Add --json-indent option

PaloAltoNetworks · Oct 5, 2022 · a1c6eb6 · a1c6eb6
1 parent f33987f
commit a1c6eb6
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 10 deletions.
diff --git a/cmd/collect.go b/cmd/collect.go
@@ -1,8 +1,6 @@
 package cmd
 
 import (
-	"encoding/json"
-
 	"github.com/PaloAltoNetworks/rbac-police/pkg/collect"
 	"github.com/spf13/cobra"
 
@@ -23,9 +21,11 @@ func runCollect(cmd *cobra.Command, args []string) {
 	if collectResult == nil {
 		return // error printed by Collect()
 	}
-	output, err := json.Marshal(collectResult)
+
+	// Output collect results
+	output, err := marshalResults(collectResult)
 	if err != nil {
-		log.Errorln("runCollect: failed to marshal results with", err)
+		log.Errorln("runCollect: failed to marshal collectResult with", err)
 		return
 	}
 	outputResults(output)

diff --git a/cmd/eval.go b/cmd/eval.go
@@ -104,14 +104,14 @@ func runEval(cmd *cobra.Command, args []string) {
 	}
 
 	if !shortMode {
-		output, err = json.MarshalIndent(policyResults, "", "    ")
+		output, err = marshalResults(policyResults)
 		if err != nil {
 			log.Errorln("runEval: failed to marshal results with", err)
 			return
 		}
 	} else {
 		abbreviatedResults := eval.AbbreviateResults(policyResults)
-		output, err = json.MarshalIndent(abbreviatedResults, "", "    ")
+		output, err = marshalResults(abbreviatedResults)
 		if err != nil {
 			log.Errorln("runEval: failed to marshal abbreviated results with", err)
 			return

diff --git a/cmd/expand.go b/cmd/expand.go
@@ -51,11 +51,14 @@ func runExpand(cmd *cobra.Command, args []string) {
 		collectResult = *collectResultPtr
 	}
 
+	// Expand collection results
 	expandResult := expand.Expand(collectResult)
 	if expandResult == nil {
 		return // error printed by Expand()
 	}
-	output, err := json.MarshalIndent(expandResult, "", "    ")
+
+	// Output expand results
+	output, err := marshalResults(expandResult)
 	if err != nil {
 		log.Errorln("runExpand: failed to marshal results with", err)
 		return

diff --git a/cmd/root.go b/cmd/root.go
@@ -1,9 +1,10 @@
 package cmd
 
 import (
+	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
+	"strings"
 
 	"github.com/PaloAltoNetworks/rbac-police/pkg/collect"
 	log "github.com/sirupsen/logrus"
@@ -14,6 +15,7 @@ import (
 var (
 	outFile       string
 	loudMode      bool
+	jsonIndentLen uint
 	collectConfig collect.CollectConfig
 
 	rootCmd = &cobra.Command{
@@ -35,6 +37,7 @@ func Execute() {
 func init() {
 	rootCmd.PersistentFlags().StringVarP(&outFile, "out-file", "o", "", "save results to file")
 	rootCmd.PersistentFlags().BoolVarP(&loudMode, "loud", "l", false, "loud mode, print results regardless of -o")
+	rootCmd.PersistentFlags().UintVarP(&jsonIndentLen, "json-indent", "j", 4, "json indent, 0 means compact mode")
 	// Collect config
 	rootCmd.PersistentFlags().BoolVarP(&collectConfig.AllServiceAccounts, "all-serviceaccounts", "a", false, "collect data on all serviceAccounts, not only those assigned to a pod")
 	rootCmd.PersistentFlags().BoolVarP(&collectConfig.DiscoverProtections, "discover-protections", "w", false, "discover features gates and admission controllers that protect against certain attacks, partly by emulating the attacks via impersonation & dry-run write operations")
@@ -48,7 +51,7 @@ func init() {
 // Prints and / or saves output to file
 func outputResults(output []byte) {
 	if outFile != "" {
-		err := ioutil.WriteFile(outFile, output, 0644)
+		err := os.WriteFile(outFile, output, 0644)
 		if err != nil {
 			log.Errorf("runCollect: failed to write results to %v with %v\n", outFile, err)
 			return
@@ -60,10 +63,32 @@ func outputResults(output []byte) {
 	fmt.Println(string(output))
 }
 
-// Is an option related to collection set
+// Is an option related to collection is set
 func collectionOptionsSet() bool {
 	return collectConfig.IgnoreControlPlane || collectConfig.AllServiceAccounts ||
 		collectConfig.Namespace != "" || collectConfig.NodeUser != "" ||
 		(len(collectConfig.NodeGroups) != 1 && collectConfig.NodeGroups[0] != "system:nodes") ||
 		collectConfig.DiscoverProtections
 }
+
+// Marshal results into a json byte slice, indented based on the global jsonIndentLen variable
+func marshalResults(results interface{}) ([]byte, error) {
+	if jsonIndentLen > 0 {
+		return json.MarshalIndent(results, "", getIndent(jsonIndentLen))
+	} else {
+		return json.Marshal(results) // compact json output
+	}
+}
+
+// Create an indent string in the length of @jsonIndentLength, maxed at 12 chars.
+func getIndent(jsonIndentLength uint) string {
+	return strings.Repeat(" ", int(uintMin(jsonIndentLength, 12)))
+}
+
+// Return the minimum number
+func uintMin(a uint, b uint) uint {
+	if a < b {
+		return a
+	}
+	return b
+}