Skip to content

Commit

Permalink
fix: bearer-ignore-flag not loaded for scan (#1222)
Browse files Browse the repository at this point in the history
* fix: bearer-ignore-flag not loaded for scan

* docs: update docs for new scan flag

* fix: update stale snapshots

* fix: test setup

* feat: move bearer-ignore-file flag to General Flags

* docs: update command data files for updated general flags

* chore: update snapshots

* fix: test setup
  • Loading branch information
elsapet authored Aug 28, 2023
1 parent 063492b commit 911c5c1
Show file tree
Hide file tree
Showing 19 changed files with 155 additions and 116 deletions.
17 changes: 17 additions & 0 deletions docs/_data/bearer_ignore_add.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ name: ' ignore add'
synopsis: Add an ignored fingerprint
usage: ' ignore add <fingerprint> [flags]'
options:
- name: api-key
usage: Use your Bearer API Key to send the report to Bearer.
- name: author
shorthand: a
usage: Add author information to this ignored finding.
Expand All @@ -10,13 +12,28 @@ options:
usage: Load bearer.ignore file from the specified path.
- name: comment
usage: Add a comment to this ignored finding.
- name: config-file
default_value: bearer.yml
usage: Load configuration from the specified path.
- name: debug-profile
default_value: "false"
usage: Generate profiling data for debugging
- name: disable-version-check
default_value: "false"
usage: Disable Bearer version checking
- name: force
default_value: "false"
usage: Overwrite an existing ignored finding.
- name: help
shorthand: h
default_value: "false"
usage: help for add
- name: host
default_value: my.bearer.sh
usage: Specify the Host for sending the report.
- name: no-color
default_value: "false"
usage: Disable color in output
example: |-
# Add an ignored fingerprint to your bearer.ignore file
$ bearer ignore add <fingerprint> --author Mish --comment "Possible false positive"
Expand Down
14 changes: 14 additions & 0 deletions docs/_data/bearer_ignore_migrate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,19 +3,33 @@ synopsis: |
Migrate ignored fingerprints from bearer.yml to bearer.ignore
usage: ' ignore migrate [flags]'
options:
- name: api-key
usage: Use your Bearer API Key to send the report to Bearer.
- name: bearer-ignore-file
default_value: bearer.ignore
usage: Load bearer.ignore file from the specified path.
- name: config-file
default_value: bearer.yml
usage: Load configuration from the specified path.
- name: debug-profile
default_value: "false"
usage: Generate profiling data for debugging
- name: disable-version-check
default_value: "false"
usage: Disable Bearer version checking
- name: force
default_value: "false"
usage: Overwrite an existing ignored finding.
- name: help
shorthand: h
default_value: "false"
usage: help for migrate
- name: host
default_value: my.bearer.sh
usage: Specify the Host for sending the report.
- name: no-color
default_value: "false"
usage: Disable color in output
example: |-
# Migrate existing ignored (excluded) fingerprints from bearer.yml file to bearer.ignore
$ bearer ignore migrate
Expand Down
17 changes: 17 additions & 0 deletions docs/_data/bearer_ignore_remove.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,30 @@ name: ' ignore remove'
synopsis: Remove an ignored fingerprint
usage: ' ignore remove <fingerprint> [flags]'
options:
- name: api-key
usage: Use your Bearer API Key to send the report to Bearer.
- name: bearer-ignore-file
default_value: bearer.ignore
usage: Load bearer.ignore file from the specified path.
- name: config-file
default_value: bearer.yml
usage: Load configuration from the specified path.
- name: debug-profile
default_value: "false"
usage: Generate profiling data for debugging
- name: disable-version-check
default_value: "false"
usage: Disable Bearer version checking
- name: help
shorthand: h
default_value: "false"
usage: help for remove
- name: host
default_value: my.bearer.sh
usage: Specify the Host for sending the report.
- name: no-color
default_value: "false"
usage: Disable color in output
example: |-
# Remove an ignored fingerprint from your bearer.ignore file
$ bearer ignore remove <fingerprint>
Expand Down
17 changes: 17 additions & 0 deletions docs/_data/bearer_ignore_show.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,30 @@ options:
- name: all
default_value: "false"
usage: Show all ignored fingerprints.
- name: api-key
usage: Use your Bearer API Key to send the report to Bearer.
- name: bearer-ignore-file
default_value: bearer.ignore
usage: Load bearer.ignore file from the specified path.
- name: config-file
default_value: bearer.yml
usage: Load configuration from the specified path.
- name: debug-profile
default_value: "false"
usage: Generate profiling data for debugging
- name: disable-version-check
default_value: "false"
usage: Disable Bearer version checking
- name: help
shorthand: h
default_value: "false"
usage: help for show
- name: host
default_value: my.bearer.sh
usage: Specify the Host for sending the report.
- name: no-color
default_value: "false"
usage: Disable color in output
example: |-
# Show the details of an ignored fingerprint from your bearer.ignore file
$ bearer ignore show <fingerprint>
Expand Down
3 changes: 3 additions & 0 deletions docs/_data/bearer_scan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ usage: ' scan [flags] <path>'
options:
- name: api-key
usage: Use your Bearer API Key to send the report to Bearer.
- name: bearer-ignore-file
default_value: bearer.ignore
usage: Load bearer.ignore file from the specified path.
- name: config-file
default_value: bearer.yml
usage: Load configuration from the specified path.
Expand Down
7 changes: 4 additions & 3 deletions e2e/flags/.snapshots/TestMetadataFlags-help-scan
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


