feat: adding possibility to run commands only on a specific detection (…

…#23)

crates/common/src/detections.rs

@@ -79,10 +79,21 @@ impl Detection {
     }
 }
 
-pub fn map_plugin_detections() -> Result<HashMap<String, HashSet<DetectionState>>> {
-    let entries: Vec<PathBuf> = fs::read_dir(LGC_RULES_DIR)?
-        .filter_map(|file| file.ok().map(|f| f.path()))
-        .collect();
+pub fn map_plugin_detections(
+    detection_id: Option<String>,
+) -> Result<HashMap<String, HashSet<DetectionState>>> {
+    let entries: Vec<PathBuf> = if let Some(detection_id) = detection_id {
+        let detection_path = PathBuf::from(format!("{}/{}.yaml", LGC_RULES_DIR, detection_id));
+        if detection_path.is_file() {
+            vec![detection_path]
+        } else {
+            bail!("detection `{}` does not exist", detection_id)
+        }
+    } else {
+        fs::read_dir(LGC_RULES_DIR)?
+            .filter_map(|file| file.ok().map(|f| f.path()))
+            .collect()
+    };
 
     let plugins: DashMap<String, HashSet<DetectionState>> = DashMap::new();
 

crates/common/src/state/mod.rs

@@ -51,26 +51,36 @@ impl State {
         }
     }
 
-    pub fn missing_rules(&self, detections: &ServiceDetections, silent: bool) -> ServiceDetections {
+    pub fn missing_rules(
+        &self,
+        detections: &ServiceDetections,
+        silent: bool,
+        detection_name: Option<String>,
+    ) -> ServiceDetections {
         let to_remove: DashMap<String, HashSet<DetectionState>> = DashMap::new();
 
         detections.par_iter().for_each(|(service_id, rules)| {
             if let Some(state_rules) = self.services.get(service_id) {
-                state_rules.difference(rules).for_each(|rule| {
-                    to_remove
-                        .entry(service_id.clone())
-                        .and_modify(|s| {
-                            s.insert(rule.clone());
-                        })
-                        .or_insert(HashSet::from([rule.clone()]));
-                    if !silent {
-                        println!(
-                            "[-] rule: `{}` will be deleted from `{}`",
-                            style(&rule.name).red(),
-                            &service_id
-                        );
-                    }
-                });
+                state_rules
+                    .difference(rules)
+                    .filter(|rule| {
+                        detection_name.is_none() || detection_name.as_ref().unwrap() == &rule.name
+                    })
+                    .for_each(|rule| {
+                        to_remove
+                            .entry(service_id.clone())
+                            .and_modify(|s| {
+                                s.insert(rule.clone());
+                            })
+                            .or_insert(HashSet::from([rule.clone()]));
+                        if !silent {
+                            println!(
+                                "[-] rule: `{}` will be deleted from `{}`",
+                                style(&rule.name).red(),
+                                &service_id
+                            );
+                        }
+                    });
             }
         });
 

src/commands/deploy.rs

@@ -29,6 +29,10 @@ pub struct DeployCommand {
     #[clap(short, long)]
     pub service_id: Option<String>,
 
+    /// Show differences for this detection path
+    #[clap(short, long)]
+    pub detection_id: Option<String>,
+
     /// Skip interactive approval of changes deployment
     #[clap(long)]
     pub auto_approve: bool,
@@ -37,7 +41,7 @@ pub struct DeployCommand {
 impl DeployCommand {
     pub async fn run(self, config: &ProjectConfiguration) -> Result<()> {
         // Load all detections
-        let detections = map_plugin_detections()?;
+        let detections = map_plugin_detections(self.detection_id.clone())?;
 
         // Prompt theme
         let prompt_theme = ColorfulTheme::default();
@@ -149,7 +153,11 @@ impl DeployCommand {
                 }
 
                 let mut state = config.state.load().await?;
-                let to_remove = state.missing_rules(&returned_rules, self.auto_approve);
+                let to_remove = state.missing_rules(
+                    &returned_rules,
+                    self.auto_approve,
+                    self.detection_id.clone(),
+                );
                 let changed =
                     compare_detections(&detections, &returned_rules, &services, !self.auto_approve);
 

src/commands/diff.rs

@@ -30,12 +30,16 @@ pub struct DiffCommand {
     /// Show differences from this target service
     #[clap(short, long)]
     pub service_id: Option<String>,
+
+    /// Show differences for this detection path
+    #[clap(short, long)]
+    pub detection_id: Option<String>,
 }
 
 impl DiffCommand {
     pub async fn run(self, config: &ProjectConfiguration) -> Result<()> {
         // Load all detections
-        let detections: PluginDetections = map_plugin_detections()?;
+        let detections: PluginDetections = map_plugin_detections(self.detection_id.clone())?;
 
         // Prompt theme
         let prompt_theme = ColorfulTheme::default();
@@ -151,7 +155,7 @@ impl DiffCommand {
             .state
             .load()
             .await?
-            .missing_rules(&returned_rules, false)
+            .missing_rules(&returned_rules, false, self.detection_id)
             .is_empty()
             && changes
             && !has_diff

src/commands/validate.rs

@@ -19,7 +19,7 @@ pub struct ValidateCommand;
 impl ValidateCommand {
     pub async fn run(self, config: &ProjectConfiguration) -> Result<()> {
         // Load all detections
-        let detections = map_plugin_detections()?;
+        let detections = map_plugin_detections(None)?;
 
         // Load plugins
         let plugin_manager = PluginManager::new()?;