diff --git a/parliament/cli.py b/parliament/cli.py index e5f6001..2748242 100755 --- a/parliament/cli.py +++ b/parliament/cli.py @@ -120,7 +120,9 @@ def find_files(directory, exclude_pattern=None, policy_extension=""): return discovered_files -def main(): +def main(argv): + with open("/tmp/parliament.log", "w") as fout: + fout.write(f"Argv: {argv}\n") parser = argparse.ArgumentParser() parser.add_argument( "--aws-managed-policies", @@ -143,6 +145,11 @@ def main(): type=argparse.FileType("r"), default=sys.stdin, ) + parser.add_argument( + "--files", + help="Provide a comma-separated list of policies", + type=str, + ) parser.add_argument( "--directory", help="Provide a path to directory with policy files", type=str ) @@ -195,7 +202,10 @@ def main(): action="version", version="%(prog)s {version}".format(version=__version__), ) - args = parser.parse_args() + args = parser.parse_args(args=argv[1:]) + + with open("/tmp/parliament.log", "a") as fout: + fout.write(f"Files: {args.files}\n") log_level = logging.ERROR log_format = "%(message)s" @@ -217,9 +227,10 @@ def main(): # If I have some stdin to read it should be my policy, file input should indicate stdin if not sys.stdin.isatty() and args.file.name != "": parser.error("You cannot pass a file with --file and use stdin together") + elif args.file.name != "" and args.files: + parser.error("You cannot pass files with both --file and --files together") # Change the exit status if there are errors - exit_status = 0 findings = [] if args.include_community_auditors: @@ -315,6 +326,20 @@ def main(): config=config, ) findings.extend(policy.findings) + elif args.files and not args.directory: + for file_path in (stripped_path for path in args.files.split(",") if (stripped_path := path.strip())): + path = Path(file_path) + contents = path.read_text() + with open("/tmp/parliament.log", "a") as fout: + fout.write(f"Path: {path}\nContents: {contents}\n") + policy = analyze_policy_string( + contents, + file_path, + private_auditors_custom_path=args.private_auditors, + include_community_auditors=args.include_community_auditors, + config=config, + ) + findings.extend(policy.findings) elif args.file and not args.directory: contents = args.file.read() args.file.close() @@ -345,7 +370,7 @@ def main(): findings.extend(policy.findings) else: parser.print_help() - exit(-1) + return -1 filtered_findings = [] for finding in findings: @@ -355,14 +380,18 @@ def main(): if len(filtered_findings) == 0: # Return with exit code 0 if no findings - return + return 0 for finding in filtered_findings: print_finding(finding, args.minimal, args.json) # There were findings, so return with a non-zero exit code - exit(1) + return 1 + + +def cli() -> int: + sys.exit(main(sys.argv)) if __name__ == "__main__": - main() + cli() diff --git a/setup.py b/setup.py index 3405060..9042d9d 100644 --- a/setup.py +++ b/setup.py @@ -30,7 +30,7 @@ def get_description(): long_description=get_description(), long_description_content_type="text/markdown", url="https://github.com/duo-labs/parliament", - entry_points={"console_scripts": "parliament=parliament.cli:main"}, + entry_points={"console_scripts": "parliament=parliament.cli:cli"}, test_suite="tests/unit", tests_require=TESTS_REQUIRE, extras_require={"dev": TESTS_REQUIRE + ["autoflake", "autopep8", "pylint"]},