From 48ac749c5788ebfca06b35aebe70620b765cbcd2 Mon Sep 17 00:00:00 2001 From: Oscar Reimer Date: Wed, 23 Oct 2024 17:17:15 +0200 Subject: [PATCH] Add tag-commit-as-release flag --- internal/cmd/root/root_test.go | 2 +- internal/cmd/scan/scan.go | 27 +++++++++++++++++++++++ internal/cmd/scan/scan_test.go | 1 + internal/scan/scanner.go | 2 ++ internal/upload/batch.go | 37 ++++++++++++++++++-------------- internal/upload/batch_test.go | 12 +++++------ internal/upload/uploader.go | 2 ++ internal/upload/uploader_test.go | 2 +- scripts/lint.sh | 0 9 files changed, 61 insertions(+), 24 deletions(-) mode change 100644 => 100755 scripts/lint.sh diff --git a/internal/cmd/root/root_test.go b/internal/cmd/root/root_test.go index 81a655cf..52e32cb8 100644 --- a/internal/cmd/root/root_test.go +++ b/internal/cmd/root/root_test.go @@ -35,7 +35,7 @@ func TestNewRootCmd(t *testing.T) { } } assert.Truef(t, match, "failed to assert that flag was present: "+AccessTokenFlag) - assert.Len(t, viperKeys, 21) + assert.Len(t, viperKeys, 22) } func TestPreRun(t *testing.T) { diff --git a/internal/cmd/scan/scan.go b/internal/cmd/scan/scan.go index 2a2a71ce..c1f64dfd 100644 --- a/internal/cmd/scan/scan.go +++ b/internal/cmd/scan/scan.go @@ -3,7 +3,9 @@ package scan import ( "errors" "fmt" + "os" "path/filepath" + "strconv" "strings" "github.com/debricked/cli/internal/file" @@ -35,6 +37,7 @@ var verbose bool var versionHint bool var sbom string var sbomOutput string +var tagCommitAsRelease bool const ( BranchFlag = "branch" @@ -59,6 +62,8 @@ const ( VersionHintFlag = "version-hint" SBOMFlag = "sbom" SBOMOutputFlag = "sbom-output" + TagCommitAsReleaseFlag = "tag-commit-as-release" + TagCommitAsReleaseEnv = "TAG_COMMIT_AS_RELEASE" ) var scanCmdError error @@ -159,6 +164,12 @@ Supported formats are: 'CycloneDX', 'SPDX' Leaving the field empty results in no SBOM generation.`, ) cmd.Flags().StringVar(&sbomOutput, SBOMOutputFlag, "", `Set output path of downloaded SBOM report (if sbom is toggled)`) + cmd.Flags().BoolVar( + &tagCommitAsRelease, + TagCommitAsReleaseFlag, + false, + "Set to true to tag commit as a release. This will store the scan data indefinitely. Enterprise is required for this flag. Please visit https://debricked.com/pricing/ for more info. Can be overridden by "+TagCommitAsReleaseEnv+" environment variable.", + ) viper.MustBindEnv(RepositoryFlag) viper.MustBindEnv(CommitFlag) @@ -170,6 +181,7 @@ Leaving the field empty results in no SBOM generation.`, viper.MustBindEnv(NpmPreferredFlag) viper.MustBindEnv(SBOMFlag) viper.MustBindEnv(SBOMOutputFlag) + viper.MustBindEnv(TagCommitAsReleaseFlag) return cmd } @@ -180,6 +192,20 @@ func RunE(s *scan.IScanner) func(_ *cobra.Command, args []string) error { if len(args) > 0 { path = args[0] } + + tagCommitAsRelease := false + tagCommitAsReleaseEnv := os.Getenv(TagCommitAsReleaseEnv) + if tagCommitAsReleaseEnv != "" { + var err error + tagCommitAsRelease, err = strconv.ParseBool(tagCommitAsReleaseEnv) + + if err != nil { + return errors.Join(errors.New("failed to convert "+TagCommitAsReleaseEnv+" to boolean"), err) + } + } else { + tagCommitAsRelease = viper.GetBool(TagCommitAsReleaseFlag) + } + options := scan.DebrickedOptions{ Path: path, Resolve: !viper.GetBool(NoResolveFlag), @@ -203,6 +229,7 @@ func RunE(s *scan.IScanner) func(_ *cobra.Command, args []string) error { CallGraphUploadTimeout: viper.GetInt(CallGraphUploadTimeoutFlag), CallGraphGenerateTimeout: viper.GetInt(CallGraphGenerateTimeoutFlag), MinFingerprintContentLength: viper.GetInt(MinFingerprintContentLengthFlag), + TagCommitAsRelease: tagCommitAsRelease, } if s != nil { scanCmdError = (*s).Scan(options) diff --git a/internal/cmd/scan/scan_test.go b/internal/cmd/scan/scan_test.go index a7c653de..866d954c 100644 --- a/internal/cmd/scan/scan_test.go +++ b/internal/cmd/scan/scan_test.go @@ -40,6 +40,7 @@ func TestNewScanCmd(t *testing.T) { CommitAuthorFlag, RepositoryUrlFlag, IntegrationFlag, + TagCommitAsReleaseFlag, } viperKeys := viper.AllKeys() for _, flagKey := range flagKeys { diff --git a/internal/scan/scanner.go b/internal/scan/scanner.go index bfcf7a23..933ddf79 100644 --- a/internal/scan/scanner.go +++ b/internal/scan/scanner.go @@ -68,6 +68,7 @@ type DebrickedOptions struct { CallGraphUploadTimeout int CallGraphGenerateTimeout int MinFingerprintContentLength int + TagCommitAsRelease bool } func NewDebrickedScanner( @@ -269,6 +270,7 @@ func (dScanner *DebrickedScanner) scan(options DebrickedOptions, gitMetaObject g CallGraphUploadTimeout: options.CallGraphUploadTimeout, VersionHint: options.VersionHint, DebrickedConfig: dScanner.getDebrickedConfig(options.Path, options.Exclusions, options.Inclusions), + TagCommitAsRelease: options.TagCommitAsRelease, } result, err := (*dScanner.uploader).Upload(uploaderOptions) if err != nil { diff --git a/internal/upload/batch.go b/internal/upload/batch.go index e22b76ef..5cb5fc1b 100644 --- a/internal/upload/batch.go +++ b/internal/upload/batch.go @@ -33,29 +33,32 @@ var ( const callgraphName = "debricked-call-graph" type uploadBatch struct { - client *client.IDebClient - fileGroups file.Groups - gitMetaObject *git.MetaObject - integrationName string - ciUploadId int - callGraphTimeout int - versionHint bool - debrickedConfig *DebrickedConfig // JSON Config + client *client.IDebClient + fileGroups file.Groups + gitMetaObject *git.MetaObject + integrationName string + ciUploadId int + callGraphTimeout int + versionHint bool + debrickedConfig *DebrickedConfig // JSON Config + tagCommitAsRelease bool } func newUploadBatch( client *client.IDebClient, fileGroups file.Groups, gitMetaObject *git.MetaObject, integrationName string, callGraphTimeout int, versionHint bool, debrickedConfig *DebrickedConfig, + tagCommitAsRelease bool, ) *uploadBatch { return &uploadBatch{ - client: client, - fileGroups: fileGroups, - gitMetaObject: gitMetaObject, - integrationName: integrationName, - ciUploadId: 0, - callGraphTimeout: callGraphTimeout, - versionHint: versionHint, - debrickedConfig: debrickedConfig, + client: client, + fileGroups: fileGroups, + gitMetaObject: gitMetaObject, + integrationName: integrationName, + ciUploadId: 0, + callGraphTimeout: callGraphTimeout, + versionHint: versionHint, + debrickedConfig: debrickedConfig, + tagCommitAsRelease: tagCommitAsRelease, } } @@ -183,6 +186,7 @@ func (uploadBatch *uploadBatch) initAnalysis() error { VersionHint: uploadBatch.versionHint, DebrickedConfig: uploadBatch.debrickedConfig, DebrickedIntegration: "cli", + TagCommitAsRelease: uploadBatch.tagCommitAsRelease, }) if err != nil { @@ -327,6 +331,7 @@ type uploadFinish struct { DebrickedIntegration string `json:"debrickedIntegration"` VersionHint bool `json:"versionHint"` DebrickedConfig *DebrickedConfig `json:"debrickedConfig"` + TagCommitAsRelease bool `json:"isRelease"` } func getRelativeFilePath(filePath string) string { diff --git a/internal/upload/batch_test.go b/internal/upload/batch_test.go index f9392977..a9b60c30 100644 --- a/internal/upload/batch_test.go +++ b/internal/upload/batch_test.go @@ -38,7 +38,7 @@ func TestUploadWithBadFiles(t *testing.T) { clientMock.AddMockResponse(mockRes) clientMock.AddMockResponse(mockRes) c = clientMock - batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}, false) var buf bytes.Buffer log.SetOutput(&buf) err = batch.upload() @@ -50,7 +50,7 @@ func TestUploadWithBadFiles(t *testing.T) { } func TestInitAnalysisWithoutAnyFiles(t *testing.T) { - batch := newUploadBatch(nil, file.Groups{}, nil, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(nil, file.Groups{}, nil, "CLI", 10*60, true, &DebrickedConfig{}, false) err := batch.initAnalysis() assert.ErrorContains(t, err, "failed to find dependency files") @@ -73,7 +73,7 @@ func TestWaitWithPollingTerminatedError(t *testing.T) { } clientMock.AddMockResponse(mockRes) c = clientMock - batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}, false) uploadResult, err := batch.wait() @@ -98,7 +98,7 @@ func TestInitUploadBadFile(t *testing.T) { clientMock.AddMockResponse(mockRes) var c client.IDebClient = clientMock - batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}, false) files, err := batch.initUpload() @@ -120,7 +120,7 @@ func TestInitUploadFingerprintsFree(t *testing.T) { clientMock := testdata.NewDebClientMock() clientMock.SetEnterpriseCustomer(false) var c client.IDebClient = clientMock - batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}, false) files, err := batch.initUpload() @@ -145,7 +145,7 @@ func TestInitUpload(t *testing.T) { clientMock.AddMockResponse(mockRes) var c client.IDebClient = clientMock - batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}) + batch := newUploadBatch(&c, groups, metaObj, "CLI", 10*60, true, &DebrickedConfig{}, true) files, err := batch.initUpload() diff --git a/internal/upload/uploader.go b/internal/upload/uploader.go index 47fa8bb3..b1ce696f 100644 --- a/internal/upload/uploader.go +++ b/internal/upload/uploader.go @@ -17,6 +17,7 @@ type DebrickedOptions struct { CallGraphUploadTimeout int VersionHint bool DebrickedConfig *DebrickedConfig + TagCommitAsRelease bool } type IUploader interface { @@ -45,6 +46,7 @@ func (uploader *Uploader) Upload(o IOptions) (*UploadResult, error) { dOptions.CallGraphUploadTimeout, dOptions.VersionHint, dOptions.DebrickedConfig, + dOptions.TagCommitAsRelease, ) err := batch.upload() diff --git a/internal/upload/uploader_test.go b/internal/upload/uploader_test.go index 22483ba4..8a452773 100644 --- a/internal/upload/uploader_test.go +++ b/internal/upload/uploader_test.go @@ -40,7 +40,7 @@ func TestUpload(t *testing.T) { g := file.NewGroup("testdata/yarn/package.json", nil, []string{"testdata/yarn/yarn.lock"}) groups := file.Groups{} groups.Add(*g) - uploaderOptions := DebrickedOptions{FileGroups: groups, GitMetaObject: *metaObject, IntegrationsName: "CLI", CallGraphUploadTimeout: 10 * 60} + uploaderOptions := DebrickedOptions{FileGroups: groups, GitMetaObject: *metaObject, IntegrationsName: "CLI", CallGraphUploadTimeout: 10 * 60, TagCommitAsRelease: true} result, err := uploader.Upload(uploaderOptions) assert.NoError(t, err) diff --git a/scripts/lint.sh b/scripts/lint.sh old mode 100644 new mode 100755