feat(#32): configure by file with internal package

Author: sacha-c

.gitignore

@@ -29,4 +29,4 @@ go.work.sum
 tmp_scans/
 
 # Sheriff configuration file, untracked for use in local development
-sheriff.toml
+/sheriff.toml

internal/cli/app.go

@@ -22,7 +22,7 @@ This file is formatted in TOML and can contain any of the flags that can be set
 `,
 				Flags:  PatrolFlags,
 				Action: PatrolAction,
-				Before: CombineBeforeFuncs(ConfigureLogs, GetConfigFileLoader(PatrolFlags, configFlag), LogArguments),
+				Before: ConfigureLogs,
 			},
 		},
 	}

internal/cli/patrol.go

@@ -13,7 +13,6 @@ import (
 	"strings"
 
 	"github.com/urfave/cli/v2"
-	"github.com/urfave/cli/v2/altsrc"
 )
 
 type CommandCategory string
@@ -36,7 +35,6 @@ const silentReportFlag = "silent"
 const gitlabTokenFlag = "gitlab-token"
 const slackTokenFlag = "slack-token"
 
-var sensitiveFlags = []string{gitlabTokenFlag, slackTokenFlag}
 var necessaryScanners = []string{scanner.OsvCommandName}
 
 var PatrolFlags = []cli.Flag{
@@ -52,38 +50,38 @@ var PatrolFlags = []cli.Flag{
 		Category: string(Miscellaneous),
 		Value:    false,
 	},
-	altsrc.NewStringSliceFlag(&cli.StringSliceFlag{
+	&cli.StringSliceFlag{
 		Name:     urlFlag,
 		Usage:    "Groups and projects to scan for vulnerabilities (list argument which can be repeated)",
 		Category: string(Scanning),
-	}),
-	altsrc.NewStringSliceFlag(&cli.StringSliceFlag{
+	},
+	&cli.StringSliceFlag{
 		Name:     reportToEmailFlag,
 		Usage:    "Enable reporting to the provided list of emails",
 		Category: string(Reporting),
-	}),
-	altsrc.NewBoolFlag(&cli.BoolFlag{
+	},
+	&cli.BoolFlag{
 		Name:     reportToIssueFlag,
 		Usage:    "Enable or disable reporting to the project's issue on the associated platform (gitlab, github, ...)",
 		Category: string(Reporting),
-	}),
-	altsrc.NewStringFlag(&cli.StringFlag{
+	},
+	&cli.StringFlag{
 		Name:     reportToSlackChannel,
 		Usage:    "Enable reporting to the provided slack channel",
 		Category: string(Reporting),
-	}),
-	altsrc.NewBoolFlag(&cli.BoolFlag{
+	},
+	&cli.BoolFlag{
 		Name:     reportEnableProjectReportToFlag,
 		Usage:    "Enable project-level configuration for '--report-to-*'.",
 		Category: string(Reporting),
 		Value:    true,
-	}),
-	altsrc.NewBoolFlag(&cli.BoolFlag{
+	},
+	&cli.BoolFlag{
 		Name:     silentReportFlag,
 		Usage:    "Disable report output to stdout.",
 		Category: string(Reporting),
 		Value:    false,
-	}),
+	},
 	// Secret tokens
 	&cli.StringFlag{
 		Name:     gitlabTokenFlag,
@@ -102,13 +100,20 @@ var PatrolFlags = []cli.Flag{
 
 func PatrolAction(cCtx *cli.Context) error {
 	config, err := config.GetPatrolConfiguration(config.PatrolCLIOpts{
-		Urls:                  cCtx.StringSlice(urlFlag),
-		ReportToIssue:         cCtx.Bool(reportToIssueFlag),
-		ReportToEmails:        cCtx.StringSlice(reportToEmailFlag),
-		ReportToSlackChannel:  cCtx.String(reportToSlackChannel),
-		EnableProjectReportTo: cCtx.Bool(reportEnableProjectReportToFlag),
-		SilentReport:          cCtx.Bool(silentReportFlag),
-		Verbose:               cCtx.Bool(verboseFlag),
+		PatrolCommonOpts: config.PatrolCommonOpts{
+			Urls: getStringSliceIfSet(cCtx, urlFlag),
+			Report: config.PatrolReportOpts{
+				To: config.PatrolReportToOpts{
+					Issue:                 getBoolIfSet(cCtx, reportToIssueFlag),
+					Emails:                getStringSliceIfSet(cCtx, reportToEmailFlag),
+					SlackChannel:          getStringIfSet(cCtx, reportToSlackChannel),
+					EnableProjectReportTo: getBoolIfSet(cCtx, reportEnableProjectReportToFlag),
+				},
+				SilentReport: getBoolIfSet(cCtx, silentReportFlag),
+			},
+		},
+		Config:  cCtx.String(configFlag),
+		Verbose: cCtx.Bool(verboseFlag),
 	})
 	if err != nil {
 		return errors.Join(errors.New("failed to get patrol configuration"), err)

