Skip to content

Commit

Permalink
chore: Disable action import & reset commands for now
Browse files Browse the repository at this point in the history
  • Loading branch information
@rsenden
rsenden committed Apr 26, 2024
1 parent 1faf72f commit f2a966e
Show file tree
Hide file tree
Showing 7 changed files with 64 additions and 35 deletions.
1 change: 1 addition & 0 deletions ...mmon/src/main/java/com/fortify/cli/common/action/cli/cmd/AbstractActionImportCommand.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
import picocli.CommandLine.ArgGroup;
import picocli.CommandLine.Option;

// TODO Re-implement import functionality
public abstract class AbstractActionImportCommand extends AbstractOutputCommand implements IJsonNodeSupplier {
@ArgGroup(exclusive = true, multiplicity = "1") private ImportArgGroup argGroup = new ImportArgGroup();
private static final class ImportArgGroup {
Expand Down
2 changes: 0 additions & 2 deletions ...re/fcli-common/src/main/java/com/fortify/cli/common/action/helper/ActionImportHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,7 @@
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fortify.cli.common.action.helper.ActionLoaderHelper.ActionInvalidSignatureHandlers;
import com.fortify.cli.common.action.helper.ActionLoaderHelper.ActionSource;
import com.fortify.cli.common.action.model.Action.ActionProperties;
import com.fortify.cli.common.json.JsonHelper;
import com.fortify.cli.common.util.Break;

import lombok.SneakyThrows;

Expand Down
78 changes: 50 additions & 28 deletions ...re/fcli-common/src/main/java/com/fortify/cli/common/action/helper/ActionLoaderHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import com.fortify.cli.common.action.model.Action;
import com.fortify.cli.common.action.model.Action.ActionProperties;
import com.fortify.cli.common.cli.mixin.CommonOptionMixins.RequireConfirmation.AbortedByUserException;
import com.fortify.cli.common.crypto.SignatureHelper;
import com.fortify.cli.common.crypto.SignatureHelper.InvalidSignatureHandler;
import com.fortify.cli.common.crypto.SignatureHelper.SignatureStatus;
Expand Down Expand Up @@ -121,22 +122,28 @@ public final void processActions(ActionLoadResultProcessor actionLoadResultProce
processZipEntries(zipEntryProcessor(actionLoadResultProcessor));
}

@SneakyThrows
private final ActionLoadResult loadFromFileOrUrl(String source) {
try ( var is = createSourceInputStream(source, false) ) {
if ( is!=null ) {
var properties = ActionProperties.builder()
.custom(true).name(source).build();
return load(is, properties);
}
} catch (Exception e) {
if ( e instanceof AbortedByUserException ) { throw (AbortedByUserException)e; }
throw wrapException("Error loading action from "+source, e);
}
return null;
}

private final ActionLoadResult loadFromZips(String name) {
AtomicReference<ActionLoadResult> result = new AtomicReference<>();
processZipEntries(singleZipEntryProcessor(name, result::set));
return result.get();
try {
AtomicReference<ActionLoadResult> result = new AtomicReference<>();
processZipEntries(singleZipEntryProcessor(name, result::set));
return result.get();
} catch ( RuntimeException e ) {
throw wrapException("Error loading action "+name, e);
}
}

private final void processZipEntries(IZipEntryWithContextProcessor<ActionProperties> processor) {
Expand Down Expand Up @@ -194,38 +201,48 @@ private static final class ActionLoadResult {
private final SignedTextDescriptor signedTextDescriptor;
private final ActionProperties properties;

@SneakyThrows
final Action asAction() {
var payload = signedTextDescriptor.getPayload();
var signatureStatus = signedTextDescriptor.getSignatureStatus();
var result = yamlObjectMapper.readValue(payload, Action.class);
var properties = this.properties.toBuilder().signatureStatus(signatureStatus).build();
result.postLoad(properties);
return result;
try {
var payload = signedTextDescriptor.getPayload();
var signatureStatus = signedTextDescriptor.getSignatureStatus();
var result = yamlObjectMapper.readValue(payload, Action.class);
var properties = this.properties.toBuilder().signatureStatus(signatureStatus).build();
result.postLoad(properties);
return result;
} catch ( Exception e ) {
throw createException(properties, e);
}
}

