cloudburn 0.1.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -0
- package/dist/cli.js +59 -25
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -14,6 +14,36 @@ npm install -g cloudburn
|
|
|
14
14
|
cloudburn
|
|
15
15
|
```
|
|
16
16
|
|
|
17
|
+
`cloudburn scan --format json` emits the lean canonical grouped result:
|
|
18
|
+
|
|
19
|
+
```json
|
|
20
|
+
{
|
|
21
|
+
"providers": [
|
|
22
|
+
{
|
|
23
|
+
"provider": "aws",
|
|
24
|
+
"rules": [
|
|
25
|
+
{
|
|
26
|
+
"ruleId": "CLDBRN-AWS-EBS-1",
|
|
27
|
+
"service": "ebs",
|
|
28
|
+
"source": "iac",
|
|
29
|
+
"message": "EBS volumes should use current-generation storage.",
|
|
30
|
+
"findings": [
|
|
31
|
+
{
|
|
32
|
+
"resourceId": "aws_ebs_volume.gp2_data",
|
|
33
|
+
"location": {
|
|
34
|
+
"path": "main.tf",
|
|
35
|
+
"startLine": 4,
|
|
36
|
+
"startColumn": 3
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
]
|
|
40
|
+
}
|
|
41
|
+
]
|
|
42
|
+
}
|
|
43
|
+
]
|
|
44
|
+
}
|
|
45
|
+
```
|
|
46
|
+
|
|
17
47
|
## License
|
|
18
48
|
|
|
19
49
|
Apache-2.0
|
package/dist/cli.js
CHANGED
|
@@ -53,29 +53,52 @@ var registerRulesListCommand = (program) => {
|
|
|
53
53
|
|
|
54
54
|
// src/commands/scan.ts
|
|
55
55
|
import { CloudBurnScanner } from "@cloudburn/sdk";
|
|
56
|
+
import { InvalidArgumentError } from "commander";
|
|
56
57
|
|
|
57
58
|
// src/exit-codes.ts
|
|
58
59
|
var EXIT_CODE_OK = 0;
|
|
59
60
|
var EXIT_CODE_POLICY_VIOLATION = 1;
|
|
60
61
|
|
|
61
62
|
// src/formatters/json.ts
|
|
62
|
-
var formatJson = (
|
|
63
|
+
var formatJson = (result) => JSON.stringify(result, null, 2);
|
|
64
|
+
|
|
65
|
+
// src/formatters/shared.ts
|
|
66
|
+
var flattenScanResult = (result) => result.providers.flatMap(
|
|
67
|
+
(providerGroup) => providerGroup.rules.flatMap(
|
|
68
|
+
(ruleGroup) => ruleGroup.findings.map((finding) => ({
|
|
69
|
+
provider: providerGroup.provider,
|
|
70
|
+
ruleId: ruleGroup.ruleId,
|
|
71
|
+
service: ruleGroup.service,
|
|
72
|
+
source: ruleGroup.source,
|
|
73
|
+
message: ruleGroup.message,
|
|
74
|
+
finding
|
|
75
|
+
}))
|
|
76
|
+
)
|
|
77
|
+
);
|
|
78
|
+
var countScanResultFindings = (result) => flattenScanResult(result).length;
|
|
63
79
|
|
|
64
|
-
// src/formatters/
|
|
65
|
-
var
|
|
66
|
-
if (
|
|
67
|
-
return
|
|
80
|
+
// src/formatters/sarif.ts
|
|
81
|
+
var toSarifLocation = (finding) => {
|
|
82
|
+
if (!finding.location) {
|
|
83
|
+
return void 0;
|
|
68
84
|
}
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
85
|
+
return [
|
|
86
|
+
{
|
|
87
|
+
physicalLocation: {
|
|
88
|
+
artifactLocation: {
|
|
89
|
+
uri: finding.location.path
|
|
90
|
+
},
|
|
91
|
+
region: {
|
|
92
|
+
startLine: finding.location.startLine,
|
|
93
|
+
startColumn: finding.location.startColumn,
|
|
94
|
+
...finding.location.endLine ? { endLine: finding.location.endLine } : {},
|
|
95
|
+
...finding.location.endColumn ? { endColumn: finding.location.endColumn } : {}
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
];
|
|
75
100
|
};
|
|
76
|
-
|
|
77
|
-
// src/formatters/sarif.ts
|
|
78
|
-
var formatSarif = (findings) => JSON.stringify(
|
|
101
|
+
var formatSarif = (result) => JSON.stringify(
|
|
79
102
|
{
|
|
80
103
|
version: "2.1.0",
|
|
81
104
|
runs: [
|
|
@@ -85,11 +108,12 @@ var formatSarif = (findings) => JSON.stringify(
|
|
|
85
108
|
name: "cloudburn"
|
|
86
109
|
}
|
|
87
110
|
},
|
|
88
|
-
results:
|
|
89
|
-
ruleId
|
|
111
|
+
results: flattenScanResult(result).map(({ ruleId, message, finding }) => ({
|
|
112
|
+
ruleId,
|
|
90
113
|
// Severity was intentionally removed — all findings are warnings until a priority model is added.
