-
Notifications
You must be signed in to change notification settings - Fork 534
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Revert releasing container static scanning
- Loading branch information
1 parent
905c33d
commit 4fea3dd
Showing
25 changed files
with
1,239 additions
and
1,895 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
import * as cppPlugin from 'snyk-cpp-plugin'; | ||
import { DepGraphData } from '@snyk/dep-graph'; | ||
import * as snyk from './index'; | ||
import * as config from './config'; | ||
import { isCI } from './is-ci'; | ||
import { makeRequest } from './request/promise'; | ||
import { Options } from './types'; | ||
import { TestCommandResult } from '../cli/commands/types'; | ||
import * as spinner from '../lib/spinner'; | ||
|
||
export interface PluginResponse { | ||
scanResults: ScanResult[]; | ||
} | ||
|
||
export interface GitTarget { | ||
remoteUrl: string; | ||
branch: string; | ||
} | ||
|
||
export interface ContainerTarget { | ||
image: string; | ||
} | ||
|
||
export interface ScanResult { | ||
identity: Identity; | ||
facts: Facts[]; | ||
name?: string; | ||
policy?: string; | ||
target?: GitTarget | ContainerTarget; | ||
} | ||
|
||
export interface Identity { | ||
type: string; | ||
targetFile?: string; | ||
args?: { [key: string]: string }; | ||
} | ||
|
||
export interface Facts { | ||
type: string; | ||
data: any; | ||
} | ||
|
||
export interface Issue { | ||
pkgName: string; | ||
pkgVersion?: string; | ||
issueId: string; | ||
fixInfo: { | ||
nearestFixedInVersion?: string; | ||
}; | ||
} | ||
|
||
export interface IssuesData { | ||
[issueId: string]: { | ||
id: string; | ||
severity: string; | ||
title: string; | ||
}; | ||
} | ||
|
||
export interface TestResult { | ||
issues: Issue[]; | ||
issuesData: IssuesData; | ||
depGraphData: DepGraphData; | ||
} | ||
|
||
export interface EcosystemPlugin { | ||
scan: (options: Options) => Promise<PluginResponse>; | ||
display: ( | ||
scanResults: ScanResult[], | ||
testResults: TestResult[], | ||
errors: string[], | ||
options: Options, | ||
) => Promise<string>; | ||
} | ||
|
||
export type Ecosystem = 'cpp'; | ||
|
||
const EcosystemPlugins: { | ||
readonly [ecosystem in Ecosystem]: EcosystemPlugin; | ||
} = { | ||
cpp: cppPlugin, | ||
}; | ||
|
||
export function getPlugin(ecosystem: Ecosystem): EcosystemPlugin { | ||
return EcosystemPlugins[ecosystem]; | ||
} | ||
|
||
export function getEcosystem(options: Options): Ecosystem | null { | ||
if (options.source) { | ||
return 'cpp'; | ||
} | ||
return null; | ||
} | ||
|
||
export async function testEcosystem( | ||
ecosystem: Ecosystem, | ||
paths: string[], | ||
options: Options, | ||
): Promise<TestCommandResult> { | ||
const plugin = getPlugin(ecosystem); | ||
const scanResultsByPath: { [dir: string]: ScanResult[] } = {}; | ||
for (const path of paths) { | ||
options.path = path; | ||
const pluginResponse = await plugin.scan(options); | ||
scanResultsByPath[path] = pluginResponse.scanResults; | ||
} | ||
const [testResults, errors] = await testDependencies(scanResultsByPath); | ||
const stringifiedData = JSON.stringify(testResults, null, 2); | ||
if (options.json) { | ||
return TestCommandResult.createJsonTestCommandResult(stringifiedData); | ||
} | ||
const emptyResults: ScanResult[] = []; | ||
const scanResults = emptyResults.concat(...Object.values(scanResultsByPath)); | ||
const readableResult = await plugin.display( | ||
scanResults, | ||
testResults, | ||
errors, | ||
options, | ||
); | ||
|
||
return TestCommandResult.createHumanReadableTestCommandResult( | ||
readableResult, | ||
stringifiedData, | ||
); | ||
} | ||
|
||
export async function testDependencies(scans: { | ||
[dir: string]: ScanResult[]; | ||
}): Promise<[TestResult[], string[]]> { | ||
const results: TestResult[] = []; | ||
const errors: string[] = []; | ||
for (const [path, scanResults] of Object.entries(scans)) { | ||
await spinner(`Testing dependencies in ${path}`); | ||
for (const scanResult of scanResults) { | ||
const payload = { | ||
method: 'POST', | ||
url: `${config.API}/test-dependencies`, | ||
json: true, | ||
headers: { | ||
'x-is-ci': isCI(), | ||
authorization: 'token ' + snyk.api, | ||
}, | ||
body: { | ||
...scanResult, | ||
}, | ||
}; | ||
try { | ||
const response = await makeRequest<TestResult>(payload); | ||
results.push(response); | ||
} catch (error) { | ||
if (error.code >= 400 && error.code < 500) { | ||
throw new Error(error.message); | ||
} | ||
errors.push('Could not test dependencies in ' + path); | ||
} | ||
} | ||
} | ||
spinner.clearAll(); | ||
return [results, errors]; | ||
} |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.