Skip to content

Commit e2d13a6

Browse files
Copilotfrjcomp
andauthored
Refactor: Add shared config/validation (#349)
* Add shared config/validation --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: frjcomp <107982661+frjcomp@users.noreply.github.com>
1 parent cd8b473 commit e2d13a6

19 files changed

Lines changed: 542 additions & 228 deletions

File tree

src/pipeleak/cmd/bitbucket/scan/scan.go

Lines changed: 25 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,26 @@ package scan
22

33
import (
44
pkgscan "github.com/CompassSecurity/pipeleak/pkg/bitbucket/scan"
5+
"github.com/CompassSecurity/pipeleak/pkg/config"
56
"github.com/rs/zerolog/log"
67
"github.com/spf13/cobra"
78
)
89

910
type BitBucketScanOptions struct {
10-
Email string
11-
AccessToken string
12-
ConfidenceFilter []string
13-
MaxScanGoRoutines int
14-
TruffleHogVerification bool
15-
MaxPipelines int
16-
Workspace string
17-
Owned bool
18-
Public bool
19-
After string
20-
Artifacts bool
21-
BitBucketURL string
22-
BitBucketCookie string
11+
config.CommonScanOptions
12+
Email string
13+
AccessToken string
14+
MaxPipelines int
15+
Workspace string
16+
Public bool
17+
After string
18+
BitBucketURL string
19+
BitBucketCookie string
2320
}
2421

25-
var options = BitBucketScanOptions{}
22+
var options = BitBucketScanOptions{
23+
CommonScanOptions: config.DefaultCommonScanOptions(),
24+
}
2625
var maxArtifactSize string
2726

2827
func NewScanCmd() *cobra.Command {
@@ -73,6 +72,18 @@ func Scan(cmd *cobra.Command, args []string) {
7372
log.Fatal().Msg("When using --token you must also provide --email")
7473
}
7574

75+
if err := config.ValidateURL(options.BitBucketURL, "BitBucket URL"); err != nil {
76+
log.Fatal().Err(err).Msg("Invalid BitBucket URL")
77+
}
78+
if options.AccessToken != "" {
79+
if err := config.ValidateToken(options.AccessToken, "BitBucket API Token"); err != nil {
80+
log.Fatal().Err(err).Msg("Invalid BitBucket API Token")
81+
}
82+
}
83+
if err := config.ValidateThreadCount(options.MaxScanGoRoutines); err != nil {
84+
log.Fatal().Err(err).Msg("Invalid thread count")
85+
}
86+
7687
scanOpts, err := pkgscan.InitializeOptions(
7788
options.Email,
7889
options.AccessToken,

src/pipeleak/cmd/bitbucket/scan/scan_test.go

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ package scan
22

33
import (
44
"testing"
5+
6+
"github.com/CompassSecurity/pipeleak/pkg/config"
57
)
68

79
func TestNewScanCmd(t *testing.T) {
@@ -73,19 +75,21 @@ func TestNewScanCmd(t *testing.T) {
7375

7476
func TestBitBucketScanOptions(t *testing.T) {
7577
opts := BitBucketScanOptions{
76-
Email: "test@example.com",
77-
AccessToken: "token123",
78-
ConfidenceFilter: []string{"high", "medium"},
79-
MaxScanGoRoutines: 4,
80-
TruffleHogVerification: true,
81-
MaxPipelines: 10,
82-
Workspace: "myworkspace",
83-
Owned: true,
84-
Public: false,
85-
After: "2025-01-01T00:00:00Z",
86-
Artifacts: true,
87-
BitBucketURL: "https://api.bitbucket.org/2.0",
88-
BitBucketCookie: "cookie123",
78+
CommonScanOptions: config.CommonScanOptions{
79+
ConfidenceFilter: []string{"high", "medium"},
80+
MaxScanGoRoutines: 4,
81+
TruffleHogVerification: true,
82+
Artifacts: true,
83+
Owned: true,
84+
},
85+
Email: "test@example.com",
86+
AccessToken: "token123",
87+
MaxPipelines: 10,
88+
Workspace: "myworkspace",
89+
Public: false,
90+
After: "2025-01-01T00:00:00Z",
91+
BitBucketURL: "https://api.bitbucket.org/2.0",
92+
BitBucketCookie: "cookie123",
8993
}
9094

9195
if opts.Email != "test@example.com" {

src/pipeleak/cmd/devops/scan/scan.go

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,25 @@
11
package scan
22

33
import (
4+
"github.com/CompassSecurity/pipeleak/pkg/config"
45
pkgscan "github.com/CompassSecurity/pipeleak/pkg/devops/scan"
56
"github.com/rs/zerolog/log"
67
"github.com/spf13/cobra"
78
)
89

