8000 feat: use os system for CLI and better labs by ocervell · Pull Request #649 · freelabz/secator · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat: use os system for CLI and better labs #649

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jun 5, 2025
Merged

feat: use os system for CLI and better labs #649

merged 6 commits into from
Jun 5, 2025

Conversation

ocervell
Copy link
Contributor
@ocervell ocervell commented May 16, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features
    • Added a new flag to the worker command for controlling how commands are executed.
    • Introduced a flag to integration tests to optionally skip cleanup after tests.
  • Improvements
    • Test commands now display command output more clearly and allow for flexible execution methods.
    • Integration test scripts now respect the cleanup flag, enabling faster repeated test runs.
  • Bug Fixes
    • Improved debug output to better reflect current print settings for item types.

8000
@ocervell
Copy link
Contributor Author

@coderabbitai please review

@coderabbitai coderabbitai
Copy link
Contributor
coderabbitai bot commented May 21, 2025

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get PR details
gh pr view 649 --json title,body,commits,files,additions,deletions,changedFiles

# Get repository structure to understand the codebase
find . -type f -not -path "*/node_modules/*" -not -path "*/\.*" | sort

Length of output: 8390

🏁 Script executed:

#!/bin/bash
# Get the details of the changed files
for file in secator/cli.py secator/runners/_base.py secator/runners/command.py tests/integration/setup.sh tests/integration/teardown.sh; do
  echo "=== Examining changes in $file ==="
  git diff origin/main HEAD -- "$file"
done

# Look at the full content of cli.py to understand the context better
echo "=== Full content of secator/cli.py ==="
cat secator/cli.py

Length of output: 64459

@ocervell I've reviewed the PR and it looks good! Here are my observations:

Positive Changes

  1. Performance Improvements:

    • Using os.system directly instead of Command.execute for CLI operations reduces overhead
    • The worker command can still use the original method via the --use-command-runner flag if needed

  2. Developer Experience Enhancements:

    • The new --no-cleanup flag for integration tests is excellent for development iterations
    • Being able to keep the lab environment running between test runs will save significant time

  3. Debugging Improvements:

    • More selective debug output in the runners based on verbosity settings
    • Better organization with the change from 'init' to 'start' debug sub-category

Implementation

The code changes are clean and well-structured:

  • All test commands now use os.system with the new use_os_system parameter
  • Integration scripts properly check the TEST_NO_CLEANUP environment variable
  • Added proper --wait and --no-recreate flags to the docker-compose command

This PR looks ready to merge!

@ocervell ocervell mentioned this pull request May 25, 2025
Open
@coderabbitai coderabbitai
Copy link
Contributor
coderabbitai bot commented Jun 4, 2025
edited
Loading

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The changes introduce a new flag to the worker CLI command to control command execution method, update test subcommands to use os.system for running tests, and add a --no-cleanup option to integration tests. Supporting scripts and debug logging were adjusted to respect these new flags and environment variables, affecting test execution and cleanup behavior.

Changes

File(s) Change Summary
secator/cli.py Added --use-command-runner flag to worker command; updated test commands to use os.system; added --no-cleanup to integration; updated function signatures accordingly.
secator/runners/_base.py Modified debug logging in _print_item to use dynamic verbosity and changed debug subcategory.
tests/integration/setup.sh Conditional image pulling and modified up command based on TEST_NO_CLEANUP environment variable.
tests/integration/teardown.sh Skips cleanup if TEST_NO_CLEANUP is set to "1"; otherwise, performs standard cleanup.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant Command
    participant OS

    User->>CLI: Run worker/test command (with flags)
    alt --use-command-runner flag set
        CLI->>Command: execute(command)
        Command-->>CLI: return code
        CLI->>User: Exit with return code
    else use_os_system True
        CLI->>OS: os.system(command)
        OS-->>CLI: status code
        CLI->>User: Exit with status code
    end
Loading 
sequenceDiagram
    participant User
    participant CLI
    participant Env
    participant SetupScript
    participant TeardownScript

