Documentation ¶
Index ¶
- Constants
- Variables
- func IsRunningInCI() bool
- func LatestPublishedVersion() (string, error)
- func MustParseInt(x string) int
- func MustReadFile(path string) []byte
- func MustWalk(root string, handler func(string, os.FileInfo) error)
- func MustWriteFile(path string, data []byte)
- func NodePath(binary string) string
- func ParseTemplate(path string, out interface{}) error
- func PipPath(lib string) string
- func PublicAssetsBucket() string
- func RepoVersion() string
- func RunTask(results chan<- TaskResult, name string, task func() error)
- func RunWithCapturedOutput(cmd string, args ...string) error
- func SamDeploy(stack, path string, params ...string) error
- func SamPackage(region, templatePath, bucket string) (string, error)
- func UploadFileToS3(log *zap.SugaredLogger, path, bucket, key string) (*s3manager.UploadOutput, error)
- func WaitForTasks(log *zap.SugaredLogger, results chan TaskResult, start, end, total int) error
- type TaskResult
Constants ¶
const ( NpmDir = "node_modules" SetupDir = ".setup" )
Variables ¶
var ( PyEnv = filepath.Join(SetupDir, "venv") GoLinter = filepath.Join(SetupDir, "golangci-lint") Swagger = filepath.Join(SetupDir, "swagger") Terraform = filepath.Join(SetupDir, "terraform") PyTargets = []string{ "internal/compliance/remediation_aws", "internal/compliance/policy_engine", "internal/log_analysis/rules_engine", } )
var MaxWorkers = func() int { n := runtime.NumCPU() if IsRunningInCI() { return n } if n > 1 { return n - 1 } return 1 }()
MaxWorkers limits CPU-intensive operations depending on the environment.
Functions ¶
func IsRunningInCI ¶
func IsRunningInCI() bool
Returns true if the mage command is running inside the CI environment
func LatestPublishedVersion ¶
Find the most recent published version of Panther in S3, e.g. "1.7.1"
This provides an alternative to checking the git tags in the repo.
func MustParseInt ¶
func MustReadFile ¶
Wrapper around ioutil.ReadFile, logging errors as fatal.
func MustWriteFile ¶
Wrapper around ioutil.WriteFile, creating the parent dirs if needed and logging errors as fatal.
func ParseTemplate ¶
Parse a CloudFormation template and unmarshal into the out parameter. The caller can pass map[string]interface{} or a struct if the format is known.
Short-form functions like "!If" and "!Sub" will be replaced with "Fn::" objects.
func PublicAssetsBucket ¶
func PublicAssetsBucket() string
The name of the bucket containing published Panther releases
func RepoVersion ¶
func RepoVersion() string
Return full Panther version string, e.g. v1.10.0-master-5c2a8a76-dirty
The base version ("v1.10.0") comes from the top-level VERSION file. This is followed by the current branch name ("master"), and then the last commit on the branch ("5c2a8a76"). If there are local uncommitted changes, a "-dirty" suffix will be added.
func RunTask ¶
func RunTask(results chan<- TaskResult, name string, task func() error)
Ugly task queue hack to limit concurrent tasks
func RunWithCapturedOutput ¶
Run a command, capturing stdout and stderr unless the command errors or we're in verbose mode.
This is helpful for tools which print unwanted info to stderr even when successful or, conversely, tools which output failing tests to stdout that we want to show even in non-verbose mode.
Both outputs will be printed if the command returns an error.
Similar to sh.Run(), except sh.Run() only hides stdout in non-verbose mode.
func SamPackage ¶
Package resources in S3 and return the path to the modified CloudFormation template.
This uses "sam package" to be compatible with SAR, which is also more complete and robust than "aws cloudformation package"
The bucket name can be blank if no S3 bucket is actually needed (e.g. bootstrap stack).
func UploadFileToS3 ¶
func UploadFileToS3(log *zap.SugaredLogger, path, bucket, key string) (*s3manager.UploadOutput, error)
Upload a local file to S3.
func WaitForTasks ¶
func WaitForTasks(log *zap.SugaredLogger, results chan TaskResult, start, end, total int) error
Wait for the given number of goroutines to finish, logging results as they come in.
This can be invoked multiple times to track progress over many parallel chunks of work:
"start" is the first message number to show in the output "end" is the last message number to show in the output "total" is the total number of tasks (across all invocations)
This will consume exactly (end - start) + 1 messages in the channel.
Returns a combined error message at the end if there were any failures.
Types ¶
type TaskResult ¶
Track results when executing similar tasks in parallel