fix: Revert releasing container static scanning

This reverts commit bf32c4c, reversing changes made to acce1b2.
snyk · Oct 9, 2020 · 4fea3dd · 4fea3dd
1 parent 905c33d
commit 4fea3dd
Show file tree

Hide file tree

Showing 25 changed files with 1,239 additions and 1,895 deletions.
diff --git a/package.json b/package.json
@@ -77,8 +77,7 @@
     "semver": "^6.0.0",
     "snyk-config": "3.1.1",
     "snyk-cpp-plugin": "2.0.0",
-    "legacy-snyk-docker-plugin": "snyk/snyk-docker-plugin#v3.26.2",
-    "snyk-docker-plugin": "4.1.1",
+    "snyk-docker-plugin": "3.26.2",
     "snyk-go-plugin": "1.16.2",
     "snyk-gradle-plugin": "3.10.0",
     "snyk-module": "3.1.0",

diff --git a/src/cli/commands/monitor/index.ts b/src/cli/commands/monitor/index.ts
@@ -37,8 +37,6 @@ import { PluginMetadata } from '@snyk/cli-interface/legacy/plugin';
 import { getContributors } from '../../../lib/monitor/dev-count-analysis';
 import { FailedToRunTestError, MonitorError } from '../../../lib/errors';
 import { isMultiProjectScan } from '../../../lib/is-multi-project-scan';
-import { getEcosystem, monitorEcosystem } from '../../../lib/ecosystems';
-import { getFormattedMonitorOutput } from '../../../lib/ecosystems/monitor';
 
 const SEPARATOR = '\n-------------------------------------------------------\n';
 const debug = Debug('snyk');
@@ -97,24 +95,6 @@ async function monitor(...args0: MethodArgs): Promise<any> {
     }
   }
 
-  const ecosystem = getEcosystem(options);
-  if (ecosystem) {
-    const commandResult = await monitorEcosystem(
-      ecosystem,
-      args as string[],
-      options,
-    );
-
-    const [monitorResults, monitorErrors] = commandResult;
-
-    return await getFormattedMonitorOutput(
-      results,
-      monitorResults,
-      monitorErrors,
-      options,
-    );
-  }
-
   // Part 1: every argument is a scan target; process them sequentially
   for (const path of args as string[]) {
     debug(`Processing ${path}...`);

diff --git a/src/cli/commands/test/index.ts b/src/cli/commands/test/index.ts
@@ -49,7 +49,7 @@ import {
 } from './formatters';
 import * as utils from './utils';
 import { getIacDisplayedOutput, createSarifOutputForIac } from './iac-output';
-import { getEcosystemForTest, testEcosystem } from '../../../lib/ecosystems';
+import { getEcosystem, testEcosystem } from '../../../lib/ecosystems';
 import { TestLimitReachedError } from '../../../lib/errors';
 import { isMultiProjectScan } from '../../../lib/is-multi-project-scan';
 import { createSarifOutputForContainers } from './sarif-output';
@@ -115,7 +115,7 @@ async function test(...args: MethodArgs): Promise<TestCommandResult> {
     }
   }
 
-  const ecosystem = getEcosystemForTest(options);
+  const ecosystem = getEcosystem(options);
   if (ecosystem) {
     try {
       const commandResult = await testEcosystem(

