Implement CLI abstract class (#2915)

* Reduce code complexity

Signed-off-by: Joyce Quach <[email protected]>

* Fix code smells for grype mapper

Signed-off-by: Joyce Quach <[email protected]>

* Fix code smells for other mappers

Signed-off-by: Joyce Quach <[email protected]>

* Run linter

Signed-off-by: Joyce Quach <[email protected]>

* added proper formatting for CLI, added oclif theme

Signed-off-by: George M Dias <[email protected]>

* Remove file CLI log file and added to gitignore

Signed-off-by: George M Dias <[email protected]>

* modified half of the CLIs adding the proper error catching

Signed-off-by: George M Dias <[email protected]>

* 60% completed - CLI to use abstract class

Signed-off-by: George M Dias <[email protected]>

* 85% completed - CLI to use abstract class

Signed-off-by: George M Dias <[email protected]>

* testing pack win - oclif was failing due to node 18 not supporting win32-arm64

Signed-off-by: George M Dias <[email protected]>

* testing pack win - oclif was failing on win32-arm64 - change to node 20

Signed-off-by: George M Dias <[email protected]>

* completed updates to CLI - use abstract class

Signed-off-by: George M Dias <[email protected]>

* fixed threshold test

Signed-off-by: George M Dias <[email protected]>

* fixed SonarCloud Code Analysis

Signed-off-by: George M Dias <[email protected]>

* removed xccdf_benchmark2inspec_stub in favor of inspec_profile

Signed-off-by: George M Dias <[email protected]>

* removed xccdf_benchmark2inspec_stub in favor of inspec_profile

Signed-off-by: George M Dias <[email protected]>

* updated inspect_profile to take given path, updated test

Signed-off-by: George M Dias <[email protected]>

* fixed inspec_profile test

Signed-off-by: George M Dias <[email protected]>

* fixed inspect_profile test

Signed-off-by: George M Dias <[email protected]>

* added generation of additon files

Signed-off-by: George M Dias <[email protected]>

* typo and grammar corrections

* fixed inspect_profile test failing

Signed-off-by: George M Dias <[email protected]>

---------

Signed-off-by: Joyce Quach <[email protected]>
Signed-off-by: George M Dias <[email protected]>
Co-authored-by: George M Dias <[email protected]>
Co-authored-by: Daniel Medina <[email protected]>

.eslintrc

@@ -5,6 +5,8 @@
   ],
   "rules": {
     "@typescript-eslint/no-unused-vars": "off",
+    "semi": "off",
+    "@typescript-eslint/semi": ["warn", "never"],
     "unicorn/filename-case": "off",
     "unicorn/prefer-node-protocol": "off",
     "unicorn/numeric-separators-style": "off",

.github/workflows/build-windows-linux.yml

@@ -18,7 +18,7 @@ jobs:
       - name: setup node
         uses: actions/setup-node@v4
         with:
-          node-version: "18"
+          node-version: "20"
           check-latest: true
           cache: 'npm'
           cache-dependency-path: ./saf/package-lock.json

.gitignore

@@ -16,4 +16,4 @@ out
 **/saf-cli.log
 *.html
 saf-cli.log
-*.log
+CliProcessOutput.log

oclif-theme.json

@@ -0,0 +1,26 @@
+{
+    "bin": "yellow",
+    "command": "yellow",
+    "commandSummary": "green",
+    "dollarSign": "yellow",
+    "flag": "yellow",
+    "flagDefaultValue": "blue",
+    "flagOptions": "blue",
+    "flagRequired": "red",
+    "flagSeparator": "yellow",
+    "json": {
+      "brace": "magenta",
+      "bracket": "magenta",
+      "colon": "dim",
+      "comma": "dim",
+      "key": "yellow",
+      "string": "green",
+      "number": "green",
+      "boolean": "green",
+      "null": "red"
+    },
+    "sectionDescription": "blue",
+    "sectionHeader": "underline",
+    "topic": "yellow",
+    "version": "yellow"
+  }

package.json

@@ -112,9 +112,10 @@
   "main": "lib/index.js",
   "oclif": {
     "commands": "./lib/commands",
-    "helpClass": "./lib/help/help",
+    "helpClass": "./lib/utils/oclif/help/help",
+    "theme": "./oclif-theme.json",
     "additionalHelpFlags": [
-      "-h"
+      "-h", "--whatzUp", "--whatzup", "--tell-me-more"
     ],
     "additionalVersionFlags": [
       "-v"

src/commands/attest/apply.ts

@@ -1,24 +1,24 @@
-import {Command, Flags} from '@oclif/core'
+import {Flags} from '@oclif/core'
 import {ExecJSON} from 'inspecjs'
 import {addAttestationToHDF, Attestation, parseXLSXAttestations} from '@mitre/hdf-converters'
 import _ from 'lodash'
 import yaml from 'yaml'
 import fs from 'fs'
 import path from 'path'
 import {convertFullPathToFilename} from '../../utils/global'
+import {BaseCommand} from '../../utils/oclif/baseCommand'
 
-export default class ApplyAttestation extends Command {
-    static usage = 'attest apply -i <input-hdf-json>... <attestation>... -o <output-hdf-path>'
+export default class ApplyAttestation extends BaseCommand<typeof ApplyAttestation> {
+    static readonly usage = '<%= command.id %> -i <input-hdf-json>... <attestation>... -o <output-hdf-path>'
 
-    static description = 'Apply one or more attestation files to one or more HDF results sets'
+    static readonly description = 'Apply one or more attestation files to one or more HDF results sets'
 
