Added additional starting documentation

3 years ago · 1e04b9b7d3
8 changed files with 46 additions and 15 deletions
--- a/README.md
+++ b/README.md
@ -10,9 +10,10 @@ The integration into the CI/CD is left up to the user, but can be as simple as c
 ## Table Of Contents

 1. [Usage](#usage)
-2. [Building](#building)
-3. [Contributing](#contributing)
-4. [License](#license)
+2. [Features](#features)
+3. [Building](#building)
+4. [Contributing](#contributing)
+5. [License](#license)

 ## Usage

@ -41,6 +42,28 @@ pinned-package-updater --remote <address of the upstream service> check
 pinned-package-updater --remote <address of the upstream service> update
 ```

+## Features
+
+- [ ] Supported base images
+  - [ ] Alpine Linux 
+    - (3.11, 3.12, 3.13, 3.14) are recognized by default, other versions may need additional configuration
+  - [ ] Debian 
+    - (jessie, stretch, buster, bullseye) are recognized by default, other versions may need additional configuration
+  - [ ] Ubuntu 
+    - (16.04, 18.04, 20.04) are recognized by default, other versions may need additional configuration
+  - [ ] Red Hat Enterprise Linux 
+    - (8, 9) are recognized by default, other versions may need additional configurations
+  - [ ] Others with explicit configuration of package manager and default upstream repositories
+- [ ] Resolve pinned packages in Dockerfiles
+  - [ ] Support for Alpine based images (apk)
+  - [ ] Support for Debian based images (apt, apt-get)
+  - [ ] Support for Red Hat Enterprise Linux based images (yum, dnf)
+- [ ] Interrogate upstream package systems for package and version information
+  - [ ] Support for Alpine based package repositories
+  - [ ] Support for Debian based package repositories
+  - [ ] Support for Red Hat Enterprise Linux based package repositories
+- [ ] Patch Dockerfiles in place with the recommended version upgrades
+
 ## Building

 To build `pinned-package-updater`, run `go build`
--- a/cmd/check.go
+++ b/cmd/check.go
@ -25,15 +25,21 @@ import (
 // checkCmd represents the check command
 var checkCmd = &cobra.Command{
 	Use:   "check",
-	Short: "Check for updates to pinned packages in a Dockerfile",
-	Long: `A longer description that spans multiple lines and likely contains examples
-and usage of using your command. For example:
+	Short: "Check for updates to pinned packages in a alpine.Dockerfile",
+	Long: `Read a alpine.Dockerfile, identify the repositories and packages it references, and locate required
+updates to satisfy the requirement of running the latest security version for the pinned packages.

-TODO: Add longer description with examples
+To run in standalone mode, provide a alpine.Dockerfile path to evaluate or rely on the default
+behavior which looks for a alpine.Dockerfile in the current directory.

-Cobra is a CLI library for Go that empowers applications.
-This application is a tool to generate the needed files
-to quickly create a Cobra application.`,
+pinned-package-updater check [alpine.Dockerfile]
+
+
+To run in distributed mode, provide the remote address of the service that will
+provide information about the remote.
+
+pinned-package-updater --remote <address of the upstream service> check [alpine.Dockerfile]
+`,
 	Run: func(cmd *cobra.Command, args []string) {
 		fmt.Println("check called")
 	},
--- a/cmd/root.go
+++ b/cmd/root.go
@ -24,7 +24,8 @@ import (
 	"github.com/spf13/viper"
 )

-var cfgFile string
+var configFile string
+var remoteURL string

 // rootCmd represents the base command when called without any subcommands
 var rootCmd = &cobra.Command{
@ -56,7 +57,8 @@ func init() {
 	// Cobra supports persistent flags, which, if defined here,
 	// will be global for your application.

-	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.pinned-package-updater.yaml OR ./.pinned-package-updater.yaml)")
+	rootCmd.PersistentFlags().StringVar(&configFile, "config", "", "config file (default is $HOME/.pinned-package-updater.yaml OR ./.pinned-package-updater.yaml)")
+	rootCmd.PersistentFlags().StringVar(&remoteURL, "remote", "", "remote url for distributed mode (example: https://ppu.example.com/)")

 	// Cobra also supports local flags, which will only run
 	// when this action is called directly.
@ -65,8 +67,8 @@ func init() {

 // initConfig reads in config file and ENV variables if set.
 func initConfig() {
-	if cfgFile != "" {
-		viper.SetConfigFile(cfgFile)
+	if configFile != "" {
+		viper.SetConfigFile(configFile)
 	} else {
 		// Search config in home directory with name ".pinned-package-updater" (without extension).
 		homeDirectory, homeDirectoryErr := os.UserHomeDir()
--- a/cmd/update.go
+++ b/cmd/update.go
@ -25,7 +25,7 @@ import (
 // updateCmd represents the update command
 var updateCmd = &cobra.Command{
 	Use:   "update",
-	Short: "Update pinned packages in a Dockerfile",
+	Short: "Update pinned packages in a alpine.Dockerfile",
 	Long: `A longer description that spans multiple lines and likely contains examples
 and usage of using your command. For example:

--- a/distribution/alpine.Dockerfile
+++ b/distribution/alpine.Dockerfile
--- a/distribution/debian.Dockerfile
+++ b/distribution/debian.Dockerfile
--- a/distribution/rhel.Dockerfile
+++ b/distribution/rhel.Dockerfile
--- a/distribution/ubuntu.Dockerfile
+++ b/distribution/ubuntu.Dockerfile