-
Notifications
You must be signed in to change notification settings - Fork 4
/
update.go
207 lines (185 loc) · 5.79 KB
/
update.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
package main
import (
"context"
"fmt"
"io"
"os"
"path"
"github.com/spf13/cobra"
"golang.org/x/mod/modfile"
"golang.org/x/mod/module"
"golang.org/x/mod/semver"
"github.com/CrowdStrike/perseus/internal/git"
"github.com/CrowdStrike/perseus/perseusapi"
)
var (
moduleVersion versionArg
includePrerelease bool
)
// createUpdateCommand initializes and returns a *cobra.Command that implements the 'update' CLI sub-command
func createUpdateCommand() *cobra.Command {
cmd := cobra.Command{
Use: "update path/to/go/module",
Short: "Processes a Go module and updates the Perseus graph with its direct dependencies",
Example: "perseus update . --version 0.11.38\nperseus update $HOME/dev/go/foo --version 1.0.0\nperseus update $HOME/dev/go/bar",
RunE: runUpdateCmd,
SilenceUsage: true,
}
fset := cmd.Flags()
fset.VarP(&moduleVersion, "version", "v", "specifies the version of the Go module to be processed.")
fset.String("server-addr", "", "the TCP host and port of the Perseus server")
fset.BoolVar(&includePrerelease, "prerelease", false, "if specified, include pre-release tags when processing the module")
return &cmd
}
// runUpdateCmd implements the 'update' CLI sub-command.
func runUpdateCmd(cmd *cobra.Command, args []string) error {
// parse parameters and setup options
var (
opts []clientOption
conf clientConfig
)
opts = append(opts, readClientConfigEnv()...)
opts = append(opts, readClientConfigFlags(cmd.Flags())...)
for _, fn := range opts {
if err := fn(&conf); err != nil {
return fmt.Errorf("could not apply client config option: %w", err)
}
}
// validate config
if conf.serverAddr == "" {
return fmt.Errorf("the Perseus server address must be specified")
}
if len(args) != 1 {
return fmt.Errorf("the path to the module is required")
}
moduleDir := path.Clean(args[0])
// extract the module version from the repo if not specified
if moduleVersion == "" {
repo, err := git.Open(moduleDir)
if err != nil {
return err
}
tags, err := repo.VersionTags()
if err != nil {
return nil
}
switch len(tags) {
case 1:
moduleVersion = versionArg(tags[0])
case 0:
return fmt.Errorf("No semver tags exist at the current commit. Please specify a version explicitly.")
default:
return fmt.Errorf("Multiple semver tags exist at the current commit. Please specify a version explicitly. tags=%v", tags)
}
}
if !includePrerelease && semver.Prerelease(string(moduleVersion)) != "" {
fmt.Printf("skipping pre-release tag %s\n", moduleVersion)
return nil
}
// parse the module info
info, err := parseModule(moduleDir)
if err != nil {
return err
}
mod := module.Version{
Path: info.Name,
Version: string(moduleVersion),
}
if debugMode {
fmt.Printf("Processing Go module %s@%s (path=%q)\nDirect Dependencies", info.Name, moduleVersion, moduleDir)
for _, d := range info.Deps {
fmt.Printf("\t%s\n", d)
}
}
// send updates to the Perseus server
if err := applyUpdates(conf, mod, info.Deps); err != nil {
return fmt.Errorf("Unable to update the Perseus graph: %w", err)
}
return nil
}
// applyUpdates calls the Perseus server to update the dependencies of the specified module
func applyUpdates(conf clientConfig, mod module.Version, deps []module.Version) (err error) {
// create the client and call the server
ctx := context.Background()
client, err := conf.dialServer()
if err != nil {
return err
}
req := perseusapi.UpdateDependenciesRequest{
ModuleName: mod.Path,
Version: mod.Version,
}
req.Dependencies = make([]*perseusapi.Module, len(deps))
for i, d := range deps {
req.Dependencies[i] = &perseusapi.Module{
Name: d.Path,
Versions: []string{d.Version},
}
}
if _, err = client.UpdateDependencies(ctx, &req); err != nil {
return err
}
return nil
}
// moduleInfo represents the relevant Go module metadata for this application.
//
// This struct does not contain a version because the Go module library (golang.org/x/mod/modfile)
// does not return a version for the "main" module even if it is a library package.
type moduleInfo struct {
// the module name, ex: github.com/CrowdStrike/perseus
Name string
// zero or more direct dependencies of the module
Deps []module.Version
}
// parseModule reads the module info for a Go module at path p, which should be the path to a folder
// containing a go.mod file.
func parseModule(p string) (info moduleInfo, err error) {
nfo, err := os.Stat(p)
if err != nil {
return info, fmt.Errorf("invalid module path: %w", err)
}
if !nfo.IsDir() {
return info, fmt.Errorf("invalid module path: %w", err)
}
f, err := os.Open(path.Join(p, "go.mod"))
if err != nil {
return info, fmt.Errorf("unable to read go.mod: %w", err)
}
defer f.Close()
contents, _ := io.ReadAll(f)
mf, err := modfile.ParseLax("", contents, nil)
if err != nil {
return info, fmt.Errorf("unable to parse go.mod: %w", err)
}
info.Name = mf.Module.Mod.Path
for _, req := range mf.Require {
if req.Indirect {
continue
}
info.Deps = append(info.Deps, module.Version{Path: req.Mod.Path, Version: req.Mod.Version})
}
return info, nil
}
// versionArg represents a string CLI parameter that must be a valid semantic version string
type versionArg string
// String returns the argument value string
func (v *versionArg) String() string {
return string(*v)
}
// Set assigns the argument value to s. If s is not a valid semantic version string per Go modules
// rules, this method returns an error
func (v *versionArg) Set(s string) error {
if !semver.IsValid(s) {
return fmt.Errorf("%q is not a valid semantic version string", s)
}
*v = versionArg(s)
return nil
}
// Type returns a string description of the argument type
func (v *versionArg) Type() string {
return "[SemVer string]"
}
// Get returns the value of the argument
func (v *versionArg) Get() any {
return *v
}