-    static examples = [
-      'saf attest apply -i hdf.json attestation.json -o new-hdf.json',
-      'saf attest apply -i hdf1.json hdf2.json attestation.xlsx -o outputDir',
+    static readonly examples = [
+      '<%= config.bin %> <%= command.id %> -i hdf.json attestation.json -o new-hdf.json',
+      '<%= config.bin %> <%= command.id %> -i hdf1.json hdf2.json attestation.xlsx -o outputDir',
     ]
 
-    static flags = {
-      help: Flags.help({char: 'h'}),
+    static readonly flags = {
       input: Flags.string({char: 'i', required: true, multiple: true, description: 'Your input HDF and Attestation file(s)'}),
       output: Flags.string({char: 'o', required: true, description: 'Output file or folder (for multiple executions)'}),
     }

src/commands/attest/create.ts

@@ -1,4 +1,4 @@
-import {Command, Flags} from '@oclif/core'
+import {Flags} from '@oclif/core'
 import {Attestation} from '@mitre/hdf-converters'
 import fs from 'fs'
 import AccurateSearch from 'accurate-search'
@@ -8,22 +8,22 @@ import promptSync from 'prompt-sync'
 import {default as files} from '../../resources/files.json'
 import {dataURLtoU8Array} from '../../utils/global'
 import yaml from 'yaml'
+import {BaseCommand} from '../../utils/oclif/baseCommand'
 
 const MAX_SEARCH_RESULTS = 5
 const prompt = promptSync()
 
-export default class CreateAttestations extends Command {
-    static usage = 'attest create -o <attestation-file> [-i <hdf-json> -t <json | xlsx | yml | yaml>]'
+export default class CreateAttestations extends BaseCommand<typeof CreateAttestations> {
+    static readonly usage = '<%= command.id %> -o <attestation-file> [-i <hdf-json> -t <json | xlsx | yml | yaml>]'
 
-    static description = 'Create attestation files for use with `saf attest apply`'
+    static readonly description = 'Create attestation files for use with `saf attest apply`'
 
-    static examples = [
-      'saf attest create -o attestation.json -i hdf.json',
-      'saf attest create -o attestation.xlsx -t xlsx',
+    static readonly examples = [
+      '<%= config.bin %> <%= command.id %> -o attestation.json -i hdf.json',
+      '<%= config.bin %> <%= command.id %> -o attestation.xlsx -t xlsx',
     ]
 
-    static flags = {
-      help: Flags.help({char: 'h'}),
+    static readonly flags = {
       input: Flags.string({char: 'i', description: '(optional) An input HDF file to search for controls'}),
       output: Flags.string({char: 'o', required: true, description: 'The output filename'}),
       format: Flags.string({char: 't', description: '(optional) The output file type', default: 'json', options: ['json', 'xlsx', 'yml', 'yaml']}),

src/commands/convert/anchoregrype2hdf.ts

@@ -1,28 +1,51 @@
-import {Command, Flags} from '@oclif/core'
+import {Flags} from '@oclif/core'
 import fs from 'fs'
 import {AnchoreGrypeMapper as Mapper} from '@mitre/hdf-converters'
 import {checkInput, checkSuffix} from '../../utils/global'
+import {BaseCommand} from '../../utils/oclif/baseCommand'
 
-export default class AnchoreGrype2HDF extends Command {
-  static usage = 'convert anchoregrype2hdf -i <anchoregrype-json> -o <hdf-scan-results-json>'
+export default class AnchoreGrype2HDF extends BaseCommand<typeof AnchoreGrype2HDF> {
+  static readonly usage =
+    '<%= command.id %> -i <anchoregrype-json> -o <hdf-scan-results-json>';
 
-  static description = 'Translate a Anchore Grype output file into an HDF results set'
+  static readonly description =
+    'Translate an Anchore Grype output file into an HDF results set';
 
-  static examples = ['saf convert anchoregrype2hdf -i anchoregrype.json -o output-hdf-name.json']
+  static readonly examples = [
+    '<%= config.bin %> <%= command.id %> -i anchoregrype.json -o output-hdf-name.json',
+  ];
 
-  static flags = {
-    help: Flags.help({char: 'h'}),
-    input: Flags.string({char: 'i', required: true, description: 'Input Anchore Grype file'}),
-    output: Flags.string({char: 'o', required: true, description: 'Output HDF file'}),
-    'with-raw': Flags.boolean({char: 'w', required: false}),
-  }
+  static readonly flags = {
+    input: Flags.string({
+      char: 'i',
+      required: true,
+      description: 'Input Anchore Grype file',
+    }),
+    output: Flags.string({
+      char: 'o',
+      required: true,
+      description: 'Output HDF file',
+    }),
+    includeRaw: Flags.boolean({
+      char: 'w',
+      required: false,
+      description: 'Include raw data from the input Anchore Grype file',
+    }),
+  };
 
   async run() {
     const {flags} = await this.parse(AnchoreGrype2HDF)
     const input = fs.readFileSync(flags.input, 'utf8')
-    checkInput({data: input, filename: flags.input}, 'grype', 'Anchore Grype JSON results file')
+    checkInput(
+      {data: input, filename: flags.input},
+      'grype',
+      'Anchore Grype JSON results file',
+    )
 
-    const converter = new Mapper(input, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
+    const converter = new Mapper(input, flags.includeRaw)
+    fs.writeFileSync(
+      checkSuffix(flags.output),
+      JSON.stringify(converter.toHdf(), null, 2),
+    )
   }
 }