added to docgen to autoupdate docs and updated docs

cmd/config.go

@@ -82,7 +82,7 @@ func initConfig(rootCmd *cobra.Command, rootOptions *options.RootOptions) error
 	return nil
 }
 
-func genConfig(rootCmd *cobra.Command, path string) error {
+func GenConfig(rootCmd *cobra.Command, path string) error {
 	v := viper.New()
 
 	// Currently we do not accept configuration for root commands

docgen/docs.go

@@ -16,7 +16,10 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"log"
+	"os"
+	"strings"
 
 	"github.com/in-toto/witness/cmd"
 	"github.com/spf13/cobra/doc"
@@ -34,4 +37,62 @@ func main() {
 	if err := doc.GenMarkdownTree(cmd.New(), directory); err != nil {
 		log.Fatalf("Error generating docs: %s", err)
 	}
+
+	err := cmd.GenConfig(cmd.New(), "template.witness.yml")
+	if err != nil {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+
+	f, err := os.ReadFile("template.witness.yml")
+	if err != nil {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+
+	os.Remove("template.witness.yml")
+
+	updateConfigMd(f)
+}
+
+func updateConfigMd(newYAML []byte) error {
+	// Read the Markdown file
+	fileName := "docs/config.md"
+	content, err := os.ReadFile(fileName)
+	if err != nil {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+
+	fileContent := string(content)
+	comment := "<!-- Config file YAML placeholder -->"
+	yamlBlockStart := "```yaml"
+	yamlBlockEnd := "```"
+
+	// Find the position of the comment
+	commentPos := strings.Index(fileContent, comment)
+	if commentPos == -1 {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+
+	// Find the positions of the YAML block
+	yamlStartPos := strings.Index(fileContent[commentPos:], yamlBlockStart)
+	if yamlStartPos == -1 {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+	yamlStartPos += commentPos + len(yamlBlockStart)
+
+	yamlEndPos := strings.Index(fileContent[yamlStartPos:], yamlBlockEnd)
+	if yamlEndPos == -1 {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+	yamlEndPos += yamlStartPos
+
+	// Replace the YAML block entirely
+	fileContent = fileContent[:yamlStartPos] + fmt.Sprintf("\n%s\n", string(newYAML)) + fileContent[yamlEndPos:]
+
+	// Write the updated content back to the file
+	err = os.WriteFile(fileName, []byte(fileContent), 0644)
+	if err != nil {
+		log.Fatalf("Error generating docs: %s", err)
+	}
+
+	return nil
 }

docs/config.md

@@ -4,29 +4,71 @@ TestifySec Witness looks for the configuration file `.witness.yaml` in the curre
 
 Any values in the configuration file will be overridden by the command line arguments.
 
+<!-- Config file YAML placeholder -->
 ```yaml
 run:
-    attestations: stringSlice
-    certificate: string
-    intermediates: stringSlice
-    key: string
-    outfile: string
-    rekor-server: string
-    spiffe-socket: string
-    step: string
-    trace: bool
-    workingdir: string
+    archivist-server: ""
+    archivista-server: ""
+    attestations: []
+    attestor-product-exclude-glob: ""
+    attestor-product-include-glob: ""
+    enable-archivist: ""
+    enable-archivista: ""
+    hashes: []
+    outfile: ""
+    signer-file-cert-path: ""
+    signer-file-intermediate-paths: []
+    signer-file-key-path: ""
+    signer-fulcio-oidc-client-id: ""
+    signer-fulcio-oidc-issuer: ""
+    signer-fulcio-token: ""
+    signer-fulcio-token-path: ""
+    signer-fulcio-url: ""
+    signer-spiffe-socket-path: ""
+    signer-vault-altnames: []
+    signer-vault-commonname: ""
+    signer-vault-namespace: ""
+    signer-vault-pki-secrets-engine-path: ""
+    signer-vault-role: ""
+    signer-vault-token: ""
+    signer-vault-ttl: ""
+    signer-vault-url: ""
+    step: ""
+    timestamp-servers: []
+    trace: ""
+    workingdir: ""
 sign:
-    certificate: string
-    datatype: string
-    intermediates: stringSlice
-    key: string
-    outfile: string
-    spiffe-socket: string
+    datatype: ""
+    infile: ""
+    outfile: ""
+    signer-file-cert-path: ""
+    signer-file-intermediate-paths: []
+    signer-file-key-path: ""
+    signer-fulcio-oidc-client-id: ""
+    signer-fulcio-oidc-issuer: ""
+    signer-fulcio-token: ""
+    signer-fulcio-token-path: ""
+    signer-fulcio-url: ""
+    signer-spiffe-socket-path: ""
+    signer-vault-altnames: []
+    signer-vault-commonname: ""
+    signer-vault-namespace: ""
+    signer-vault-pki-secrets-engine-path: ""
+    signer-vault-role: ""
+    signer-vault-token: ""
+    signer-vault-ttl: ""
+    signer-vault-url: ""
+    timestamp-servers: []
 verify:
-    artifactfile: string
-    artifacthash: string
-    attestations: stringSlice
-    publickey: string
-    policy: string
+    archivist-server: ""
+    archivista-server: ""
+    artifactfile: ""
+    attestations: []
+    enable-archivist: ""
+    enable-archivista: ""
+    policy: ""
+    policy-ca: []
+    publickey: ""
+    subjects: []
+
 ```

docs/witness.md

@@ -13,6 +13,7 @@ Collect and verify attestations about your build environments
 ### SEE ALSO
 
 * [witness completion](witness_completion.md)	 - Generate completion script
+* [witness gen-config](witness_gen-config.md)	 - Generate a template configuration file with empty values.
 * [witness run](witness_run.md)	 - Runs the provided command and records attestations about the execution
 * [witness sign](witness_sign.md)	 - Signs a file
 * [witness verify](witness_verify.md)	 - Verifies a witness policy