vaultace-cli
Version:
AI-powered security scanner that detects vulnerabilities in AI-generated code. Proactive scanning, autonomous fixing, and emergency response for modern development teams.
222 lines (184 loc) ā¢ 6.84 kB
JavaScript
/**
* Integrations Command - Native CI/CD and tool integrations
*/
const { Command } = require('commander')
const chalk = require('chalk')
const ora = require('ora')
const fs = require('fs-extra')
const path = require('path')
const { getAPIClient } = require('../services/api-client')
const integrationsCommand = new Command('integrations')
.alias('int')
.description('š CI/CD and security tool integrations')
// GitHub Actions integration
integrationsCommand
.command('github-action')
.description('Generate GitHub Action for security workflows')
.option('--workflow <name>', 'workflow name', 'vaultace-security')
.option('--on <events>', 'trigger events', 'push,pull_request')
.option('--auto-fix', 'enable automatic fixing')
.action(async (options) => {
const spinner = ora('Generating GitHub Action...').start()
try {
const workflowContent = `name: ${options.workflow}
on:
${options.on.split(',').map(event => event.trim()).join(':\n ')}:
jobs:
vaultace-security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Install Vaultace CLI
run: npm install -g @vaultace/cli
- name: Authenticate Vaultace
run: vaultace auth login --token \${{ secrets.VAULTACE_TOKEN }}
- name: Security Scan
run: |
vaultace scan --remote --format json --output security-results.json
vaultace intelligence insights --timeframe 1d
${options.autoFix ? `- name: Auto-fix Vulnerabilities
run: vaultace fix auto --safe-only
- name: Commit Fixes
uses: stefanzweifel/git-auto-commit-action@v4
with:
commit_message: "š Auto-fix security vulnerabilities"
file_pattern: "*.js *.ts *.py *.go"` : ''}
- name: Upload Security Report
uses: actions/upload-artifact@v4
with:
name: vaultace-security-report
path: security-results.json`
const workflowPath = '.github/workflows'
await fs.ensureDir(workflowPath)
const fileName = `${options.workflow}.yml`
const filePath = path.join(workflowPath, fileName)
await fs.writeFile(filePath, workflowContent)
spinner.succeed('GitHub Action generated')
console.log(chalk.green(`\nā
GitHub Action created: ${filePath}`))
console.log(chalk.yellow('\nRequired secrets:'))
console.log(' VAULTACE_TOKEN - Your Vaultace API token')
console.log(chalk.blue('\nAdd secret: Settings ā Secrets ā Actions ā New repository secret'))
} catch (error) {
spinner.fail('Failed to generate GitHub Action')
console.error(chalk.red(`Error: ${error.message}`))
}
})
// GitLab CI integration
integrationsCommand
.command('gitlab-ci')
.description('Generate GitLab CI configuration')
.option('--stage <name>', 'pipeline stage', 'security')
.action(async (options) => {
const spinner = ora('Generating GitLab CI configuration...').start()
try {
const gitlabConfig = `# Vaultace Security Pipeline
vaultace-security:
stage: ${options.stage}
image: node:18-alpine
before_script:
- npm install -g @vaultace/cli
- vaultace auth login --token $VAULTACE_TOKEN
script:
- vaultace scan --remote --ci
- vaultace intelligence insights
artifacts:
reports:
junit: vaultace-security-report.xml
paths:
- security-results.json
only:
- merge_requests
- main`
await fs.writeFile('.gitlab-ci-vaultace.yml', gitlabConfig)
spinner.succeed('GitLab CI configuration generated')
console.log(chalk.green('\nā
GitLab CI config created: .gitlab-ci-vaultace.yml'))
console.log(chalk.yellow('\nAdd to your main .gitlab-ci.yml:'))
console.log(' include: .gitlab-ci-vaultace.yml')
} catch (error) {
spinner.fail('Failed to generate GitLab CI configuration')
console.error(chalk.red(`Error: ${error.message}`))
}
})
// Slack integration
integrationsCommand
.command('slack')
.description('Configure Slack notifications')
.option('--webhook <url>', 'Slack webhook URL')
.option('--channel <name>', 'Slack channel', '#security')
.action(async (options) => {
const spinner = ora('Configuring Slack integration...').start()
const apiClient = getAPIClient()
try {
if (!apiClient.isAuthenticated()) {
spinner.fail('Authentication required')
console.log(chalk.yellow('Please login first: vaultace auth login'))
return
}
const integrationData = {
type: 'slack',
webhook_url: options.webhook,
channel: options.channel,
events: ['vulnerability_found', 'fix_applied', 'scan_completed']
}
// This would call your backend integration API
console.log(chalk.blue('\nš Slack Integration Configuration'))
console.log(`Channel: ${options.channel}`)
console.log('Events: Vulnerability alerts, Fix notifications, Scan reports')
spinner.succeed('Slack integration configured')
} catch (error) {
spinner.fail('Slack integration failed')
console.error(chalk.red(`Error: ${error.message}`))
}
})
// VSCode extension setup
integrationsCommand
.command('vscode')
.description('Generate VSCode workspace configuration')
.action(async () => {
const spinner = ora('Generating VSCode configuration...').start()
try {
const vscodeConfig = {
'settings': {
'vaultace.autoScan': true,
'vaultace.showInlineWarnings': true,
'vaultace.aiAssistance': true
},
'extensions': {
'recommendations': [
'vaultace.vaultace-security'
]
},
'tasks': {
'version': '2.0.0',
'tasks': [
{
'label': 'Vaultace Security Scan',
'type': 'shell',
'command': 'vaultace scan --format table',
'group': 'build',
'presentation': {
'echo': true,
'reveal': 'always'
}
}
]
}
}
await fs.ensureDir('.vscode')
await fs.writeFile('.vscode/settings.json', JSON.stringify(vscodeConfig, null, 2))
spinner.succeed('VSCode configuration generated')
console.log(chalk.green('\nā
VSCode workspace configured'))
console.log('Features enabled:')
console.log(' ā¢ Auto security scanning')
console.log(' ā¢ Inline vulnerability warnings')
console.log(' ā¢ AI-powered assistance')
} catch (error) {
spinner.fail('VSCode configuration failed')
console.error(chalk.red(`Error: ${error.message}`))
}
})
module.exports = integrationsCommand