Skip to content

Commit a03b6f5

Browse files
frjcompvscode
andauthored
refactor(config): migrate commands to NewCommandSetup and remove lega… (#640)
* refactor(config): migrate commands to NewCommandSetup and remove legacy bind APIs --------- Co-authored-by: vscode <vscode@vscode.com>
1 parent 0ae3a76 commit a03b6f5

30 files changed

Lines changed: 229 additions & 367 deletions

File tree

.github/copilot-instructions.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -216,7 +216,7 @@ func CommandRun(cmd *cobra.Command, args []string) {
216216
**Migration policy (mandatory):**
217217
- When modifying an existing command, migrate that touched command to `config.NewCommandSetup`.
218218
- Do not leave mixed setup styles in the same command implementation.
219-
- `config.AutoBindFlags` is still an internal building block, but command code should use `NewCommandSetup`.
219+
- Use `config.NewCommandSetup` for command binding and validation.
220220

221221
**Key naming convention:**
222222
- Platform settings: `<platform>.<key>` (e.g., `github.url`, `gitlab.token`)
@@ -239,7 +239,7 @@ func CommandRun(cmd *cobra.Command, args []string) {
239239

240240
**DO NOT:**
241241
- Read flags directly with `cmd.Flags().GetString()` - always use config system
242-
- Use `config.BindCommandFlags` - it's deprecated
242+
- Use legacy binder APIs removed from `pkg/config`
243243
- Skip required key validation for mandatory config values
244244

245245
### Package Organization

internal/cmd/bitbucket/scan/scan.go

Lines changed: 15 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,18 @@ var options = BitBucketScanOptions{
2525
}
2626
var maxArtifactSize string
2727

28+
var flagBindings = map[string]string{
29+
"url": "bitbucket.url",
30+
"token": "bitbucket.token",
31+
"email": "bitbucket.email",
32+
"cookie": "bitbucket.cookie",
33+
"threads": "common.threads",
34+
"truffle-hog-verification": "common.trufflehog_verification",
35+
"max-artifact-size": "common.max_artifact_size",
36+
"confidence": "common.confidence_filter",
37+
"hit-timeout": "common.hit_timeout",
38+
}
39+
2840
func NewScanCmd() *cobra.Command {
2941
scanCmd := &cobra.Command{
3042
Use: "scan",
@@ -63,19 +75,9 @@ pipeleek bb scan --token ATATTxxxxxx --email auser@example.com --public --maxPip
6375
}
6476

6577
func Scan(cmd *cobra.Command, args []string) {
66-
if err := config.AutoBindFlags(cmd, map[string]string{
67-
"url": "bitbucket.url",
68-
"token": "bitbucket.token",
69-
"email": "bitbucket.email",
70-
"cookie": "bitbucket.cookie",
71-
"threads": "common.threads",
72-
"truffle-hog-verification": "common.trufflehog_verification",
73-
"max-artifact-size": "common.max_artifact_size",
74-
"confidence": "common.confidence_filter",
75-
"hit-timeout": "common.hit_timeout",
76-
}); err != nil {
77-
log.Fatal().Err(err).Msg("Failed to bind command flags to configuration keys")
78-
}
78+
config.NewCommandSetup(cmd).
79+
WithFlagBindings(flagBindings).
80+
MustBind()
7981

8082
options.BitBucketURL = config.GetString("bitbucket.url")
8183
options.AccessToken = config.GetString("bitbucket.token")

internal/cmd/circle/scan/scan_test.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -69,8 +69,8 @@ func TestCircleScanFlagBindings(t *testing.T) {
6969
t.Fatalf("Failed to set artifacts flag: %v", err)
7070
}
7171

72-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
73-
t.Fatalf("AutoBindFlags failed: %v", err)
72+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
73+
t.Fatalf("Bind failed: %v", err)
7474
}
7575

7676
if got := config.GetString("circle.scan.org"); got != "my-org" {
@@ -95,11 +95,11 @@ func TestCircleScanEnvVarBinding(t *testing.T) {
9595

