center-for-threat-informed-defense · mikecarenzo · Nov 8, 2023 · Oct 31, 2023 · Oct 31, 2023 · Oct 31, 2023
diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml
@@ -9,65 +9,66 @@ jobs:
   mappings_explorer_tests:
     runs-on: ubuntu-latest
     steps:
+      # Configure Environment
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Install Python
+        id: setup-python
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.9
 
-    # Configure Environment
-    - name: Checkout repository
-      uses: actions/checkout@v3
-    - name: Install Python
-      id: setup-python
-      uses: actions/setup-python@v4
-      with:
-        python-version: 3.9
+      # Prepare Poetry
+      - name: Attempt Poetry install from cache
+        uses: actions/cache@v3
+        id: cached-poetry
+        with:
+          path: ./.poetry
+          key: venv::${{ runner.os }}::${{ steps.setup-python.outputs.python-version }}::poetry
+      - name: Install Poetry
+        if: steps.cached-poetry.outputs.cache-hit != 'true'
+        run: |
+          python -m venv .poetry
+          source ./.poetry/bin/activate
+          pip install poetry
+          deactivate
+          mkdir $PWD/.poetry/.bin
+          ln -s $PWD/.poetry/bin/poetry $PWD/.poetry/.bin/poetry
+      - name: Add Poetry to PATH
+        run: echo "$PWD/.poetry/.bin" >> $GITHUB_PATH
 
-    # Prepare Poetry
-    - name: Attempt Poetry install from cache
-      uses: actions/cache@v3
-      id: cached-poetry
-      with:
-        path: ./.poetry
-        key: venv::${{ runner.os }}::${{ steps.setup-python.outputs.python-version }}::poetry
-    - name: Install Poetry
-      if: steps.cached-poetry.outputs.cache-hit != 'true'
-      run: |
-        python -m venv .poetry
-        source ./.poetry/bin/activate
-        pip install poetry
-        deactivate
-        mkdir $PWD/.poetry/.bin
-        ln -s $PWD/.poetry/bin/poetry $PWD/.poetry/.bin/poetry
-    - name: Add Poetry to PATH
-      run: echo "$PWD/.poetry/.bin" >> $GITHUB_PATH
+      # Prepare Virtual Environment
+      - name: Configure Poetry
+        run: poetry config virtualenvs.in-project true
+      - name: Load cached virtual environment
+        uses: actions/cache@v3
+        id: cached-dependencies
+        with:
+          path: ./.venv
+          key: venv::${{ runner.os }}::${{ steps.setup-python.outputs.python-version }}::${{ hashFiles('./poetry.lock') }}
+      - name: Install dependencies
+        if: steps.cached-dependencies.outputs.cache-hit != 'true'
+        run: poetry install --no-interaction --no-root
+      - name: Install Mappings Explorer
+        run: poetry install --no-interaction --only-root
 
-    # Prepare Virtual Environment
-    - name: Configure Poetry
-      run: poetry config virtualenvs.in-project true
-    - name: Load cached virtual environment
-      uses: actions/cache@v3
-      id: cached-dependencies
-      with:
-        path: ./.venv
-        key: venv::${{ runner.os }}::${{ steps.setup-python.outputs.python-version }}::${{ hashFiles('./poetry.lock') }}
-    - name: Install dependencies
-      if: steps.cached-dependencies.outputs.cache-hit != 'true'
-      run: poetry install --no-interaction --no-root
-    - name: Install Mappings Explorer
-      run: poetry install --no-interaction --only-root
+      # Check Lint, Test, Security, Validate mappings
+      - name: Lint Mappings Explorer
+        run: poetry run make lint
+      - name: Test Mappings Explorer
+        run: poetry run make test-ci
+      - name: Run Bandit security check
+        run: poetry run bandit -r ./src -ll -ii
+      - name: Safety vulnerability check
+        run: |
+          poetry export -f requirements.txt | poetry run safety check --full-report --stdin
+      - name: Validate Mappings Files
+        run: poetry run mapex validate ${GITHUB_WORKSPACE}/mappings
 
-    # Check Lint, Test, Security
-    - name: Lint Mappings Explorer
-      run: poetry run make lint
-    - name: Test Mappings Explorer
-      run: poetry run make test-ci
-    - name: Run Bandit security check
-      run: poetry run bandit -r ./src -ll -ii
-    - name: Safety vulnerability check
-      run: |
-        poetry export -f requirements.txt | poetry run safety check --full-report --stdin
-
-    # Upload Test Coverage
-    - name: Upload coverage to CodeCov
-      uses: codecov/codecov-action@v3
-      with:
-        token: $\{\{ secrets.CODECOV_SECRET \}\}
-        files: ./coverage.xml
-        verbose: true
+      # Upload Test Coverage
+      - name: Upload coverage to CodeCov
+        uses: codecov/codecov-action@v3
+        with:
+          token: $\{\{ secrets.CODECOV_SECRET \}\}
+          files: ./coverage.xml
+          verbose: true
diff --git a/src/mapex/cli.py b/src/mapex/cli.py
@@ -1,6 +1,7 @@
 import argparse
 import json
 import os
+import sys
 
 from jsonschema import validate
 from mapex.write_parsed_mappings import (
@@ -22,16 +23,10 @@ def main():
     if args.command == "export":
         output_file = args.output_file
         file_type = args.file_type
-
-        # ensure that output filepath is a valid directory
-        # script will assign output filename based on input filename
-        if not os.path.isdir(output_file):
-            print("Please enter valid directory for output files")
-
-        # if input filepath is a file, export file
-        elif os.path.isfile(input_file):
+        if os.path.isfile(input_file):
             metadata_key = 0
             export_file(input_file, output_file, file_type, metadata_key)
+            sys.exit(0)
 
         # if input filepath is a directory, walk through nested directories until file
         # is found. Output files will go into the output filepath given within the
@@ -55,8 +50,24 @@ def main():
                         )
         else:
             print("Input file must be a valid file")
+            sys.exit(1)
+
     elif args.command == "validate":
-        validate_file(input_file)
+        if os.path.isfile(input_file):
+            validation_errors = validate_file(input_file)
+            if validation_errors is not None:
+                sys.exit(1)
+
+        elif os.path.isdir(input_file):
+            for dirpath, _, filenames in os.walk(input_file):
+                for file in filenames:
+                    input_filepath = f"{dirpath}/{file}"
+                    validation_errors = validate_file(input_filepath)
+                    if validation_errors is not None:
+                        sys.exit(1)
+
+        print("succesfully validated")
+        sys.exit(0)
 
 
 def _parse_args():
@@ -116,6 +127,4 @@ def validate_file(input_file):
     parsed_mappings = read_json_file(input_file)
     schema_filepath = f"{ROOT_DIR}/schema/mapex-unified-data-schema.json"
     schema = json.loads(open(schema_filepath, "r", encoding="UTF-8").read())
-    validation_errors = validate(instance=parsed_mappings, schema=schema)
-    if validation_errors is None:
-        print("successfully validated")
+    return validate(instance=parsed_mappings, schema=schema)