feat(cli): the new lacework-cli MVP 🔥🔥

This is the MVP of the `lacework-cli` tool!

Signed-off-by: Salim Afiune Maya <[email protected]>

Author: afiune

api/client.go

@@ -93,3 +93,8 @@ func WithURL(baseURL string) Option {
 		return nil
 	})
 }
+
+// URL returns the base url configured
+func (c *Client) URL() string {
+	return c.baseURL.String()
+}

cli/VERSION

@@ -0,0 +1 @@
+0.1.0

cli/cmd/api.go

@@ -0,0 +1,123 @@
+//
+// Author:: Salim Afiune Maya (<[email protected]>)
+// Copyright:: Copyright 2020, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package cmd
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+
+	"github.com/lacework/go-sdk/api"
+	"github.com/lacework/go-sdk/internal/array"
+)
+
+var (
+	// list of valid API methods
+	validApiMethods = []string{"get", "post", "delete", "patch"}
+
+	// data to send for POST/PATCH request
+	apiData string
+
+	// apiCmd represents the api command
+	apiCmd = &cobra.Command{
+		Use:   "api <method> <path>",
+		Short: "Helper to call Lacework's ResfulAPI",
+		Long: `Use this helper to call any available Lacework API endpoint.
+
+An example, list all integrations configured in your account:
+
+    lacework-cli api get /external/integrations
+
+For a complete list of available API endpoints visit:
+
+    https://<ACCOUNT>.lacework.net/api/v1/external/docs
+`,
+		Args: argsApiValidator,
+		RunE: runApiCommand,
+	}
+)
+
+func init() {
+	rootCmd.AddCommand(apiCmd)
+
+	apiCmd.Flags().StringVarP(&apiData,
+		"data", "d", "",
+		"data to send only for post and patch requests",
+	)
+}
+
+func runApiCommand(cmd *cobra.Command, args []string) error {
+	switch args[0] {
+	case "post", "patch":
+		if apiData == "" {
+			return fmt.Errorf("missing '--data' parameter for post or patch requests")
+		}
+	case "delete", "get":
+		if apiData != "" {
+			return fmt.Errorf("use '--data' only for post and patch requests")
+		}
+	}
+
+	lacework, err := api.NewClient(cli.Account,
+		api.WithApiKeys(cli.KeyID, cli.Secret),
+	)
+	if err != nil {
+		return errors.Wrap(err, "unable to generate Lacework API client")
+	}
+
+	cli.Log.Debugw("api client generated",
+		"version", lacework.ApiVersion(),
+		"base_url", lacework.URL(),
+	)
+
+	response := new(map[string]interface{})
+	err = lacework.RequestDecoder(
+		strings.ToUpper(args[0]),
+		strings.TrimPrefix(args[1], "/"),
+		strings.NewReader(apiData),
+		response,
+	)
+	if err != nil {
+		return errors.Wrap(err, "unable to send the request")
+	}
+
+	pretty, err := cli.JsonF.Marshal(*response)
+	if err != nil {
+		cli.Log.Debugw("api response", "raw", response)
+		return errors.Wrap(err, "unable to format json response")
+	}
+
+	fmt.Println(string(pretty))
+	return nil
+}
+
+func argsApiValidator(_ *cobra.Command, args []string) error {
+	if len(args) != 2 {
+		return errors.New("requires 2 argument. (method and path)")
+	}
+	if !array.ContainsStr(validApiMethods, args[0]) {
+		return fmt.Errorf(
+			"invalid method specified: '%s' (valid methods are %s)",
+			args[0], validApiMethods,
+		)
+	}
+	return nil
+}

cli/cmd/integration.go

@@ -0,0 +1,91 @@
+//
+// Author:: Salim Afiune Maya (<[email protected]>)
+// Copyright:: Copyright 2020, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+
+	"github.com/lacework/go-sdk/api"
+)
+
+var (
+	// integrationCmd represents the integration command
+	integrationCmd = &cobra.Command{
+		Use:   "integration",
+		Short: "Manage external integrations",
+	}
+
+	// integrationListCmd represents the list sub-command inside the integration command
+	instegrationListCmd = &cobra.Command{
+		Use:   "list",
+		Short: "List all available external integrations",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			lacework, err := api.NewClient(cli.Account,
+				api.WithApiKeys(cli.KeyID, cli.Secret),
+			)
+			if err != nil {
+				return errors.Wrap(err, "unable to generate Lacework API client")
+			}
+
+			cli.Log.Debugw("api client generated",
+				"version", lacework.ApiVersion(),
+				"base_url", lacework.URL(),
+			)
+
+			integrations, err := lacework.Integrations.List()
+			if err != nil {
+				return errors.Wrap(err, "unable to get integrations")
+			}
+
+			fmt.Println(integrations.String())
+			return nil
+		},
+	}
+
+	// integrationCreateCmd represents the create sub-command inside the integration command
+	instegrationCreateCmd = &cobra.Command{
+		Use:   "create",
+		Short: "Create an external integrations",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return nil
+		},
+	}
+
+	// integrationDeleteCmd represents the delete sub-command inside the integration command
+	instegrationDeleteCmd = &cobra.Command{
+		Use:   "delete",
+		Short: "Delete an external integrations",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return nil
+		},
+	}
+)
+
+func init() {
+	// add the integration command
+	rootCmd.AddCommand(integrationCmd)
+
+	// add sub-commands to the integration command
+	integrationCmd.AddCommand(instegrationListCmd)
+	integrationCmd.AddCommand(instegrationCreateCmd)
+	integrationCmd.AddCommand(instegrationDeleteCmd)
+}

