cli/generate: add flag for output file

cli/cmd/generate.go

@@ -10,6 +10,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io"
 	"io/fs"
 	"log/slog"
 	"os"
@@ -72,6 +73,7 @@ subcommands.`,
 	cmd.Flags().String("image-replacements", "", "path to image replacements file")
 	cmd.Flags().Bool("skip-initializer", false, "skip injection of Contrast Initializer")
 	cmd.Flags().Bool("skip-service-mesh", false, "skip injection of Contrast service mesh sidecar")
+	cmd.Flags().StringP("output", "o", "", "output file for generated YAML")
 	must(cmd.Flags().MarkHidden("image-replacements"))
 	must(cmd.MarkFlagFilename("policy", "rego"))
 	must(cmd.MarkFlagFilename("settings", "json"))
@@ -95,6 +97,17 @@ func runGenerate(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	if flags.outputFile != "" {
+		if fi, err := os.Stat(flags.outputFile); err == nil && fi.IsDir() {
+			return fmt.Errorf("output file %s is a directory", flags.outputFile)
+		}
+		tmpDir, newPaths, err := getTmpPaths(paths)
+		if err != nil {
+			return fmt.Errorf("get temporary paths: %w", err)
+		}
+		defer os.RemoveAll(tmpDir)
+		paths = newPaths
+	}
 
 	// generate a manifest by checking if a manifest exists and using that,
 	// or otherwise using a default.
@@ -129,6 +142,17 @@ func runGenerate(cmd *cobra.Command, args []string) error {
 	if err := generatePolicies(cmd.Context(), flags, paths, log); err != nil {
 		return fmt.Errorf("generate policies: %w", err)
 	}
+
+	if flags.outputFile != "" {
+		combinedYAML, err := getCombinedYAML(paths)
+		if err != nil {
+			return fmt.Errorf("get combined YAML: %w", err)
+		}
+		if err := os.WriteFile(flags.outputFile, combinedYAML, 0o644); err != nil {
+			return fmt.Errorf("write output file: %w", err)
+		}
+	}
+
 	fmt.Fprintln(cmd.OutOrStdout(), "✔️ Generated workload policy annotations")
 
 	policies, err := policiesFromKubeResources(paths)
@@ -374,6 +398,43 @@ func runtimeClassNamePatcher(handler string) func(*applycorev1.PodSpecApplyConfi
 	}
 }
 
+func getTmpPaths(paths []string) (string, []string, error) {
+	tmpDir, err := os.MkdirTemp("", "contrast-generate")
+	if err != nil {
+		return "", nil, fmt.Errorf("create temporary directory: %w", err)
+	}
+	var newPaths []string
+	for _, path := range paths {
+		in, err := os.Open(path)
+		if err != nil {
+			return "", nil, fmt.Errorf("open %s: %w", path, err)
+		}
+		out, err := os.Create(filepath.Join(tmpDir, filepath.Base(path)))
+		if err != nil {
+			return "", nil, fmt.Errorf("create %s: %w", path, err)
+		}
+		if _, err := io.Copy(out, in); err != nil {
+			return "", nil, fmt.Errorf("copy %s: %w", path, err)
+		}
+		in.Close()
+		out.Close()
+		newPaths = append(newPaths, filepath.Join(tmpDir, filepath.Base(path)))
+	}
+	return "", newPaths, nil
+}
+
+func getCombinedYAML(paths []string) ([]byte, error) {
+	var combinedYAML []byte
+	for _, path := range paths {
+		data, err := os.ReadFile(path)
+		if err != nil {
+			return nil, fmt.Errorf("read %s: %w", path, err)
+		}
+		combinedYAML = append(combinedYAML, data...)
+	}
+	return combinedYAML, nil
+}
+
 func addWorkloadOwnerKeyToManifest(manifst *manifest.Manifest, keyPath string) error {
 	keyData, err := os.ReadFile(keyPath)
 	if err != nil {
@@ -453,6 +514,7 @@ type generateFlags struct {
 	imageReplacementsFile   string
 	skipInitializer         bool
 	skipServiceMesh         bool
+	outputFile              string
 }
 
 func parseGenerateFlags(cmd *cobra.Command) (*generateFlags, error) {
@@ -529,6 +591,10 @@ func parseGenerateFlags(cmd *cobra.Command) (*generateFlags, error) {
 	if err != nil {
 		return nil, err
 	}
+	outputFile, err := cmd.Flags().GetString("output")
+	if err != nil {
+		return nil, err
+	}
 
 	return &generateFlags{
 		policyPath:              policyPath,
@@ -543,6 +609,7 @@ func parseGenerateFlags(cmd *cobra.Command) (*generateFlags, error) {
 		imageReplacementsFile:   imageReplacementsFile,
 		skipInitializer:         skipInitializer,
 		skipServiceMesh:         skipServiceMesh,
+		outputFile:              outputFile,
 	}, nil
 }