public String asString() {
return signedTextDescriptor.getPayload();
}

@SneakyThrows
final ObjectNode asJson() {
var payload = signedTextDescriptor.getPayload();
var signatureStatus = signedTextDescriptor.getSignatureStatus();
String name = properties.getName();
boolean custom = properties.isCustom();
var customString = custom?"Yes":"No";
// TODO see ActionLoader#loadSignedTextDescriptor; for internal actions
// we currently don't evaluate signatures until we implement functionality
// for signing these during or after build.
var signatureString = !custom || signatureStatus==SignatureStatus.VALID_SIGNATURE
? "Valid" : "Invalid";
return yamlObjectMapper.readValue(payload, ObjectNode.class)
.put("name", name)
.put("custom", custom)
.put("customString", customString)
.put("signatureStatus", signatureStatus.toString())
.put("signatureString", signatureString);
try {
var payload = signedTextDescriptor.getPayload();
var signatureStatus = signedTextDescriptor.getSignatureStatus();
String name = properties.getName();
boolean custom = properties.isCustom();
var customString = custom?"Yes":"No";
// TODO see ActionLoader#loadSignedTextDescriptor; for internal actions
// we currently don't evaluate signatures until we implement functionality
// for signing these during or after build.
var signatureString = !custom || signatureStatus==SignatureStatus.VALID_SIGNATURE
? "Valid" : "Invalid";
return yamlObjectMapper.readValue(payload, ObjectNode.class)
.put("name", name)
.put("custom", custom)
.put("customString", customString)
.put("signatureStatus", signatureStatus.toString())
.put("signatureString", signatureString);
} catch ( Exception e ) {
throw createException(properties, e);
}
}

private final RuntimeException createException(ActionProperties properties, Exception e) {
return wrapException("Error loading action "+properties.getName(), e);
}
}

Expand Down Expand Up @@ -338,6 +355,11 @@ private static final String failedMessage(SignedTextDescriptor descriptor) {
}
}

private static final RuntimeException wrapException(String msg, Exception e) {
if ( e instanceof AbortedByUserException ) { return (AbortedByUserException)e; }
return new IllegalStateException(msg, e);
}

@FunctionalInterface
private static interface ActionLoadResultProcessor {
Break process(ActionLoadResult loadResult);
Expand Down
7 changes: 6 additions & 1 deletion fcli-core/fcli-common/src/main/java/com/fortify/cli/common/cli/mixin/CommonOptionMixins.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ public void checkConfirmed(Object... promptArgs) {
if ( response.equalsIgnoreCase(expectedResponse) ) {
return;
} else {
throw new IllegalStateException("Aborting: operation aborted by user");
throw new AbortedByUserException("Aborting: operation aborted by user");
}
}
}
Expand All @@ -77,5 +77,10 @@ private String getPlainPrompt(CommandSpec spec, Object... promptArgs) {
}
return prompt;
}

public static final class AbortedByUserException extends IllegalStateException {
private static final long serialVersionUID = 1L;
public AbortedByUserException(String msg) { super(msg); }
}
}
}
1 change: 1 addition & 0 deletions .../fcli-common/src/main/resources/com/fortify/cli/common/i18n/FortifyCLIMessages.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ fcli.action.sign.out = Output signed action YAML file
fcli.action.sign.with = PEM file containing private key used for signing
fcli.action.sign.info = YAML file containing informational properties to be added to the signed file
fcli.action.sign.pubout = Optional path to write public key
fcli.action.resolver.from = Optional local or remote zip-file from which to load the action

# Generic, non command-specific output and query options
arggroup.output.heading = Output options:%n
Expand Down
5 changes: 3 additions & 2 deletions fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/action/cli/cmd/FoDActionCommands.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,12 @@
@Command(
name = "action",
subcommands = {
// TODO Re-enable import & reset commands once re-implemented
FoDActionGetCommand.class,
FoDActionHelpCommand.class,
FoDActionImportCommand.class,
//FoDActionImportCommand.class,
FoDActionListCommand.class,
FoDActionResetCommand.class,
//FoDActionResetCommand.class,
FoDActionRunCommand.class,
}
)
Expand Down
5 changes: 3 additions & 2 deletions fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionCommands.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,12 @@
@Command(
name = "action",
subcommands = {
// TODO Re-enable import & reset commands once re-implemented
SSCActionGetCommand.class,
SSCActionHelpCommand.class,
SSCActionImportCommand.class,
//SSCActionImportCommand.class,
SSCActionListCommand.class,
SSCActionResetCommand.class,
//SSCActionResetCommand.class,
SSCActionRunCommand.class,
SSCActionSignCommand.class,
}
Expand Down

0 comments on commit f2a966e

Please sign in to comment.