diff --git a/src/lib/ecosystems.ts b/src/lib/ecosystems.ts
@@ -0,0 +1,160 @@
+import * as cppPlugin from 'snyk-cpp-plugin';
+import { DepGraphData } from '@snyk/dep-graph';
+import * as snyk from './index';
+import * as config from './config';
+import { isCI } from './is-ci';
+import { makeRequest } from './request/promise';
+import { Options } from './types';
+import { TestCommandResult } from '../cli/commands/types';
+import * as spinner from '../lib/spinner';
+
+export interface PluginResponse {
+  scanResults: ScanResult[];
+}
+
+export interface GitTarget {
+  remoteUrl: string;
+  branch: string;
+}
+
+export interface ContainerTarget {
+  image: string;
+}
+
+export interface ScanResult {
+  identity: Identity;
+  facts: Facts[];
+  name?: string;
+  policy?: string;
+  target?: GitTarget | ContainerTarget;
+}
+
+export interface Identity {
+  type: string;
+  targetFile?: string;
+  args?: { [key: string]: string };
+}
+
+export interface Facts {
+  type: string;
+  data: any;
+}
+
+export interface Issue {
+  pkgName: string;
+  pkgVersion?: string;
+  issueId: string;
+  fixInfo: {
+    nearestFixedInVersion?: string;
+  };
+}
+
+export interface IssuesData {
+  [issueId: string]: {
+    id: string;
+    severity: string;
+    title: string;
+  };
+}
+
+export interface TestResult {
+  issues: Issue[];
+  issuesData: IssuesData;
+  depGraphData: DepGraphData;
+}
+
+export interface EcosystemPlugin {
+  scan: (options: Options) => Promise<PluginResponse>;
+  display: (
+    scanResults: ScanResult[],
+    testResults: TestResult[],
+    errors: string[],
+    options: Options,
+  ) => Promise<string>;
+}
+
+export type Ecosystem = 'cpp';
+
+const EcosystemPlugins: {
+  readonly [ecosystem in Ecosystem]: EcosystemPlugin;
+} = {
+  cpp: cppPlugin,
+};
+
+export function getPlugin(ecosystem: Ecosystem): EcosystemPlugin {
+  return EcosystemPlugins[ecosystem];
+}
+
+export function getEcosystem(options: Options): Ecosystem | null {
+  if (options.source) {
+    return 'cpp';
+  }
+  return null;
+}
+
+export async function testEcosystem(
+  ecosystem: Ecosystem,
+  paths: string[],
+  options: Options,
+): Promise<TestCommandResult> {
+  const plugin = getPlugin(ecosystem);
+  const scanResultsByPath: { [dir: string]: ScanResult[] } = {};
+  for (const path of paths) {
+    options.path = path;
+    const pluginResponse = await plugin.scan(options);
+    scanResultsByPath[path] = pluginResponse.scanResults;
+  }
+  const [testResults, errors] = await testDependencies(scanResultsByPath);
+  const stringifiedData = JSON.stringify(testResults, null, 2);
+  if (options.json) {
+    return TestCommandResult.createJsonTestCommandResult(stringifiedData);
+  }
+  const emptyResults: ScanResult[] = [];
+  const scanResults = emptyResults.concat(...Object.values(scanResultsByPath));
+  const readableResult = await plugin.display(
+    scanResults,
+    testResults,
+    errors,
+    options,
+  );
+
+  return TestCommandResult.createHumanReadableTestCommandResult(
+    readableResult,
+    stringifiedData,
+  );
+}
+
+export async function testDependencies(scans: {
+  [dir: string]: ScanResult[];
+}): Promise<[TestResult[], string[]]> {
+  const results: TestResult[] = [];
+  const errors: string[] = [];
+  for (const [path, scanResults] of Object.entries(scans)) {
+    await spinner(`Testing dependencies in ${path}`);
+    for (const scanResult of scanResults) {
+      const payload = {
+        method: 'POST',
+        url: `${config.API}/test-dependencies`,
+        json: true,
+        headers: {
+          'x-is-ci': isCI(),
+          authorization: 'token ' + snyk.api,
+        },
+        body: {
+          ...scanResult,
+        },
+      };
+      try {
+        const response = await makeRequest<TestResult>(payload);
+        results.push(response);
+      } catch (error) {
+        if (error.code >= 400 && error.code < 500) {
+          throw new Error(error.message);
+        }
+        errors.push('Could not test dependencies in ' + path);
+      }
+    }
+  }
+  spinner.clearAll();
+  return [results, errors];
+}
diff --git a/src/lib/ecosystems/index.ts b/src/lib/ecosystems/index.ts