--
Expand Down
7 changes: 4 additions & 3 deletions e2e/flags/.snapshots/TestMetadataFlags-scan-help
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


--
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


flag error: scan flag error: invalid context argument; supported values: health
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


flag error: report flags error: invalid format argument for privacy report; supported values: json, yaml html
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


flag error: report flags error: invalid format argument for security report; supported values: json, yaml, sarif, gitlab-sast, rdjson, html
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,10 @@ Scan Flags
--skip-path strings Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql

General Flags
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output
--bearer-ignore-file string Load bearer.ignore file from the specified path. (default "bearer.ignore")
--config-file string Load configuration from the specified path. (default "bearer.yml")
--disable-version-check Disable Bearer version checking
--no-color Disable color in output


flag error: report flags error: invalid report argument; supported values: security, privacy
Expand Down
33 changes: 17 additions & 16 deletions pkg/commands/ignore.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ Examples:

func newIgnoreShowCommand() *cobra.Command {
var IgnoreShowFlags = &flag.Flags{
IgnoreFlagGroup: flag.NewIgnoreFlagGroup(),
GeneralFlagGroup: flag.NewGeneralFlagGroup(),
IgnoreShowFlagGroup: flag.NewIgnoreShowFlagGroup(),
}
cmd := &cobra.Command{
Expand All @@ -79,7 +79,7 @@ $ bearer ignore show <fingerprint>`,
return cmd.Help()
}

ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.IgnoreOptions.BearerIgnoreFile)
ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.GeneralOptions.BearerIgnoreFile, nil)
if err != nil {
cmd.Printf("Issue loading ignored fingerprints from bearer.ignore file: %s", err)
return nil
Expand All @@ -93,7 +93,7 @@ $ bearer ignore show <fingerprint>`,
if options.IgnoreShowOptions.All {
// show all fingerprints
for fingerprintId, fingerprint := range ignoredFingerprints {
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, fingerprint))
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, fingerprint, options.GeneralOptions.NoColor))
}
} else {
// show a specific fingerprint
Expand All @@ -103,7 +103,7 @@ $ bearer ignore show <fingerprint>`,
cmd.Printf("Ignored fingerprint '%s' was not found in bearer.ignore file\n", fingerprintId)
return nil
}
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, selectedIgnoredFingerprint))
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, selectedIgnoredFingerprint, options.GeneralOptions.NoColor))
}
cmd.Print("\n\n")
return nil
Expand All @@ -119,7 +119,7 @@ $ bearer ignore show <fingerprint>`,

func newIgnoreAddCommand() *cobra.Command {
var IgnoreAddFlags = &flag.Flags{
IgnoreFlagGroup: flag.NewIgnoreFlagGroup(),
GeneralFlagGroup: flag.NewGeneralFlagGroup(),
IgnoreAddFlagGroup: flag.NewIgnoreAddFlagGroup(),
}
cmd := &cobra.Command{
Expand Down Expand Up @@ -153,7 +153,7 @@ $ bearer ignore add <fingerprint> --author Mish --comment "Possible false positi
fingerprintId: fingerprintEntry,
}

ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.IgnoreOptions.BearerIgnoreFile)
ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.GeneralOptions.BearerIgnoreFile, nil)
if err != nil {
return fmt.Errorf("error retrieving existing ignores: %s", err)
}
Expand All @@ -168,12 +168,12 @@ $ bearer ignore add <fingerprint> --author Mish --comment "Possible false positi
return nil
}

if err := writeIgnoreFile(ignoredFingerprints, options.IgnoreOptions.BearerIgnoreFile); err != nil {
if err := writeIgnoreFile(ignoredFingerprints, options.GeneralOptions.BearerIgnoreFile); err != nil {
return err
}

cmd.Print("Fingerprint added to bearer.ignore:\n\n")
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, ignoredFingerprints[fingerprintId]))
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, ignoredFingerprints[fingerprintId], options.GeneralOptions.NoColor))
cmd.Print("\n\n")
return nil
},
Expand All @@ -188,7 +188,7 @@ $ bearer ignore add <fingerprint> --author Mish --comment "Possible false positi

func newIgnoreRemoveCommand() *cobra.Command {
var IgnoreRemoveFlags = &flag.Flags{
IgnoreFlagGroup: flag.NewIgnoreFlagGroup(),
GeneralFlagGroup: flag.NewGeneralFlagGroup(),
}
cmd := &cobra.Command{
Use: "remove <fingerprint>",
Expand All @@ -209,7 +209,7 @@ $ bearer ignore remove <fingerprint>`,
return fmt.Errorf("flag error: %s", err)
}

ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.IgnoreOptions.BearerIgnoreFile)
ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.GeneralOptions.BearerIgnoreFile, nil)
if err != nil {
return fmt.Errorf("error retrieving existing ignores: %s", err)
}
Expand All @@ -226,12 +226,12 @@ $ bearer ignore remove <fingerprint>`,
}

delete(ignoredFingerprints, fingerprintId)
if err := writeIgnoreFile(ignoredFingerprints, options.IgnoreOptions.BearerIgnoreFile); err != nil {
if err := writeIgnoreFile(ignoredFingerprints, options.GeneralOptions.BearerIgnoreFile); err != nil {
return err
}

cmd.Print("Fingerprint successfully removed from bearer.ignore:\n\n")
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, removedFingerprint))
cmd.Print(ignore.DisplayIgnoredEntryTextString(fingerprintId, removedFingerprint, options.GeneralOptions.NoColor))
cmd.Print("\n\n")
return nil
},
Expand All @@ -246,7 +246,7 @@ $ bearer ignore remove <fingerprint>`,

func newIgnoreMigrateCommand() *cobra.Command {
IgnoreMigrateFlags := &flag.Flags{
IgnoreFlagGroup: flag.NewIgnoreFlagGroup(),
GeneralFlagGroup: flag.NewGeneralFlagGroup(),
IgnoreMigrateFlagGroup: flag.NewIgnoreMigrateFlagGroup(),
}
cmd := &cobra.Command{
Expand All @@ -263,13 +263,14 @@ $ bearer ignore migrate`,
if err != nil {
return fmt.Errorf("flag error: %s", err)
}

configFilePath := viper.GetString(flag.ConfigFileFlag.ConfigName)
fingerprintsToMigrate, err := getIgnoredFingerprintsFromConfig(configFilePath)
if err != nil {
return fmt.Errorf("error reading config: %s\nPerhaps you need to use --config-file to specify the config path?", err.Error())
}

ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.IgnoreOptions.BearerIgnoreFile)
ignoredFingerprints, fileExists, err := ignore.GetIgnoredFingerprints(options.GeneralOptions.BearerIgnoreFile, nil)
if err != nil {
return fmt.Errorf("error retrieving existing ignores: %s", err)
}
Expand All @@ -292,7 +293,7 @@ $ bearer ignore migrate`,
}
}

cmd.Printf("Added %d ignores to:\n\t%s\n", migratedIgnoredCount, options.IgnoreOptions.BearerIgnoreFile)
cmd.Printf("Added %d ignores to:\n\t%s\n", migratedIgnoredCount, options.GeneralOptions.BearerIgnoreFile)

if skippedIgnoresToMigrate != "" {
cmd.Printf("\nThe following ignores already exist in the bearer.ignore file:\n")
Expand All @@ -302,7 +303,7 @@ $ bearer ignore migrate`,

// either no duplicate entries at this point or --force is true so we can ignore merge error
_ = ignore.MergeIgnoredFingerprints(fingerprintsToMigrate, ignoredFingerprints, options.IgnoreMigrateOptions.Force)
return writeIgnoreFile(ignoredFingerprints, options.IgnoreOptions.BearerIgnoreFile)
return writeIgnoreFile(ignoredFingerprints, options.GeneralOptions.BearerIgnoreFile)
},
SilenceErrors: false,
SilenceUsage: false,
Expand Down
2 changes: 1 addition & 1 deletion pkg/commands/process/settings/settings.go
Original file line number Diff line number Diff line change
Expand Up @@ -311,7 +311,7 @@ func FromOptions(opts flag.Options, foundLanguages []string) (Config, error) {
}
}

ignoredFingerprints, _, err := ignore.GetIgnoredFingerprints(opts.IgnoreOptions.BearerIgnoreFile)
ignoredFingerprints, _, err := ignore.GetIgnoredFingerprints(opts.GeneralOptions.BearerIgnoreFile, &opts.ScanOptions.Target)
if err != nil {
return Config{}, err
}
Expand Down
Loading

0 comments on commit 911c5c1

Please sign in to comment.