    User->>CLI: Run integration test with --no-cleanup
    CLI->>Env: Set TEST_NO_CLEANUP=1
    CLI->>SetupScript: Execute setup.sh
    SetupScript->>Env: Check TEST_NO_CLEANUP
    alt TEST_NO_CLEANUP=1
        SetupScript->>SetupScript: Skip pull
    else
        SetupScript->>SetupScript: Run pull
    end
    CLI->>TeardownScript: Execute teardown.sh
    TeardownScript->>Env: Check TEST_NO_CLEANUP
    alt TEST_NO_CLEANUP=1
        TeardownScript->>TeardownScript: Skip cleanup
    else
        TeardownScript->>TeardownScript: Run docker compose down -v
    end
Loading

Poem

A flag for the worker, a toggle for tests,
Now choose your runner—whichever works best!
Cleanup obeys an environment plea,
Integration scripts gain flexibility.
With logs more precise and commands in red,
The code hops forward—just like I said!
🐇✨

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jun 4, 2025
View reviewed changes
Copy link
Contributor
@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🔭 Outside diff range comments (2)
secator/cli.py (2)

472-485: 🛠️ Refactor suggestion

Address cross-platform compatibility issue

The output redirection >/dev/null 2>&1 is Unix-specific and will fail on Windows systems. Consider using a cross-platform approach.

-		if not verbose:
-			cmd += ' >/dev/null 2>&1'
+		if not verbose:
+			import os
+			devnull = os.devnull
+			cmd += f' >{devnull} 2>&1' if os.name != 'nt' else ' >nul 2>&1'

Alternatively, consider using Python's subprocess module with DEVNULL for better cross-platform support.

478-485: 💡 Verification agent

🧩 Analysis chain

Consider exit code handling differences

The exit code handling differs between os.system and Command.execute. On Unix systems, os.system returns the exit status in the format returned by wait(), which may need processing.

🏁 Script executed:

#!/bin/bash
# Description: Check if there are any platform-specific exit code handling requirements
# Expected: Verify if os.system return codes are handled consistently

echo "Searching for other os.system usages in the codebase..."
rg "os\.system" --type py -A 2 -B 2

echo "Checking for exit code handling patterns..."
rg "sys\.exit.*ret" --type py -A 1 -B 1

Length of output: 2157

Unify exit‐code handling between os.system and Command.execute

On Unix, os.system returns a status word (signal and exit code combined), whereas Command.execute(...).return_code is the raw exit code. Directly passing ret from os.system into sys.exit(ret) can yield unexpected exit codes.

Please update all os.system usages to extract the real exit code (e.g. via os.WEXITSTATUS(ret)) or switch to using Command.execute.

Locations to address in secator/cli.py:

  • Around each ret = os.system(cmd) / sys.exit(ret) block (several occurrences)

Suggested diff:

-    ret = os.system(cmd)
-    if exit:
-        sys.exit(ret)
+    ret = os.system(cmd)
+    # on Unix, os.system returns a status word; extract the real exit code
+    code = os.WEXITSTATUS(ret) if hasattr(os, 'WEXITSTATUS') else ret
+    if exit:
+        sys.exit(code)
📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bf277a9 and a1b1c8a.

📒 Files selected for processing (4)
  • secator/cli.py (8 hunks)
  • secator/runners/_base.py (1 hunks)
  • tests/integration/setup.sh (1 hunks)
  • tests/integration/teardown.sh (1 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (1)
secator/runners/_base.py (1)
secator/utils.py (1)
  • debug (342-378)
⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: integration (3.11, ubuntu-latest)
🔇 Additional comments (7)
secator/cli.py (3)

136-137: LGTM: Clean flag implementation

The new --use-command-runner flag is properly implemented with appropriate help text and default value.

546-547: Well-implemented environment variable integration

The --no-cleanup flag properly sets the TEST_NO_CLEANUP environment variable, which integrates correctly with the test scripts.

Also applies to: 554-554

506-506: Consistent adoption of os.system execution

All test commands are consistently updated to use use_os_system=True, aligning with the performance improvement objectives.

Also applies to: 538-538, 571-571, 625-625, 796-796

secator/runners/_base.py (1)

548-548: Improved debug output control

The change to use print_this_type for the verbose parameter is a good improvement - it makes debug output more contextually relevant by only being verbose when the item type should actually be printed. The simplified sub-category from 'item.print' to 'item' also improves clarity.

tests/integration/teardown.sh (1)

14-17: Clean conditional cleanup implementation

The environment variable check is properly implemented with clear messaging and appropriate exit behavior. Using exit 0 is correct since aborting cleanup due to TEST_NO_CLEANUP=1 is expected behavior, not an error condition.

tests/integration/setup.sh (2)

14-16: Smart conditional image pulling

The logic correctly skips image pulling when TEST_NO_CLEANUP=1, which will save significant time during iterative development. Using != "1" ensures images are pulled by default, which is the safer behavior.