cli/cmd/root.go

@@ -0,0 +1,168 @@
+//
+// Author:: Salim Afiune Maya (<[email protected]>)
+// Copyright:: Copyright 2020, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+
+	prettyjson "github.com/hokaccha/go-prettyjson"
+	homedir "github.com/mitchellh/go-homedir"
+	"github.com/spf13/viper"
+	"go.uber.org/zap"
+)
+
+type cliState struct {
+	Account  string
+	KeyID    string
+	Secret   string
+	Token    string
+	LogLevel string
+
+	JsonF *prettyjson.Formatter
+	Log   *zap.SugaredLogger
+}
+
+// rootCmd represents the base command when called without any subcommands
+var (
+	cfgFile string
+	cli     = cliState{
+		JsonF: prettyjson.NewFormatter(),
+	}
+	rootCmd = &cobra.Command{
+		Use:              "lacework-cli",
+		Short:            "A tool to manage your Lacework cloud security platform.",
+		PersistentPreRun: loadStateFromViper,
+		SilenceErrors:    true,
+		Long: `
+The Lacework Command Line Interface is a tool that helps you manage your
+Lacework cloud security platform. You can use it to manage compliance
+reports, external integrations, vulnerability scans, and other operations.`,
+	}
+)
+
+// Execute adds all child commands to the root command and sets flags appropriately.
+// This is called by main.main(). It only needs to happen once to the rootCmd.
+func Execute() {
+	if err := rootCmd.Execute(); err != nil {
+		fmt.Printf("Error: %s\n", err)
+		os.Exit(1)
+	}
+}
+
+func init() {
+	cobra.OnInitialize(initConfig)
+
+	rootCmd.PersistentFlags().StringVarP(&cfgFile,
+		"config", "c", "",
+		"config file (default is $HOME/.lacework.toml)",
+	)
+	rootCmd.PersistentFlags().Bool("debug", false,
+		"turn on debug logging",
+	)
+	rootCmd.PersistentFlags().StringP("api_key", "k", "",
+		"access key id",
+	)
+	rootCmd.PersistentFlags().StringP("api_secret", "s", "",
+		"access secret key",
+	)
+	rootCmd.PersistentFlags().StringP("account", "a", "",
+		"account subdomain of URL (i.e. <ACCOUNT>.lacework.net)",
+	)
+
+	checkBindError(viper.BindPFlag("account", rootCmd.PersistentFlags().Lookup("account")))
+	checkBindError(viper.BindPFlag("api_key", rootCmd.PersistentFlags().Lookup("api_key")))
+	checkBindError(viper.BindPFlag("api_secret", rootCmd.PersistentFlags().Lookup("api_secret")))
+	checkBindError(viper.BindPFlag("debug", rootCmd.PersistentFlags().Lookup("debug")))
+}
+
+// initConfig reads in config file and ENV variables if set
+func initConfig() {
+	if cfgFile != "" {
+		// Use config file from flag
+		viper.SetConfigFile(cfgFile)
+	} else {
+		// Find home directory
+		home, err := homedir.Dir()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		// Search config in home directory with name ".lacework" (without extension)
+		viper.AddConfigPath(home)
+		viper.SetConfigName(".lacework")
+	}
+
+	viper.SetConfigType("toml")    // set TOML as the config format
+	viper.SetEnvPrefix("LACEWORK") // set prefix for all env variables LW_ABC
+	viper.AutomaticEnv()           // read in environment variables that match
+
+	// Initialize zap logger
+	initializeCliLogger()
+
+	// If a config file is found, read it in
+	if err := viper.ReadInConfig(); err == nil {
+		cli.Log.Debugw("using config file",
+			"path", viper.ConfigFileUsed(),
+		)
+	}
+}
+
+// initializeCliLogger initializes the cli logger, by default we assume production,
+// but if debug mode is turned on, we switch to development
+func initializeCliLogger() {
+	var (
+		log *zap.Logger
+		err error
+	)
+
+	if viper.GetBool("debug") {
+		log, err = zap.NewDevelopment()
+	} else {
+		log, err = zap.NewProduction()
+	}
+
+	// if we find any error initializing zap, default to a standard logger
+	if err != nil {
+		fmt.Printf("Error: unable to initialize zap logger: %v\n", err)
+		cli.Log = zap.NewExample().Sugar()
+	} else {
+		cli.Log = log.Sugar()
+	}
+}
+
+func checkBindError(err error) {
+	if err != nil {
+		cli.Log.Debugw("unable to bind parameter", "error", err.Error())
+	}
+}
+
+func loadStateFromViper(_ *cobra.Command, _ []string) {
+	cli.KeyID = viper.GetString("api_key")
+	cli.Secret = viper.GetString("api_secret")
+	cli.Account = viper.GetString("account")
+	if viper.GetBool("debug") {
+		cli.LogLevel = "info"
+	} else {
+		cli.LogLevel = "debug"
+	}
+}