()
| 148 | } |
| 149 | |
| 150 | func NewRootCommand() *cobra.Command { |
| 151 | rootCmd := &cobra.Command{ |
| 152 | Use: fmt.Sprintf( |
| 153 | "github-analyzer (%s)", |
| 154 | strings.TrimSuffix(getVersion(), "\n"), |
| 155 | ), |
| 156 | Short: "A tool to collect statistics and highlight potential security issues within a GitHub org", |
| 157 | Long: "A tool to collect statistics and highlight potential security issues within a GitHub org", |
| 158 | PersistentPreRunE: func(cmd *cobra.Command, args []string) error { |
| 159 | // You can bind cobra and viper in a few locations, but PersistencePreRunE on the root command works well |
| 160 | return initializeConfig(cmd) |
| 161 | }, |
| 162 | PreRun: func(cmd *cobra.Command, args []string) { |
| 163 | onlyPrintVersion, _ := cmd.Flags().GetBool("version") |
| 164 | if onlyPrintVersion { |
| 165 | fmt.Println(getVersion()) |
| 166 | os.Exit(0) |
| 167 | } |
| 168 | cmd.MarkFlagRequired("organization") |
| 169 | }, |
| 170 | Run: func(cmd *cobra.Command, args []string) { |
| 171 | runCmd() |
| 172 | }, |
| 173 | } |
| 174 | // TODO allow auditing a repo/user account only |
| 175 | rootCmd.Flags(). |
| 176 | StringVarP(&config.ViperEnv.Organization, "organization", "", "", "the GitHub organization to be analyzed") |
| 177 | |
| 178 | rootCmd.Flags(). |
| 179 | StringVarP(&config.ViperEnv.CfgFile, "config", "c", "", "config file (default is $HOME/.github-analyzer.yaml)") |
| 180 | rootCmd.Flags(). |
| 181 | StringVarP(&config.ViperEnv.OutputDir, "output", "o", "output", "the directory containing the artifacts of the analysis") |
| 182 | rootCmd.Flags(). |
| 183 | StringVarP(&config.ViperEnv.ScmURL, "scmUrl", "", "", "the API URL for the source control management software you want to check") |
| 184 | rootCmd.Flags(). |
| 185 | StringVarP(&config.ViperEnv.Token, "token", "", "", fmt.Sprintf("the github token for API authentication (default is $%s_TOKEN)", config.ViperEnvPrefix)) |
| 186 | |
| 187 | rootCmd.Flags(). |
| 188 | BoolVarP(&config.ViperEnv.Version, "version", "", false, "print version and exit") |
| 189 | rootCmd.Flags(). |
| 190 | BoolVarP(&config.ViperEnv.UserPermissionStats, "userPermissionStats", "", false, "enable user permission statistics (might be slow in large orgs due to throttling limits)") |
| 191 | |
| 192 | rootCmd.Flags(). |
| 193 | BoolVarP(&config.ViperEnv.EnableScraping, "enableScraping", "", false, "enable experimental checks that rely on screen scraping") |
| 194 | rootCmd.Flags(). |
| 195 | StringVarP(&config.ViperEnv.Username, "username", "u", "", fmt.Sprintf("username (required if enableScraping is set) (default is $%s_USERNAME)", config.ViperEnvPrefix)) |
| 196 | rootCmd.Flags(). |
| 197 | StringVarP(&config.ViperEnv.Password, "password", "p", "", fmt.Sprintf("password (required if enableScraping is set) (default is $%s_PASSWORD)", config.ViperEnvPrefix)) |
| 198 | rootCmd.Flags(). |
| 199 | StringVarP(&config.ViperEnv.OtpSeed, "otpSeed", "", "", fmt.Sprintf("one Time Password (required if enableScraping is set) (default is $%s_OTP_SEED)", config.ViperEnvPrefix)) |
| 200 | |
| 201 | rootCmd.Flags(). |
| 202 | IntVarP(&config.ViperEnv.Port, "port", "", 3000, "port for local http server used to display HTML with summary of findings (if you are using docker you will need to override the default port appropriately)") |
| 203 | rootCmd.Flags(). |
| 204 | BoolVarP(&config.ViperEnv.DisableServer, "disableServer", "", false, "do not spin up an HTTP server, and only emit data in the designated output folder") |
| 205 | return rootCmd |
| 206 | } |
| 207 |
no test coverage detected