-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
69 lines (63 loc) · 2.41 KB
/
main.go
File metadata and controls
69 lines (63 loc) · 2.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package main
import (
"fmt"
"github.com/alecthomas/kong"
"github.com/califio/code-secure-analyzer"
"github.com/califio/code-secure-analyzer/git"
"semgrep/semgrep"
)
type RunCmd struct {
SemgrepRules string `help:"Semgrep rules" env:"SEMGREP_RULES" default:""`
SemgrepSeverity string `help:"Semgrep Severity" env:"SEMGREP_SEVERITY" default:""`
SemgrepExcludedPaths string `help:"Semgrep Severity" env:"SEMGREP_EXCLUDED_PATHS" default:""`
Pro bool `help:"Scan with pro engine. Require SEMGREP_APP_TOKEN variable" env:"SEMGREP_PRO" default:"false"`
Verbose bool `help:"Verbose" env:"SEMGREP_VERBOSE" default:"false"`
Output string `help:"Semgrep output" env:"SEMGREP_OUTPUT" default:"semgrep.json"`
ProjectPath string `help:"Project path" env:"PROJECT_PATH" default:"."`
}
type GitHubCmd struct {
}
func (r *GitHubCmd) Run() error {
github, _ := git.NewGitHub()
fmt.Println("ProjectID: " + github.ProjectID())
fmt.Println("ProjectName: " + github.ProjectName())
fmt.Println("ProjectURL: " + github.ProjectURL())
fmt.Println("BlobURL: " + github.BlobURL())
fmt.Println("DefaultBranch: " + github.DefaultBranch())
fmt.Println("CommitTitle: " + github.CommitTitle())
fmt.Println("CommitBranch: " + github.CommitBranch())
fmt.Println("CommitSha: " + github.CommitSha())
fmt.Println("MergeRequestID: " + github.MergeRequestID())
fmt.Println("MergeRequestTitle: " + github.MergeRequestTitle())
fmt.Println("TargetBranch: " + github.TargetBranch())
fmt.Println("SourceBranch: " + github.SourceBranch())
fmt.Println("TargetBranchSha: " + github.TargetBranchSha())
fmt.Println("CommitTag: " + github.CommitTag())
fmt.Println("JobURL: " + github.JobURL())
return nil
}
func (r *RunCmd) Run() error {
sastAnalyzer := analyzer.NewSastAnalyzer(analyzer.SastAnalyzerOption{
ProjectPath: r.ProjectPath,
Scanner: &semgrep.Scanner{
Configs: r.SemgrepRules,
Severities: r.SemgrepSeverity,
ProEngine: r.Pro,
ExcludedPaths: r.SemgrepExcludedPaths,
Verbose: r.Verbose,
Output: r.Output,
ProjectPath: r.ProjectPath,
},
})
sastAnalyzer.Run()
return nil
}
var cli struct {
Run RunCmd `cmd:"run" help:"Semgrep scan SAST"`
Github GitHubCmd `cmd:"github" help:"Debug github environment variables"`
}
func main() {
ctx := kong.Parse(&cli, kong.Name("analyzer"), kong.UsageOnError())
err := ctx.Run()
ctx.FatalIfErrorf(err)
}