Skip to content

Commit 1ccdfd9

Browse files
eFAILutioneFAILution
committed
fix(cli): context-aware zsh completion per scanner type
Only show container flags (--image, --discover, --scanners) for argus scan container, and DAST flags (--target, --port, --scan-type) for argus scan zap. All other scanners show only common flags.
1 parent d06adb0 commit 1ccdfd9

1 file changed

Lines changed: 40 additions & 21 deletions

File tree

completions/argus.zsh

Lines changed: 40 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -38,28 +38,47 @@ _argus() {
3838
args)
3939
case "${words[1]}" in
4040
scan)
41-
_arguments \
42-
'1:scanner:($scanners)' \
43-
'(-p --path)'{-p,--path}'[Path to scan]:path:_files -/' \
44-
'(-c --config)'{-c,--config}'[Path to argus.yml]:config:_files' \
45-
'(-o --output-dir)'{-o,--output-dir}'[Output directory]:dir:_files -/' \
46-
'(-s --severity-threshold)'{-s,--severity-threshold}'[Fail threshold]:severity:($severity)' \
47-
'(-f --format)'{-f,--format}'[Output format]:format:($formats)' \
48-
'--output-vars[Write counts to file]:file:_files' \
49-
'--list[List available scanners]' \
50-
'(-v --verbose)'{-v,--verbose}'[Enable verbose output]' \
51-
'--no-spinner[Disable spinner]' \
52-
'--no-timestamp[Flat output directory]' \
53-
'--fail-fast[Abort on first failure]' \
54-
'--timeout[Per-scanner timeout]:seconds:' \
55-
'--image[Container image to scan]:image:' \
56-
'--discover[Discover Dockerfiles]:path:_files -/' \
57-
'--scanners[Sub-scanners for container]:scanners:' \
58-
'--target[URL to scan]:url:' \
59-
'--port[Override exposed port]:port:' \
60-
'--env[Environment variable]:env:' \
61-
'--scan-type[ZAP scan type]:type:(baseline full)' \
41+
local -a scan_common scan_container scan_dast scan_args
42+
43+
scan_common=(
44+
'1:scanner:($scanners)'
45+
'(-p --path)'{-p,--path}'[Path to scan]:path:_files -/'
46+
'(-c --config)'{-c,--config}'[Path to argus.yml]:config:_files'
47+
'(-o --output-dir)'{-o,--output-dir}'[Output directory]:dir:_files -/'
48+
'(-s --severity-threshold)'{-s,--severity-threshold}'[Fail threshold]:severity:($severity)'
49+
'(-f --format)'{-f,--format}'[Output format]:format:($formats)'
50+
'--output-vars[Write counts to file]:file:_files'
51+
'--list[List available scanners]'
52+
'(-v --verbose)'{-v,--verbose}'[Enable verbose output]'
53+
'--no-spinner[Disable spinner]'
54+
'--no-timestamp[Flat output directory]'
55+
'--fail-fast[Abort on first failure]'
56+
'--timeout[Per-scanner timeout]:seconds:'
57+
)
58+
59+
scan_container=(
60+
'--image[Container image to scan]:image:'
61+
'--discover[Discover Dockerfiles]:path:_files -/'
62+
'--scanners[Sub-scanners (trivy,grype,syft)]:scanners:'
63+
)
64+
65+
scan_dast=(
66+
'--target[URL to scan]:url:'
67+
'--image[Container image to scan]:image:'
68+
'--port[Override exposed port]:port:'
69+
'--env[Environment variable]:env:'
70+
'--scan-type[ZAP scan type]:type:(baseline full)'
6271
'--startup-timeout[Target startup timeout]:seconds:'
72+
)
73+
74+
# Show scanner-specific flags based on selected scanner
75+
scan_args=("${scan_common[@]}")
76+
case "${words[2]}" in
77+
container) scan_args+=("${scan_container[@]}") ;;
78+
zap) scan_args+=("${scan_dast[@]}") ;;
79+
esac
80+
81+
_arguments "${scan_args[@]}"
6382
;;
6483
report)
6584
_arguments \

0 commit comments

Comments
 (0)