internal/cli/utils.go

@@ -1,74 +1,42 @@
 package cli
 
 import (
-	"errors"
-	"fmt"
-	"os"
 	"sheriff/internal/log"
-	"slices"
 
 	zerolog "github.com/rs/zerolog/log"
 	"github.com/urfave/cli/v2"
-	"github.com/urfave/cli/v2/altsrc"
 )
 
-func CombineBeforeFuncs(beforeFuncs ...cli.BeforeFunc) cli.BeforeFunc {
-	return func(cCtx *cli.Context) error {
-		for _, beforeFunc := range beforeFuncs {
-			if err := beforeFunc(cCtx); err != nil {
-				return err
-			}
-		}
-		return nil
-	}
-}
-
 func ConfigureLogs(cCtx *cli.Context) error {
 	log.ConfigureLogs(cCtx.Bool(verboseFlag))
 	zerolog.Info().Msg("Logging configured")
 	return nil
 }
 
-func GetConfigFileLoader(flags []cli.Flag, fileNameFlag string) cli.BeforeFunc {
-	return func(cCtx *cli.Context) error {
-		fileName := cCtx.String(fileNameFlag)
-		if _, err := os.Stat(fileName); err == nil {
-			// Config file exists
-			zerolog.Info().Str("file", fileName).Msg("Loading configuration file")
-			return altsrc.InitInputSourceWithContext(flags, func(cCtx *cli.Context) (altsrc.InputSourceContext, error) {
-				return altsrc.NewTomlSourceFromFile(fileName)
-			})(cCtx)
-		} else if errors.Is(err, os.ErrNotExist) {
-			if cCtx.IsSet(fileNameFlag) {
-				// Config file was explicitly set but does not exist
-				return fmt.Errorf("config file %v does not exist", fileName)
-			}
-			zerolog.Info().Str("file", fileName).Msg("No configuration file found")
-			return nil // No config file, do nothing
-		} else {
-			// Error stating config file
-			return errors.Join(fmt.Errorf("failed to stat config file %s", fileName), err)
-		}
+func getStringSliceIfSet(cCtx *cli.Context, flagName string) *[]string {
+	if cCtx.IsSet(flagName) {
+		v := cCtx.StringSlice(flagName)
+		return &v
 	}
-}
 
-func LogArguments(cCtx *cli.Context) error {
-	flags := cCtx.FlagNames()
+	return nil
+}
 
-	flagList := make([]string, 0, len(flags))
+func getStringIfSet(cCtx *cli.Context, flagName string) *string {
+	if cCtx.IsSet(flagName) {
+		v := cCtx.String(flagName)
+		print(v)
+		return &v
+	}
 
-	for _, flag := range flags {
-		val := cCtx.Value(flag)
-		if slices.Contains(sensitiveFlags, flag) {
-			val = "REDACTED"
-		} else if sliceVal, ok := val.(cli.StringSlice); ok {
-			val = sliceVal.String()
-		}
+	return nil
+}
 
-		flagList = append(flagList, fmt.Sprintf("%s=%v", flag, val))
+func getBoolIfSet(cCtx *cli.Context, flagName string) *bool {
+	if cCtx.IsSet(flagName) {
+		v := cCtx.Bool(flagName)
+		return &v
 	}
 
-	zerolog.Info().Strs("arguments", flagList).Msg("Running with configuration")
-
 	return nil
 }

internal/cli/utils_test.go

@@ -2,40 +2,15 @@ package cli
 
 import (
 	"flag"
+	"strconv"
+	"strings"
 	"testing"
 
 	"github.com/rs/zerolog"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/mock"
 	"github.com/urfave/cli/v2"
 )
 
