iriusrisk / iriusrisk-cli Goto Github PK

1.0 5.0 0.0 80 KB

Command Line Interface for IriusRisk

License: Apache License 2.0

Java 100.00%

iriusrisk-cli's Introduction

irius-cli - Command Line Interface for the IriusRisk threat modeling platform

This CLI utility calls the IriusRisk API to perform key operations on your threat model. It's available as a single JAR and a compiled Linux binary.

Usage

irius [-hV] [COMMAND]
  -h, --help      Show this help message and exit.
  -V, --version   Print version information and exit.
Commands:
  help            Displays help information about the specified command
  product         Display product related information
  threat          Display threats for a given product
  countermeasure  Display countermeasure information
  configure       Manage configuration

Getting Started

Download the Linux binary from the releases or download the single JAR file from the releases and run it with a Java 11 JRE.
Set the URL of your IriusRisk instance:

./irius configure url set "https://myserver.iriusrisk.com/api/v1"

Set the API authentication token for your user to access the IriusRisk API:

./irius configure token set "my-unique-authentication-token"

These settings are stored in the file ~/.irius/credentials

Building

The JAR file

This project depends on the IriusRisk Java client library: https://github.com/iriusrisk/iriusrisk-client-lib/tree/develop which is not published to Maven central. Download that library and install to your local maven repository. The current version of this CLI depends on the develop branch of the client library. Once the library is installed in maven, then build the CLI:

mvn package

The Native binary

This requires GraalVM for at least Java 11.

mvn package

Modifying

There are a number of additional files needed by the GraalVM compiler to generate the native image, these are located in: src/main/resources/META-INF/native-image/com.iriusrisk.cli/irius-cli/

The native-image.properties file passes additional arguments to the native-image GraalVM command to locate these files. If you add new commands to the CLI then you will need to regenerate these files using the agent provided by GraalVM:

java -agentlib:native-image-agent=config-output-dir=src/main/resources/META-INF/native-image/com.iriusrisk.cli/irius-cli/

Note that an additional file from the iriusrisk-client-lib is also used to generate the binary, but that file is automatically generated when building that library.

iriusrisk-cli's People

Contributors

Stargazers

Watchers

iriusrisk-cli's Issues

JSON mapping

Actually, at CredentialUtils, we have to read some information from a file and print it as a JSON.
Since the information is not written as a JSON we are forced to map it on the fly to print it on the desired format. To avoid this problem we should be using Jackson.

For this task to be implemented four points must be completed:

Credentials must be modeled, there has to be an object describing every of its elements. (This will make it easier to validate them before writing)
Whenever any information is written in credentials file it should be done using Jackson so that it is written directly in JSON format
Whenever credentials are retrieved it must be done directly from Jackson's API, it will return you the object that models credentials
To convert Credentials object to a String (in order to print it) Jackson should be invoked

There are other mappers out there for Java but Jackson is the standard since it is declared as Spring's standard.

Merge cf-import-integration into main branch

Api error should have message as parameter

When we throw an error we should not be sending always an static message

Instead apiError(spec) erasure should be modified to apiError(spec, message) so that we can send a customized error, and only if message is null then we send the default Error while sending the API.

The benefit is that when we want to invoke this method

we can use e.getMessage() to customize the error thrown in the cli.

Make a native image available

Use something like GraalVM to build native images for Windows 10, Linux and Mac OS X.
This should be part of the build process.

Main manifest

Needs to be able to run with: java -jar irius-cli.jar

Change name of generated jar to irius-cli.jar
Add a main manifest

Add URL for IriusRisk instance as a configuration item similar to the API Key

Move token validation to first step of every operation

As can be seen on the documentation api token validation must happen at the beginning of every operation

This is for cleanliness since we should stop code execution the fastest as possible if we know that there is an inconsistency.

Also, when there is no api token, we know which exception we have to be throw so there should be no need of having an if in ErrorUtil.apiError(spec)

Instead we can have an specific method for that exception, avoiding the centralization of execution flows, we can have an ErrorUtil.noTokenError() which will be more clear to developers.

Change CloudFormation import command

Currently CF can be imported into a new product using this command:
irius product create [-cf=] [-i=]
[-mf=] [-n=]
[-p=]

Change the "create" command to an "import" command:
irius product import -type=cf -f= -i=]
[-mf=] [-n=]
[-p=]
The description for the "import" command should be: Create a new product in IriusRisk from an external model format. Currently supported formats are: AWS CloudFormation.

Change package name

The base package name should be: com.iriusrisk.cli.