9696
cmd := NewScanCmd()
9797

98-
if err := config.AutoBindFlags(cmd, map[string]string{
98+
if err := config.NewCommandSetup(cmd).WithFlagBindings(map[string]string{
9999
"org": "circle.scan.org",
100100
"artifacts": "circle.scan.artifacts",
101-
}); err != nil {
102-
t.Fatalf("AutoBindFlags failed: %v", err)
101+
}).Bind(); err != nil {
102+
t.Fatalf("Bind failed: %v", err)
103103
}
104104

105105
if got := config.GetString("circle.scan.org"); got != "env-org" {

internal/cmd/devops/scan/scan.go

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -80,14 +80,10 @@ pipeleek ad scan --token <azdo_pat> --username auser --artifacts --organization
8080
}
8181

8282
func Scan(cmd *cobra.Command, args []string) {
83-
// #nosec G101 -- "token" is a configuration key name, not a hardcoded credential
84-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
85-
log.Fatal().Err(err).Msg("Failed to bind command flags to configuration keys")
86-
}
87-
88-
if err := config.RequireConfigKeys("azure_devops.token", "azure_devops.username"); err != nil {
89-
log.Fatal().Err(err).Msg("required configuration missing")
90-
}
83+
config.NewCommandSetup(cmd).
84+
WithFlagBindings(flagBindings).
85+
RequireKeys("azure_devops.token", "azure_devops.username").
86+
MustBind()
9187

9288
options.DevOpsURL = config.GetString("azure_devops.url")
9389
options.AccessToken = config.GetString("azure_devops.token")

internal/cmd/devops/scan/scan_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -37,8 +37,8 @@ func TestDevOpsScanFlagBindings(t *testing.T) {
3737
t.Fatalf("Failed to set owned flag: %v", err)
3838
}
3939

40-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
41-
t.Fatalf("AutoBindFlags failed: %v", err)
40+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
41+
t.Fatalf("Bind failed: %v", err)
4242
}
4343

4444
if got := config.GetString("azure_devops.scan.organization"); got != "my-org" {
@@ -66,8 +66,8 @@ func TestDevOpsScanEnvVarBinding(t *testing.T) {
6666

6767
cmd := NewScanCmd()
6868

69-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
70-
t.Fatalf("AutoBindFlags failed: %v", err)
69+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
70+
t.Fatalf("Bind failed: %v", err)
7171
}
7272

7373
if got := config.GetString("azure_devops.scan.organization"); got != "env-org" {

internal/cmd/gitea/scan/scan.go

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -94,13 +94,10 @@ pipeleek gitea scan --token gitea_token_xxxxx --url https://gitea.example.com --
9494
}
9595

9696
func Scan(cmd *cobra.Command, args []string) {
97-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
98-
log.Fatal().Err(err).Msg("Failed to bind command flags to configuration keys")
99-
}
100-
101-
if err := config.RequireConfigKeys("gitea.url", "gitea.token"); err != nil {
102-
log.Fatal().Err(err).Msg("Missing required configuration")
103-
}
97+
config.NewCommandSetup(cmd).
98+
WithFlagBindings(flagBindings).
99+
RequireKeys("gitea.url", "gitea.token").
100+
MustBind()
104101

105102
giteaURL := config.GetString("gitea.url")
106103
giteaToken := config.GetString("gitea.token")

internal/cmd/gitea/scan/scan_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -72,8 +72,8 @@ func TestGiteaScanFlagBindings(t *testing.T) {
7272
t.Fatalf("Failed to set owned flag: %v", err)
7373
}
7474

75-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
76-
t.Fatalf("AutoBindFlags failed: %v", err)
75+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
76+
t.Fatalf("Bind failed: %v", err)
7777
}
7878

7979
if got := config.GetString("gitea.scan.organization"); got != "my-org" {
@@ -101,8 +101,8 @@ func TestGiteaScanEnvVarBinding(t *testing.T) {
101101