910
type DevOpsScanOptions struct {
10-
Username string
11-
AccessToken string
12-
ConfidenceFilter []string
13-
MaxScanGoRoutines int
14-
TruffleHogVerification bool
15-
MaxBuilds int
16-
Organization string
17-
Project string
18-
Artifacts bool
19-
DevOpsURL string
11+
config.CommonScanOptions
12+
Username string
13+
AccessToken string
14+
MaxBuilds int
15+
Organization string
16+
Project string
17+
DevOpsURL string
2018
}
2119

22-
var options = DevOpsScanOptions{}
20+
var options = DevOpsScanOptions{
21+
CommonScanOptions: config.DefaultCommonScanOptions(),
22+
}
2323
var maxArtifactSize string
2424

2525
func NewScanCmd() *cobra.Command {
@@ -74,6 +74,16 @@ pipeleak ad scan --token xxxxxxxxxxx --username auser --artifacts --organization
7474
}
7575

7676
func Scan(cmd *cobra.Command, args []string) {
77+
if err := config.ValidateURL(options.DevOpsURL, "Azure DevOps URL"); err != nil {
78+
log.Fatal().Err(err).Msg("Invalid Azure DevOps URL")
79+
}
80+
if err := config.ValidateToken(options.AccessToken, "Azure DevOps Access Token"); err != nil {
81+
log.Fatal().Err(err).Msg("Invalid Azure DevOps Access Token")
82+
}
83+
if err := config.ValidateThreadCount(options.MaxScanGoRoutines); err != nil {
84+
log.Fatal().Err(err).Msg("Invalid thread count")
85+
}
86+
7787
scanOpts, err := pkgscan.InitializeOptions(
7888
options.Username,
7989
options.AccessToken,

src/pipeleak/cmd/gitea/scan/scan.go

Lines changed: 22 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,26 @@
11
package scan
22

33
import (
4+
"github.com/CompassSecurity/pipeleak/pkg/config"
45
giteascan "github.com/CompassSecurity/pipeleak/pkg/gitea/scan"
56
"github.com/rs/zerolog/log"
67
"github.com/spf13/cobra"
78
)
89

910
type GiteaScanOptions struct {
10-
Token string
11-
GiteaURL string
12-
Artifacts bool
13-
ConfidenceFilter []string
14-
MaxScanGoRoutines int
15-
TruffleHogVerification bool
16-
Owned bool
17-
Organization string
18-
Repository string
19-
Cookie string
20-
RunsLimit int
21-
StartRunID int64
11+
config.CommonScanOptions
12+
Token string
13+
GiteaURL string
14+
Organization string
15+
Repository string
16+
Cookie string
17+
RunsLimit int
18+
StartRunID int64
2219
}
2320

24-
var scanOptions = GiteaScanOptions{}
21+
var scanOptions = GiteaScanOptions{
22+
CommonScanOptions: config.DefaultCommonScanOptions(),
23+
}
2524
var maxArtifactSize string
2625

2726
func NewScanCmd() *cobra.Command {
@@ -95,6 +94,16 @@ func Scan(cmd *cobra.Command, args []string) {
9594
log.Fatal().Msg("--start-run-id can only be used with --repository flag")
9695
}
9796

97+
if err := config.ValidateURL(scanOptions.GiteaURL, "Gitea URL"); err != nil {
98+
log.Fatal().Err(err).Msg("Invalid Gitea URL")
99+
}
100+
if err := config.ValidateToken(scanOptions.Token, "Gitea Access Token"); err != nil {
101+
log.Fatal().Err(err).Msg("Invalid Gitea Access Token")
102+
}
103+
if err := config.ValidateThreadCount(scanOptions.MaxScanGoRoutines); err != nil {
104+
log.Fatal().Err(err).Msg("Invalid thread count")
105+
}
106+
98107
scanOpts, err := giteascan.InitializeOptions(
99108
scanOptions.Token,
100109
scanOptions.GiteaURL,

src/pipeleak/cmd/github/scan/scan.go

Lines changed: 23 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package scan
22

33
import (
4+
"github.com/CompassSecurity/pipeleak/pkg/config"
45
pkgscan "github.com/CompassSecurity/pipeleak/pkg/github/scan"
56
"github.com/CompassSecurity/pipeleak/pkg/logging"
67
"github.com/rs/zerolog"
@@ -9,22 +10,20 @@ import (
910
)
1011

1112
type GitHubScanOptions struct {
12-
AccessToken string
13-
ConfidenceFilter []string
14-
MaxScanGoRoutines int
15-
TruffleHogVerification bool
16-
MaxWorkflows int
17-
Organization string
18-
Owned bool
19-
User string
20-
Public bool
21-
SearchQuery string
22-
Artifacts bool
23-
GitHubURL string
24-
Repo string
13+
config.CommonScanOptions
14+
AccessToken string
15+
MaxWorkflows int
16+
Organization string
17+
User string
18+
Public bool
19+
SearchQuery string
20+
GitHubURL string
21+
Repo string
2522
}
2623

27-
var options = GitHubScanOptions{}
24+
var options = GitHubScanOptions{
25+
CommonScanOptions: config.DefaultCommonScanOptions(),
26+
}
2827
var maxArtifactSize string
2928

