method-security · methodsecuritysj · Jul 8, 2024 · Jul 8, 2024 · Jul 8, 2024 · Jul 8, 2024
diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
@@ -16,3 +16,26 @@ jobs:
         uses: actions/checkout@v3
       - name: Godel Verify
         run: ./godelw verify
+  check_fern:
+    name: Check Fern
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Setup Node
+        uses: actions/setup-node@v4
+      - name: Install Fern
+        run: npm install -g fern-api
+      - name: Generate Fern
+        run: fern generate --group local
+        env:
+          FERN_TOKEN: ${{ secrets.FERN_TOKEN }}
+      - name: Check Git Status
+        run: |
+          if [[ -n $(git status --porcelain) ]]; then
+            echo "Repository is dirty."
+            git status
+            exit 1
+          else
+            echo "Repository is clean."
+          fi
diff --git a/cmd/loadbalancer.go b/cmd/loadbalancer.go
@@ -0,0 +1,45 @@
+package cmd
+
+import (
+	"github.com/Method-Security/methodazure/internal/loadbalancer"
+	"github.com/spf13/cobra"
+)
+
+// InitLoadBalancerCommand initializes the `methodazure loadbalancer` subcommand that deals with enumerating Load Balanccers in the Azure environment.
+func (a *MethodAzure) InitLoadBalancerCommand() {
+	lbCmd := &cobra.Command{
+		Use:   "loadbalancer",
+		Short: "Audit and command Load Balanccers",
+		Long:  `Audit and command Load Balanccers`,
+	}
+
+	enumerateCmd := &cobra.Command{
+		Use:   "enumerate",
+		Short: "Enumerate Network Security Groups",
+		Long:  `Enumerate Network Security Groups`,
+		Run: func(cmd *cobra.Command, args []string) {
+			subscriptionID, err := cmd.Flags().GetString("subscription-id")
+			if err != nil {
+				errorMessage := err.Error()
+				a.OutputSignal.ErrorMessage = &errorMessage
+				a.OutputSignal.Status = 1
+				return
+			}
+			if subscriptionID == "" {
+				errorMessage := "subscription-id is not set"
+				a.OutputSignal.ErrorMessage = &errorMessage
+				a.OutputSignal.Status = 1
+				return
+			}
+			a.AzureConfig.SubID = subscriptionID
+
+			report := loadbalancer.EnumerateLoadBalancers(cmd.Context(), a.AzureConfig)
+
+			a.OutputSignal.Content = report
+		},
+	}
+	enumerateCmd.PersistentFlags().StringP("subscription-id", "s", "", "Azure subscription ID")
+
+	lbCmd.AddCommand(enumerateCmd)
+	a.RootCmd.AddCommand(lbCmd)
+}
diff --git a/cmd/root.go b/cmd/root.go
@@ -83,7 +83,7 @@ func (a *MethodAzure) InitRootCommand() {
 			case "AzureChina":
 				a.AzureConfig.CloudConfig = cloud.AzureChina
 			default:
-				return errors.New("Invalid cloud name provided")
+				return errors.New("invalid cloud name provided")
 			}
 
 			cred, err := azidentity.NewDefaultAzureCredential(nil)

diff --git a/cmd/subscription.go b/cmd/subscription.go
@@ -27,7 +27,7 @@ func (a *MethodAzure) InitSubscriptionCommand() {
 				a.OutputSignal.Status = 1
 				return
 			}
-			if tryAllClouds == true {
+			if tryAllClouds {
 				clouds = []cloud.Configuration{cloud.AzurePublic, cloud.AzureGovernment, cloud.AzureChina}
 			} else {
 				clouds = []cloud.Configuration{a.AzureConfig.CloudConfig}