-func TestCombineBeforeFuncs(t *testing.T) {
-	mockBeforeFuncs := new(mockBeforeFuncs)
-	mockBeforeFuncs.On("Func1", mock.Anything).Return(nil)
-	mockBeforeFuncs.On("Func2", mock.Anything).Return(nil)
-
-	before_func := CombineBeforeFuncs(mockBeforeFuncs.Func1, mockBeforeFuncs.Func2)
-
-	_ = before_func(nil)
-
-	mockBeforeFuncs.AssertExpectations(t)
-}
-
-type mockBeforeFuncs struct {
-	mock.Mock
-}
-
-func (m *mockBeforeFuncs) Func1(cCtx *cli.Context) error {
-	args := m.Called(cCtx)
-	return args.Error(0)
-}
-
-func (m *mockBeforeFuncs) Func2(cCtx *cli.Context) error {
-	args := m.Called(cCtx)
-	return args.Error(0)
-}
-
 func TestConfigureLogs(t *testing.T) {
 	testCases := map[bool]zerolog.Level{
 		true:  zerolog.DebugLevel,
@@ -53,26 +28,127 @@ func TestConfigureLogs(t *testing.T) {
 	}
 }
 
-// Tests for ConfigFileLoader when no file is found.
-// There should be an equivalent test for when the file is found, but it's tough.
-func TestConfigFileLoaderNoFile(t *testing.T) {
-	flag := flag.NewFlagSet("config", flag.ContinueOnError)
-	flag.String("config", "nonexistent", "")
-	context := cli.NewContext(nil, flag, nil)
+func TestGetStringIfSettest(t *testing.T) {
+	want := "hello"
+	flagName := "testFlag"
 
-	beforeFunc := GetConfigFileLoader(nil, "config")
-	err := beforeFunc(context)
+	flag := flag.NewFlagSet("", flag.ContinueOnError)
+	flag.String(flagName, "", "")
+	_ = flag.Set(flagName, want)
+	cCtx := cli.NewContext(nil, flag, nil)
 
-	assert.Nil(t, err)
+	got := getStringIfSet(cCtx, flagName)
+
+	assert.Equal(t, want, *got)
 }
 
-func TestLogArguments(t *testing.T) {
-	flag := flag.NewFlagSet("flag", flag.ContinueOnError)
-	flag.String("some-flag", "", "")
-	_ = flag.Set("some-flag", "value")
-	context := cli.NewContext(nil, flag, nil)
+func TestGetStringIfSet(t *testing.T) {
+	testCases := []struct {
+		name string
+		want string
+		set  bool
+	}{{
+		name: "value",
+		want: "hello",
+		set:  true,
+	}, {
+		name: "nil",
+		want: "",
+		set:  false,
+	}}
+
+	flagName := "testFlag"
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			flag := flag.NewFlagSet("", flag.ContinueOnError)
+			flag.String(flagName, "", "")
+			if tc.set {
+				_ = flag.Set(flagName, tc.want)
+			}
+			cCtx := cli.NewContext(nil, flag, nil)
+
+			got := getStringIfSet(cCtx, flagName)
+
+			if tc.set {
+				assert.NotNil(t, got)
+				assert.Equal(t, tc.want, *got)
+			} else {
+				assert.Nil(t, got)
+			}
+		})
+	}
+}
 
-	_ = LogArguments(context)
+func TestGetStringSliceIfSet(t *testing.T) {
+	testCases := []struct {
+		name string
+		want []string
+		set  bool
+	}{{
+		name: "value",
+		want: []string{"hello", "world"},
+		set:  true,
+	}, {
+		name: "nil",
+		want: []string{},
+		set:  false,
+	}}
+
+	flagName := "testFlag"
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			flag := flag.NewFlagSet("", flag.ContinueOnError)
+			flag.Var(&cli.StringSlice{}, flagName, "")
+			if tc.set {
+				_ = flag.Set(flagName, strings.Join(tc.want, ", "))
+			}
+			cCtx := cli.NewContext(nil, flag, nil)
+
+			got := getStringSliceIfSet(cCtx, flagName)
+
+			if tc.set {
+				assert.NotNil(t, got)
+				assert.Equal(t, tc.want, *got)
+			} else {
+				assert.Nil(t, got)
+			}
+		})
+	}
+}
 
-	// How to assert that the log message was correct?
+func TestGetBoolIfSet(t *testing.T) {
+	testCases := []struct {
+		name string
+		want bool
+		set  bool
+	}{{
+		name: "value",
+		want: true,
+		set:  true,
+	}, {
+		name: "nil",
+		want: false,
+		set:  false,
+	}}
+
+	flagName := "testFlag"
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			flag := flag.NewFlagSet("", flag.ContinueOnError)
+			flag.Bool(flagName, false, "")
+			if tc.set {
+				_ = flag.Set(flagName, strconv.FormatBool(tc.want))
+			}
+			cCtx := cli.NewContext(nil, flag, nil)
+
+			got := getBoolIfSet(cCtx, flagName)
+
+			if tc.set {
+				assert.NotNil(t, got)
+				assert.Equal(t, tc.want, *got)
+			} else {
+				assert.Nil(t, got)
+			}
+		})
+	}
 }