|
|
91
114
|
level: "warning",
|
|
92
|
-
message: { text:
|
|
115
|
+
message: { text: message },
|
|
116
|
+
...finding.location ? { locations: toSarifLocation(finding) } : {}
|
|
93
117
|
}))
|
|
94
118
|
}
|
|
95
119
|
]
|
|
@@ -99,29 +123,39 @@ var formatSarif = (findings) => JSON.stringify(
|
|
|
99
123
|
);
|
|
100
124
|
|
|
101
125
|
// src/formatters/table.ts
|
|
102
|
-
var formatTable = (
|
|
103
|
-
|
|
126
|
+
var formatTable = (result) => {
|
|
127
|
+
const flattenedFindings = flattenScanResult(result);
|
|
128
|
+
if (flattenedFindings.length === 0) {
|
|
104
129
|
return "No findings.";
|
|
105
130
|
}
|
|
106
|
-
return
|
|
131
|
+
return flattenedFindings.map(({ provider, ruleId, source, service, message, finding }) => {
|
|
132
|
+
const location = finding.location ? ` ${finding.location.path}:${finding.location.startLine}:${finding.location.startColumn}` : "";
|
|
133
|
+
return `${provider} ${ruleId} ${source} ${service} ${finding.resourceId}${location} ${message}`;
|
|
134
|
+
}).join("\n");
|
|
107
135
|
};
|
|
108
136
|
|
|
109
137
|
// src/commands/scan.ts
|
|
138
|
+
var supportedScanFormats = ["table", "json", "sarif"];
|
|
139
|
+
var parseScanFormat = (value) => {
|
|
140
|
+
if (supportedScanFormats.includes(value)) {
|
|
141
|
+
return value;
|
|
142
|
+
}
|
|
143
|
+
throw new InvalidArgumentError(`Invalid format "${value}". Allowed formats: ${supportedScanFormats.join(", ")}.`);
|
|
144
|
+
};
|
|
110
145
|
var formatters = {
|
|
111
146
|
json: formatJson,
|
|
112
|
-
markdown: formatMarkdown,
|
|
113
147
|
sarif: formatSarif,
|
|
114
148
|
table: formatTable
|
|
115
149
|
};
|
|
116
150
|
var registerScanCommand = (program) => {
|
|
117
|
-
program.command("scan [path]").description("Run static IaC scan or live AWS scan").option("--live", "Run live AWS scan").option("--format <format>", "Output format: table|json|
|
|
151
|
+
program.command("scan [path]").description("Run static IaC scan or live AWS scan").option("--live", "Run live AWS scan").option("--format <format>", "Output format: table|json|sarif", parseScanFormat, "table").option("--exit-code", "Exit with code 1 when findings exist").action(async (path, options) => {
|
|
118
152
|
const scanner = new CloudBurnScanner();
|
|
119
153
|
const result = options.live ? await scanner.scanLive() : await scanner.scanStatic(path ?? process.cwd());
|
|
120
|
-
const format = formatters[options.format ?? "table"]
|
|
121
|
-
const output = format(result
|
|
154
|
+
const format = formatters[options.format ?? "table"];
|
|
155
|
+
const output = format(result);
|
|
122
156
|
process.stdout.write(`${output}
|
|
123
157
|
`);
|
|
124
|
-
if (options.exitCode && result
|
|
158
|
+
if (options.exitCode && countScanResultFindings(result) > 0) {
|
|
125
159
|
process.exitCode = EXIT_CODE_POLICY_VIOLATION;
|
|
126
160
|
return;
|
|
127
161
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cloudburn",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"description": "Cloudburn CLI for cloud cost optimization",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
],
|
|
12
12
|
"dependencies": {
|
|
13
13
|
"commander": "^13.1.0",
|
|
14
|
-
"@cloudburn/sdk": "0.
|
|
14
|
+
"@cloudburn/sdk": "0.5.0"
|
|
15
15
|
},
|
|
16
16
|
"devDependencies": {
|
|
17
17
|
"@biomejs/biome": "^2.4.6",
|