lib/contrast/tasks/config.rb in contrast-agent-6.0.0 vs lib/contrast/tasks/config.rb in contrast-agent-6.1.0
- old
+ new
@@ -5,11 +5,11 @@
require 'contrast/configuration'
require 'contrast/agent/reporting/reporter'
module Contrast
# A Rake task to generate a contrast_security.yaml file with some basic settings
- module Config
+ module Config # rubocop:disable Metrics/ModuleLength
extend Rake::DSL
DEFAULT_CONFIG = {
'api' => {
'url' => 'Enter your Contrast URL ex: https://app.contrastsecurity.com/Contrast',
'api_key' => 'Enter your Contrast api key',
@@ -30,10 +30,11 @@
}
}
}.cs__freeze
SKIP_LOG = %w[service_key api_key].cs__freeze
+ REQUIRED = %i[url api_key service_key user_name].cs__freeze
namespace :contrast do
namespace :config do
desc 'Create a contrast_security.yaml in the applications root directory'
task :create do
@@ -60,33 +61,32 @@
Contrast::Config.validate_config
puts '...done!'
puts 'Validating Contrast Reporter Headers...'
reporter = Contrast::Config.validate_headers
puts '...done!'
- puts 'Testing Client Connection...'
+ puts 'Testing Reporter Client Connection...'
Contrast::Config.test_connection(reporter) if reporter
puts '...done!'
end
end
- def self.validate_config # rubocop:disable Metrics/PerceivedComplexity
+
+ def self.validate_config
config = Contrast::Configuration.new
abort('Unable to Build Config') unless config
-
- required = %i[url api_key service_key user_name]
-
missing = []
- config.root.api.each do |key, value|
- puts "#{ key }::#{ value }" unless value.is_a?(Contrast::Config::BaseConfiguration) || SKIP_LOG.includes?(key)
+ api_hash = config.root.api.to_hash
+ api_hash.each_key do |key|
+ value = mask_keys api_hash, key
if value.is_a?(Contrast::Config::ApiProxyConfiguration)
Contrast::Config.validate_proxy(value)
elsif value.is_a?(Contrast::Config::CertificationConfiguration)
Contrast::Config.validate_cert(value)
next
elsif value.is_a?(Contrast::Config::RequestAuditConfiguration)
Contrast::Config.validate_audit(value)
next
- elsif value == Contrast::Config::BaseConfiguration::EMPTY_VALUE && required.includes?(key.to_sym)
+ elsif value.nil? && REQUIRED.includes?(key.to_sym)
missing << key
end
end
abort("Missing required API configuration values: #{ missing.join(', ') }") unless missing.empty?
end
@@ -121,20 +121,29 @@
end
def self.validate_headers
missing = []
reporter = Contrast::Agent::Reporter.new
- reporter.client.headers.to_hash.each_pair do |key, value|
- puts "#{ key }::#{ value }"
+ reporter_headers = reporter.client.headers.to_hash
+ reporter_headers.each_key do |key|
+ value = mask_keys reporter_headers, key
missing << key if value.nil?
end
abort("Missing required header values: #{ missing.join(', ') }") unless missing.empty?
reporter
end
def self.test_connection reporter
- abort('Failed to Initialize Connection please check error logs for details') unless reporter.connection
- abort('Failed to Start Client please check error logs for details') unless reporter.client.startup!
+ connection = reporter.connection
+ abort('Failed to Initialize Connection please check error logs for details') unless connection
+ abort('Failed to Start Client please check error logs for details') unless reporter.client.startup! connection
+ end
+
+ def self.mask_keys hash, key
+ value = hash[key]
+ redacted_value = Contrast::Configuration::REDACTED if SKIP_LOG.include?(key.to_s)
+ puts "#{ key }::#{ redacted_value || value }" unless value.is_a?(Contrast::Config::BaseConfiguration)
+ value
end
end
end
end