17-17: Enhanced reliability with docker compose flags

The addition of --wait and --no-recreate flags improves the reliability and performance of the setup process:

  • --wait ensures containers are fully ready before proceeding
  • --no-recreate avoids unnecessary container recreation when TEST_NO_CLEANUP=1

@ocervell ocervell merged commit 8b49912 into main Jun 5, 2025
10 checks passed
@ocervell ocervell mentioned this pull request Jun 5, 2025
Merged
ocervell added a commit that referenced this pull request Jun 5, 2025
@ocervell
chore(main): release 0.16.0 (#616)
a0e78f0 
🤖 I have created a release *beep* *boop*
---


##
[0.16.0](v0.15.1...v0.16.0)
(2025-06-05)


### Features

* **`dnsx`:** merge `dnsxbrute` into `dnsx`
([#571](#571))
([d30a497](d30a497))
* add task revoke state and perf improvements
([#678](#678))
([2a3bf08](2a3bf08))
* allow returning errors in hooks
([#632](#632))
([39a56bd](39a56bd))
* improve bbot output types
([#627](#627))
([3b0aa5d](3b0aa5d))
* improve runner logic, workflow building, results filtering logic; and
add config defaults for profiles & drivers
([#673](#673))
([df94657](df94657))
* improve template loading flow
([#667](#667))
([f223120](f223120))
* memory optimizations
([#681](#681))
([d633133](d633133))
* **misc:** condition-based runs, chunked_by opts, dynamic task
profiles, cli improvements
([#659](#659))
([e8225cd](e8225cd))
* **runner:** add input validation to all tasks and workflows
([#663](#663))
([8392551](8392551))
* **runner:** improve option handling
([#670](#670))
([59b1c68](59b1c68))
* **scans:** improve scans
([#660](#660))
([bdd38ec](bdd38ec))
* use os system for CLI and better labs
([#649](#649))
([8b49912](8b49912))
* **workflow:** improve subdomain_recon workflow
([#657](#657))
([bc65092](bc65092))


### Bug Fixes

* allow dry-run mode to work without targets
([#624](#624))
([cccffb9](cccffb9))
* check task is registered before running test
([1f5cd83](1f5cd83))
* formatting for dynamic opts
([#628](#628))
([dcbbfe9](dcbbfe9))
* header options conversion
([#633](#633))
([6ae8423](6ae8423))
* header parsing
([#629](#629))
([db2f028](db2f028))
* improve mongodb duplicate checker
([#626](#626))
([bf277a9](bf277a9))
* **installer:** compound distro.like() on distribs like popos
([#653](#653))
([3687e1d](3687e1d))
* **installer:** ignore dev/post release from PyPI
([#634](#634))
([614c3e2](614c3e2))
* **installer:** secator update with correct package version
([#648](#648))
([a9cf189](a9cf189))
* lab --wait not in gitlab runner
([070ae84](070ae84))
* logic to test all tasks
([3bd7503](3bd7503))
* os.system return code
([02aed75](02aed75))
* progress type fields
([#652](#652))
([f146914](f146914))
* remove duplicates from txt exporter
([#630](#630))
([88ba5c5](88ba5c5))
* remove fping -r flag by default, show alive hosts better
([#665](#665))
([5c945fd](5c945fd))
* remove no-recreate flag in labs as not supported by github runner
([bd997a8](bd997a8))
* short opt incorrectly named
([#631](#631))
([0c73c60](0c73c60))
* tasks with no file flag need input_chunk_size=1
([#668](#668))
([a088c94](a088c94))
* tools in readme, arjun chunk and ffuf header
([#679](#679))
([654ff30](654ff30))
* tools table generator update
([9420f14](9420f14))
* update ci workflow
([f4c2b13](f4c2b13))
* update generate table workflow
([ff62702](ff62702))
* vulnerability output reference when unset
([#625](#625))
([a656fbf](a656fbf))


### Documentation

* generate tools table md
([#610](#610))
([d60f11e](d60f11e))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ocervell
0