3029
func NewScanCmd() *cobra.Command {
@@ -78,6 +77,16 @@ pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --repo owner/repo
7877
}
7978

8079
func Scan(cmd *cobra.Command, args []string) {
80+
if err := config.ValidateURL(options.GitHubURL, "GitHub URL"); err != nil {
81+
log.Fatal().Err(err).Msg("Invalid GitHub URL")
82+
}
83+
if err := config.ValidateToken(options.AccessToken, "GitHub Access Token"); err != nil {
84+
log.Fatal().Err(err).Msg("Invalid GitHub Access Token")
85+
}
86+
if err := config.ValidateThreadCount(options.MaxScanGoRoutines); err != nil {
87+
log.Fatal().Err(err).Msg("Invalid thread count")
88+
}
89+
8190
scanOpts, err := pkgscan.InitializeOptions(
8291
options.AccessToken,
8392
options.GitHubURL,

src/pipeleak/cmd/github/scan/scan_cmd_test.go

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package scan
33
import (
44
"testing"
55

6+
"github.com/CompassSecurity/pipeleak/pkg/config"
67
pkggithub "github.com/CompassSecurity/pipeleak/pkg/github/scan"
78
)
89

@@ -72,18 +73,20 @@ func TestNewScanCmd(t *testing.T) {
7273

7374
func TestGitHubScanOptions(t *testing.T) {
7475
opts := GitHubScanOptions{
75-
AccessToken: "ghp_test123",
76-
ConfidenceFilter: []string{"high", "verified"},
77-
MaxScanGoRoutines: 8,
78-
TruffleHogVerification: true,
79-
MaxWorkflows: 20,
80-
Organization: "apache",
81-
Owned: false,
82-
User: "testuser",
83-
Public: true,
84-
SearchQuery: "security",
85-
Artifacts: true,
86-
GitHubURL: "https://api.github.com",
76+
CommonScanOptions: config.CommonScanOptions{
77+
ConfidenceFilter: []string{"high", "verified"},
78+
MaxScanGoRoutines: 8,
79+
TruffleHogVerification: true,
80+
Artifacts: true,
81+
Owned: false,
82+
},
83+
AccessToken: "ghp_test123",
84+
MaxWorkflows: 20,
85+
Organization: "apache",
86+
User: "testuser",
87+
Public: true,
88+
SearchQuery: "security",
89+
GitHubURL: "https://api.github.com",
8790
}
8891

8992
if opts.AccessToken != "ghp_test123" {

src/pipeleak/cmd/gitlab/scan/scan.go

Lines changed: 24 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package scan
22

33
import (
4+
"github.com/CompassSecurity/pipeleak/pkg/config"
45
"github.com/CompassSecurity/pipeleak/pkg/gitlab/scan"
56
"github.com/CompassSecurity/pipeleak/pkg/logging"
67
"github.com/rs/zerolog"
@@ -9,23 +10,21 @@ import (
910
)
1011

1112
type ScanOptions struct {
12-
GitlabUrl string
13-
GitlabApiToken string
14-
GitlabCookie string
15-
ProjectSearchQuery string
16-
Artifacts bool
17-
Owned bool
18-
Member bool
19-
Repository string
20-
Namespace string
21-
JobLimit int
22-
ConfidenceFilter []string
23-
MaxScanGoRoutines int
24-
QueueFolder string
25-
TruffleHogVerification bool
13+
config.CommonScanOptions
14+
GitlabUrl string
15+
GitlabApiToken string
16+
GitlabCookie string
17+
ProjectSearchQuery string
18+
Member bool
19+
Repository string
20+
Namespace string
21+
JobLimit int
22+
QueueFolder string
2623
}
2724

28-
var options = ScanOptions{}
25+
var options = ScanOptions{
26+
CommonScanOptions: config.DefaultCommonScanOptions(),
27+
}
2928
var maxArtifactSize string
3029

3130
func NewScanCmd() *cobra.Command {
@@ -98,6 +97,16 @@ pipeleak gl scan --token glpat-xxxxxxxxxxx --gitlab https://gitlab.example.com -
9897
}
9998

10099
func Scan(cmd *cobra.Command, args []string) {
100+
if err := config.ValidateURL(options.GitlabUrl, "GitLab URL"); err != nil {
101+
log.Fatal().Err(err).Msg("Invalid GitLab URL")
102+
}
103+
if err := config.ValidateToken(options.GitlabApiToken, "GitLab API Token"); err != nil {
104+
log.Fatal().Err(err).Msg("Invalid GitLab API Token")
105+
}
106+
if err := config.ValidateThreadCount(options.MaxScanGoRoutines); err != nil {
107+
log.Fatal().Err(err).Msg("Invalid thread count")
108+
}
109+
101110
scanOpts, err := scan.InitializeOptions(
102111
options.GitlabUrl,
103112
options.GitlabApiToken,

0 commit comments

Comments
 (0)