102102
cmd := NewScanCmd()
103103

104-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
105-
t.Fatalf("AutoBindFlags failed: %v", err)
104+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
105+
t.Fatalf("Bind failed: %v", err)
106106
}
107107

108108
if got := config.GetString("gitea.scan.organization"); got != "env-org" {

internal/cmd/github/scan/scan.go

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -87,13 +87,10 @@ pipeleek gh scan --token github_pat_xxxxxxxxxxx --artifacts --repo owner/repo
8787
}
8888

8989
func Scan(cmd *cobra.Command, args []string) {
90-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
91-
log.Fatal().Err(err).Msg("Failed to bind command flags to configuration keys")
92-
}
93-
94-
if err := config.RequireConfigKeys("github.token"); err != nil {
95-
log.Fatal().Err(err).Msg("Missing required configuration")
96-
}
90+
config.NewCommandSetup(cmd).
91+
WithFlagBindings(flagBindings).
92+
RequireKeys("github.token").
93+
MustBind()
9794

9895
options.GitHubURL = config.GetString("github.url")
9996
options.AccessToken = config.GetString("github.token")

internal/cmd/github/scan/scan_flag_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,8 @@ func TestGitHubScanFlagBindings(t *testing.T) {
4242
t.Fatalf("Failed to set owned flag: %v", err)
4343
}
4444

45-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
46-
t.Fatalf("AutoBindFlags failed: %v", err)
45+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
46+
t.Fatalf("Bind failed: %v", err)
4747
}
4848

4949
if got := config.GetString("github.scan.org"); got != "my-org" {
@@ -80,8 +80,8 @@ func TestGitHubScanEnvVarBinding(t *testing.T) {
8080

8181
cmd := NewScanCmd()
8282

83-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
84-
t.Fatalf("AutoBindFlags failed: %v", err)
83+
if err := config.NewCommandSetup(cmd).WithFlagBindings(flagBindings).Bind(); err != nil {
84+
t.Fatalf("Bind failed: %v", err)
8585
}
8686

8787
if got := config.GetString("github.scan.org"); got != "env-org" {

internal/cmd/gitlab/container/artipacked/artipacked.go

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@ package artipacked
33
import (
44
"github.com/CompassSecurity/pipeleek/pkg/config"
55
pkgcontainer "github.com/CompassSecurity/pipeleek/pkg/gitlab/container/artipacked"
6-
"github.com/rs/zerolog/log"
76
"github.com/spf13/cobra"
87
gitlab "gitlab.com/gitlab-org/api/client-go"
98
)
@@ -36,17 +35,14 @@ func NewArtipackedCmd() *cobra.Command {
3635
Short: "Audit for artipacked misconfiguration (secrets in container images)",
3736
Long: "Scan for dangerous container build patterns that leak secrets like COPY . /path without .dockerignore",
3837
Run: func(cmd *cobra.Command, args []string) {
39-
if err := config.AutoBindFlags(cmd, flagBindings); err != nil {
40-
log.Fatal().Err(err).Msg("Failed to bind command flags to configuration keys")
41-
}
38+
config.NewCommandSetup(cmd).
39+
WithFlagBindings(flagBindings).
40+
RequireKeys("gitlab.url", "gitlab.token").
41+
MustBind()
4242

4343
gitlabUrl := config.GetString("gitlab.url")
4444
gitlabApiToken := config.GetString("gitlab.token")
4545

46-
if err := config.RequireConfigKeys("gitlab.url", "gitlab.token"); err != nil {
47-
log.Fatal().Err(err).Msg("required configuration missing")
48-
}
49-
5046
owned = config.GetBool("gitlab.container.artipacked.owned")
5147
member = config.GetBool("gitlab.container.artipacked.member")
5248
repository = config.GetString("gitlab.container.artipacked.repo")

0 commit comments

Comments
 (0)