Config Spec Driven Scan Execution
Opened this issue · 0 comments
abhisek commented
Overview
vet
currently executes a scan based on command line arguments. While this is flexible, there are quite a lot of args and it will increase as the tool evolves. This will make CI integration complex, particularly building a Github Action runner while considering all args will not be a good experience. We have already identified this as a problem in #23
Requirements
- Define a config file spec for SafeDep
- Implement a file based config repository
- Enforce schema validation while read config from file
- Support YAML based file format
User Experience
- A scan specification for a repository can be defined in a file
.vet/scan.yml
vet
automatically decodes the scan spec and executes the scan based on it without command line args