Module: Pipeline::Options
- Defined in:
- lib/pipeline/options.rb
Overview
Parses command line arguments for Brakeman
Class Method Summary collapse
-
.get_options(args, destructive = false) ⇒ Object
Return hash of options and the parser.
-
.parse(args) ⇒ Object
Parse argument array.
-
.parse!(args) ⇒ Object
Parse arguments and remove them from the array as they are matched.
Class Method Details
.get_options(args, destructive = false) ⇒ Object
Return hash of options and the parser
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 |
# File 'lib/pipeline/options.rb', line 20 def args, destructive = false = {} parser = OptionParser.new do |opts| opts. = "Usage: pipeline [options] image/root/path" opts.separator "" opts.separator "Pipeline is a swiss army knife of security analysis tools." opts.separator "It has built in support for static analysis, AV, fim, and " opts.separator "is being extended to be used for analyzing all kinds of " opts.separator "projects, images or file systems." opts.separator "" opts.separator "Pipeline also features filters to perform deduplication " opts.separator "and the abilty to handle false positives." opts.separator "" opts.separator "See also the docker image." opts.separator "" opts.separator "Control options:" opts.on "-n", "--no-threads", "Run checks sequentially" do [:parallel_checks] = false end opts.on "--[no-]progress", "Show progress reports" do |progress| [:report_progress] = progress end opts.on "-T", "--target PATH", "Specify target" do |target| [:target] = path end opts.on "-q", "--[no-]quiet", "Suppress informational messages" do |quiet| [:quiet] = quiet end opts.on( "-z", "--exit-on-warn", "Exit code is non-zero if warnings found") do [:exit_on_warn] = true end opts.separator "" opts.separator "Scanning options:" opts.on "-A", "--run-all-checks", "Run all default and optional checks" do [:run_all_checks] = true end opts.on "-t", "--test Check1,Check2,etc", Array, "Only run the specified checks" do |checks| [:run_tasks] ||= Set.new [:run_tasks].merge checks end opts.on "-x", "--except Check1,Check2,etc", Array, "Skip the specified checks" do |skip| skip.each do |s| [:skip_checks] ||= Set.new [:skip_checks] << s end end opts.on "-a", "--appname NAME", "Override the inferred application name." do |appname| [:appname] = appname end opts.on "-r", "--revision REV", "Specify a revision of software to pass on to checkmarx" do |revision| [:revision] = revision end opts.on "-l", "--labels Label1,Label2,etc", Array, "Run the checks with the supplied labels" do |labels| [:labels] ||= Set.new [:labels].merge labels end opts.on "--add-checks-path path1,path2,etc", Array, "A directory containing additional out-of-tree checks to run" do |paths| [:additional_checks_path] ||= Set.new [:additional_checks_path].merge paths.map {|p| File. p} end opts.on "--npm-registry URL", "Use a custom npm registry when installing dependencies for javascript scanners" do |url| [:npm_registry] = url end opts.on "--exclude path1,path2,path3,etc", Array, "A list of paths to ignore when running recursive tasks (npm, retirejs, snyk, etc)" do |paths| paths.each do |path| [:exclude_dirs] ||= Set.new [:exclude_dirs] << path end end opts.separator "" opts.separator "Output options:" opts.on "-d", "--debug", "Lots of output" do [:debug] = true end opts.on "-f", "--format TYPE", [:text, :html, :csv, :tabs, :json, :jira, :markdown], "Specify output formats. Default is text" do |type| [:output_format] = type end opts.on "--css-file CSSFile", "Specify CSS to use for HTML output" do |file| [:html_style] = File. file end opts.on "-i IGNOREFILE", "--ignore-config IGNOREFILE", "Use configuration to ignore warnings" do |file| [:ignore_file] = file end opts.on "-I", "--interactive-ignore", "Interactively ignore warnings" do [:interactive_ignore] = true end opts.on "-o", "--output FILE", "Specify file for output. Defaults to stdout." do |file| [:output_file] = file end opts.on "--summary", "Only output summary of warnings" do [:summary_only] = true end opts.on "-L LOGFILE", "--logfile LOGFILE", "Write full pipeline log to LOGFILE" do |file| [:logfile] = file end opts.separator "" opts.separator "JIRA options:" opts.on "--jira-project PROJECT", "Specify the jira project to create issues in. If issue looks like APPS-13, this should be APPS." do |project| [:jira_project] = project end opts.on "--jira-api-url URL", "Specify the jira rest api endpoint. Eg. domain.com/jira/jira/rest/api/2/." do |url| [:jira_api_url] = url end opts.on "--jira-cookie COOKIE", "Specify the session cookie to get to Jira." do || [:jira_cookie] = end opts.on "--jira-component COMPONENT", "Specify the JIRA component to use." do |component| [:jira_component] = component end opts.separator "" opts.separator "ZAP options:" opts.on "--zap-api-token token", "Specify the ZAP API token to use when connecting to the API" do |token| [:zap_api_token] = token end opts.on "--zap-host HOST", "Specify the host ZAP is running on." do |host| [:zap_host] = host end opts.on "--zap-port PORT", "Specify the port ZAP is running on." do |port| [:zap_port] = port end opts.separator "" opts.separator "Checkmarx options:" opts.on "--checkmarx-user USER", "Specify the Checkmarx user to use when connecting to the API" do |user| [:checkmarx_user] = user end opts.on "--checkmarx-password PASSWORD", "Specify password for the Checkmarx API user" do |password| [:checkmarx_password] = password end opts.on "--checkmarx-server server", "Specify the API server to use for Checkmarx scans" do |server| [:checkmarx_server] = server end opts.on "--checkmarx-log logfile", "Specify the log file to use for Checkmarx scans" do |logfile| [:checkmarx_log] = logfile end opts.on "--checkmarx-project project", "Specify the full path of the Checkmarx project for this scan" do |project| [:checkmarx_project] = project end opts.separator "" opts.separator "PMD options:" opts.on "--pmd-path PATH", "The full path to the base PMD directory" do |dir| [:pmd_path] = dir end opts.on "--pmd-checks CHECK1,CHECK2", "The list of checks passed to PMD run.sh -R, default: 'java-basic,java-sunsecure'" do |checks| [:pmd_checks] = checks end opts.separator "" opts.separator "FindSecurityBugs options:" opts.on "--findsecbugs-path PATH", "The full path to the base FindSecurityBugs directory" do |dir| [:findsecbugs_path] = dir end opts.separator "" opts.separator "Configuration files:" opts.on "-c", "--config-file FILE", "Use specified configuration file" do |file| [:config_file] = File.(file) end opts.on "-C", "--create-config [FILE]", "Output configuration file based on options" do |file| if file [:create_config] = file else [:create_config] = true end end opts.separator "" opts.on "-k", "--checks", "List all available vulnerability checks" do [:list_checks] = true end opts.on "--optional-checks", "List optional checks" do [:list_optional_checks] = true end opts.on "-v", "--version", "Show Pipeline version" do [:show_version] = true end opts.on_tail "-h", "--help", "Display this message" do [:show_help] = true end end if destructive parser.parse! args else parser.parse args end if [:previous_results_json] and [:output_files] [:comparison_output_file] = [:output_files].shift end return , parser end |
.parse(args) ⇒ Object
Parse argument array
10 11 12 |
# File 'lib/pipeline/options.rb', line 10 def parse args args end |
.parse!(args) ⇒ Object
Parse arguments and remove them from the array as they are matched
15 16 17 |
# File 'lib/pipeline/options.rb', line 15 def parse! args args, true end |