From eedc7883481bde4bfe4f4e855d2e2f5bcdf75515 Mon Sep 17 00:00:00 2001 From: chaosinthecrd Date: Wed, 3 Jan 2024 16:54:04 +0000 Subject: [PATCH] added to docgen to autoupdate docs and updated docs --- cmd/config.go | 2 +- docgen/docs.go | 61 +++++++++++++++++++++++++++++++++++ docs/config.md | 84 ++++++++++++++++++++++++++++++++++++------------- docs/witness.md | 1 + 4 files changed, 126 insertions(+), 22 deletions(-) diff --git a/cmd/config.go b/cmd/config.go index eb3d611e..b9c0bdda 100644 --- a/cmd/config.go +++ b/cmd/config.go @@ -82,7 +82,7 @@ func initConfig(rootCmd *cobra.Command, rootOptions *options.RootOptions) error return nil } -func genConfig(rootCmd *cobra.Command, path string) error { +func GenConfig(rootCmd *cobra.Command, path string) error { v := viper.New() // Currently we do not accept configuration for root commands diff --git a/docgen/docs.go b/docgen/docs.go index f7877adc..ddb5c3d3 100644 --- a/docgen/docs.go +++ b/docgen/docs.go @@ -16,7 +16,10 @@ package main import ( "flag" + "fmt" "log" + "os" + "strings" "github.com/in-toto/witness/cmd" "github.com/spf13/cobra/doc" @@ -34,4 +37,62 @@ func main() { if err := doc.GenMarkdownTree(cmd.New(), directory); err != nil { log.Fatalf("Error generating docs: %s", err) } + + err := cmd.GenConfig(cmd.New(), "template.witness.yml") + if err != nil { + log.Fatalf("Error generating docs: %s", err) + } + + f, err := os.ReadFile("template.witness.yml") + if err != nil { + log.Fatalf("Error generating docs: %s", err) + } + + os.Remove("template.witness.yml") + + updateConfigMd(f) +} + +func updateConfigMd(newYAML []byte) error { + // Read the Markdown file + fileName := "docs/config.md" + content, err := os.ReadFile(fileName) + if err != nil { + log.Fatalf("Error generating docs: %s", err) + } + + fileContent := string(content) + comment := "" + yamlBlockStart := "```yaml" + yamlBlockEnd := "```" + + // Find the position of the comment + commentPos := strings.Index(fileContent, comment) + if commentPos == -1 { + log.Fatalf("Error generating docs: %s", err) + } + + // Find the positions of the YAML block + yamlStartPos := strings.Index(fileContent[commentPos:], yamlBlockStart) + if yamlStartPos == -1 { + log.Fatalf("Error generating docs: %s", err) + } + yamlStartPos += commentPos + len(yamlBlockStart) + + yamlEndPos := strings.Index(fileContent[yamlStartPos:], yamlBlockEnd) + if yamlEndPos == -1 { + log.Fatalf("Error generating docs: %s", err) + } + yamlEndPos += yamlStartPos + + // Replace the YAML block entirely + fileContent = fileContent[:yamlStartPos] + fmt.Sprintf("\n%s\n", string(newYAML)) + fileContent[yamlEndPos:] + + // Write the updated content back to the file + err = os.WriteFile(fileName, []byte(fileContent), 0644) + if err != nil { + log.Fatalf("Error generating docs: %s", err) + } + + return nil } diff --git a/docs/config.md b/docs/config.md index 80932553..cad79fb5 100644 --- a/docs/config.md +++ b/docs/config.md @@ -4,29 +4,71 @@ TestifySec Witness looks for the configuration file `.witness.yaml` in the curre Any values in the configuration file will be overridden by the command line arguments. + ```yaml run: - attestations: stringSlice - certificate: string - intermediates: stringSlice - key: string - outfile: string - rekor-server: string - spiffe-socket: string - step: string - trace: bool - workingdir: string + archivist-server: "" + archivista-server: "" + attestations: [] + attestor-product-exclude-glob: "" + attestor-product-include-glob: "" + enable-archivist: "" + enable-archivista: "" + hashes: [] + outfile: "" + signer-file-cert-path: "" + signer-file-intermediate-paths: [] + signer-file-key-path: "" + signer-fulcio-oidc-client-id: "" + signer-fulcio-oidc-issuer: "" + signer-fulcio-token: "" + signer-fulcio-token-path: "" + signer-fulcio-url: "" + signer-spiffe-socket-path: "" + signer-vault-altnames: [] + signer-vault-commonname: "" + signer-vault-namespace: "" + signer-vault-pki-secrets-engine-path: "" + signer-vault-role: "" + signer-vault-token: "" + signer-vault-ttl: "" + signer-vault-url: "" + step: "" + timestamp-servers: [] + trace: "" + workingdir: "" sign: - certificate: string - datatype: string - intermediates: stringSlice - key: string - outfile: string - spiffe-socket: string + datatype: "" + infile: "" + outfile: "" + signer-file-cert-path: "" + signer-file-intermediate-paths: [] + signer-file-key-path: "" + signer-fulcio-oidc-client-id: "" + signer-fulcio-oidc-issuer: "" + signer-fulcio-token: "" + signer-fulcio-token-path: "" + signer-fulcio-url: "" + signer-spiffe-socket-path: "" + signer-vault-altnames: [] + signer-vault-commonname: "" + signer-vault-namespace: "" + signer-vault-pki-secrets-engine-path: "" + signer-vault-role: "" + signer-vault-token: "" + signer-vault-ttl: "" + signer-vault-url: "" + timestamp-servers: [] verify: - artifactfile: string - artifacthash: string - attestations: stringSlice - publickey: string - policy: string + archivist-server: "" + archivista-server: "" + artifactfile: "" + attestations: [] + enable-archivist: "" + enable-archivista: "" + policy: "" + policy-ca: [] + publickey: "" + subjects: [] + ``` diff --git a/docs/witness.md b/docs/witness.md index 2d9beaa5..412eba50 100644 --- a/docs/witness.md +++ b/docs/witness.md @@ -13,6 +13,7 @@ Collect and verify attestations about your build environments ### SEE ALSO * [witness completion](witness_completion.md) - Generate completion script +* [witness gen-config](witness_gen-config.md) - Generate a template configuration file with empty values. * [witness run](witness_run.md) - Runs the provided command and records attestations about the execution * [witness sign](witness_sign.md) - Signs a file * [witness verify](witness_verify.md) - Verifies a witness policy