"`
	Command       string      `json:"command,omitempty"`
	Args          []string    `json:"args,omitempty"`
	Flags         []string    `json:"flags,omitempty"`
	Account       string      `json:"account,omitempty"`
	Subaccount    string      `json:"subaccount,omitempty"`
	Profile       string      `json:"profile,omitempty"`
	ApiKey        string      `json:"api_key,omitempty"`
	Feature       string      `json:"feature,omitempty"`
	FeatureData   interface{} `json:"feature.data,omitempty"`
	DurationMs    int64       `json:"duration_ms,omitempty"`
	Error         string      `json:"error,omitempty"`
	InstallMethod string      `json:"install_method,omitempty"`

	// tracing data for multiple events, this is useful for specific features
	// within the Lacework CLI such as daily version check, polling mechanism, etc.
	TraceID  string `json:"trace.trace_id,omitempty"`
	SpanID   string `json:"trace.span_id,omitempty"`
	ParentID string `json:"trace.parent_id,omitempty"`
}

Honeyvent defines what a Honeycomb event looks like for the Lacework CLI

func (*Honeyvent) AddFeatureField added in v0.2.13 

func (e *Honeyvent) AddFeatureField(key string, value interface{})

type OS added in v0.2.3 

type OS struct {
	Name    string
	Version string
}

type SurveyQuestionWithValidationArgs added in v0.23.0 

type SurveyQuestionWithValidationArgs struct {
	Prompt survey.Prompt
	// Supplied checks can be used to validate IF the question should be asked
	Checks   []*bool
	Response interface{}
	Opts     []survey.AskOpt
	Required bool
}

type TfPlanChangesSummary added in v0.24.0 

type TfPlanChangesSummary struct {
	// contains filtered or unexported fields
}

func TerraformExecPlan added in v0.23.0 

func TerraformExecPlan(tf *tfexec.Terraform) (*TfPlanChangesSummary, error)

Run terraform plan using the workingDir from *tfexec.Terraform

- Run plan - Get plan file details (returned)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.