diff --git a/fern/definition/api.yml b/fern/definition/api.yml
@@ -0,0 +1 @@
+name: methodazure
diff --git a/fern/definition/interface.yml b/fern/definition/interface.yml
@@ -0,0 +1,34 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fern-api/fern/main/fern.schema.json
+
+types:
+  TransportProtocol:
+    enum:
+      - Tcp
+      - Udp
+      - All
+  Subnet:
+    properties:
+      id: string
+      name: string
+      type: optional<string>
+      addressPrefix: optional<string>
+      addressPrefixes: optional<list<string>>
+  PublicIPAddressDNSSettings:
+    properties:
+      domainNameLabel: string
+      fqdn: string
+      reverseFqdn: string
+  PublicIpAddress:
+    properties:
+      id: string
+      location: string
+      ipAddress: string
+      dnsSettings: optional<PublicIPAddressDNSSettings>
+  InterfaceIpConfiguration:
+    properties:
+      id: string
+      name: string
+      type: optional<string>
+      privateIpAddress: optional<string>
+      publicIpAddress: optional<PublicIpAddress>
+      subnet: optional<Subnet>
diff --git a/fern/definition/loadbalancer.yml b/fern/definition/loadbalancer.yml
@@ -0,0 +1,95 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fern-api/fern/main/fern.schema.json
+
+imports:
+  interface: interface.yml
+types:
+  SubResource:
+    properties:
+      id: string
+  LoadBalancerSKUName:
+    enum:
+      - Basic
+      - Gateway
+      - Standard
+      - Unknown
+  LoadBalancerSKUTier:
+    enum:
+      - Global
+      - Regional
+      - Unknown
+  LoadBalancerSku:
+    properties:
+      name: LoadBalancerSKUName
+      tier: LoadBalancerSKUTier
+  SyncMode:
+    enum:
+      - Automatic
+      - Manual
+  LoadBalancerBackendAddressAdminState:
+    enum:
+      - Down
+      - None
+      - Up
+  NatRulePortMapping:
+    properties:
+      backendPort: integer
+      frontendPort: integer
+      inboundNatRuleName: string
+  LoadBalancerBackendAddress:
+    properties:
+      name: string
+      adminState: optional<LoadBalancerBackendAddressAdminState>
+      ipAddress: optional<string>
+      loadBalancerFrontendIPConfiguration: optional<SubResource>
+      subnet: optional<SubResource>
+      virtualNetwork: optional<SubResource>
+      inboundNatRulesPortMapping: optional<list<NatRulePortMapping>>
+      NetworkInterfaceIpConfigurations: optional<SubResource>
+  BackendAddressPool:
+    docs: |
+      Collection of backend address pools used by the load balancer:
+      https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5#BackendAddressPool
+    properties:
+      id: string
+      name: string
+      type: string
+      loadBalancerBackendAddresses: optional<list<LoadBalancerBackendAddress>>
+      location: optional<string>
+      syncMode: optional<SyncMode>
+      virtualNetwork: optional<SubResource>
+      backendIpConfigurations: optional<list<interface.InterfaceIpConfiguration>>
+  LoadBalancingRule:
+    docs: |
+      LoadBalancingRule represents an Azure Load Balancing Rule as defined in the Azure Go SDK:
+      https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5#LoadBalancingRule
+    properties:
+      id: string
+      name: string
+      frontendPort: integer
+      protocol: interface.TransportProtocol
+      backendAddressPool: optional<SubResource>
+      backendAddressPools: optional<list<SubResource>>
+      backendPort: integer
+      frontendIPConfiguration: optional<SubResource>
+  LoadBalancer:
+    docs: |
+      LoadBalancer represents an Azure Load Balancer as defined in the Azure Go SDK:
+      https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5#LoadBalancer
+    properties:
+      id: string
+      name: string
+      location: string
+      resourceGroup: string
+      resourceGroupId: string
+      sku: LoadBalancerSku
+      backendAddressPools: optional<list<BackendAddressPool>>
+      frontendIPConfigurations: optional<list<interface.InterfaceIpConfiguration>>
+      #inboundNatRules: list<InboundNatRule>
+      loadBalancingRules: optional<list<LoadBalancingRule>>
+      #outboundRules: list<OutboundRule>
+  LoadBalancerReport:
+    properties:
+      subscriptionId: string
+      tenantId: string
+      loadBalancers: list<LoadBalancer>
+      errors: optional<list<string>>
diff --git a/fern/fern.config.json b/fern/fern.config.json
@@ -0,0 +1,4 @@
+{
+  "organization": "method-security",
+  "version": "0.31.17"
+}
diff --git a/fern/generators.yml b/fern/generators.yml
@@ -0,0 +1,16 @@
+default-group: local
+groups:
+  local:
+    generators:
+      - name: fernapi/fern-go-sdk
+        version: 0.22.2
+        config:
+          importpath: github.com/Method-Security/methodazure/generated/go
+        output:
+          location: local-file-system
+          path: ../generated/go
+      - name: fernapi/fern-pydantic-model
+        version: 0.9.1
+        output:
+          location: local-file-system
+          path: ../generated/python
diff --git a/generated/go/client/client.go b/generated/go/client/client.go
@@ -0,0 +1,29 @@
+// This file was auto-generated by Fern from our API Definition.
+
+package client
+
+import (
+	core "github.com/Method-Security/methodazure/generated/go/core"
+	option "github.com/Method-Security/methodazure/generated/go/option"
+	http "net/http"
+)
+
+type Client struct {
+	baseURL string
+	caller  *core.Caller
+	header  http.Header
+}
+
+func NewClient(opts ...option.RequestOption) *Client {
+	options := core.NewRequestOptions(opts...)
+	return &Client{
+		baseURL: options.BaseURL,
+		caller: core.NewCaller(
+			&core.CallerParams{
+				Client:      options.HTTPClient,
+				MaxAttempts: options.MaxAttempts,
+			},
+		),
+		header: options.ToHeader(),
+	}
+}
diff --git a/generated/go/client/client_test.go b/generated/go/client/client_test.go
@@ -0,0 +1,45 @@
+// This file was auto-generated by Fern from our API Definition.
+
+package client
+
+import (
+	option "github.com/Method-Security/methodazure/generated/go/option"
+	assert "github.com/stretchr/testify/assert"
+	http "net/http"
+	testing "testing"
+	time "time"
+)
+
+func TestNewClient(t *testing.T) {
+	t.Run("default", func(t *testing.T) {
+		c := NewClient()
+		assert.Empty(t, c.baseURL)
+	})
+
+	t.Run("base url", func(t *testing.T) {
+		c := NewClient(
+			option.WithBaseURL("test.co"),
+		)
+		assert.Equal(t, "test.co", c.baseURL)
+	})
+
+	t.Run("http client", func(t *testing.T) {
+		httpClient := &http.Client{
+			Timeout: 5 * time.Second,
+		}
+		c := NewClient(
+			option.WithHTTPClient(httpClient),
+		)
+		assert.Empty(t, c.baseURL)
+	})
+
+	t.Run("http header", func(t *testing.T) {
+		header := make(http.Header)
+		header.Set("X-API-Tenancy", "test")
+		c := NewClient(
+			option.WithHTTPHeader(header),
+		)
+		assert.Empty(t, c.baseURL)
+		assert.Equal(t, "test", c.header.Get("X-API-Tenancy"))
+	})
+}