add more logging and check for tfsec before runs

aquasecurity · Jan 12, 2022 · af94f76 · af94f76
1 parent 79efe99
commit af94f76
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 9 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,11 @@
 
 All notable changes to the "tfsec" extension will be documented in this file.
 
+### 1.5.0
+- Check for tfsec before running any commands
+- Add debug setting for richer output option
+- remove some redundant logging
+
 ### 1.4.0
 - Use output channel instead of terminal for better cross platform command support
 - Remove explicit run command and use refresh to update the list with a fresh run

diff --git a/README.md b/README.md
@@ -27,6 +27,11 @@ Ignore codes will be automatically resolved and the description of the error wil
 
 ## Release Notes
 
+### 1.5.0
+- Check for tfsec before running any commands
+- Add debug setting for richer output option
+- remove some redundant logging
+
 ### 1.4.1
 - Fix updater 
 

diff --git a/package.json b/package.json
@@ -59,6 +59,11 @@
           "type": "boolean",
           "default": "true",
           "description": "Automatically rerun tfsec when a check failure is ignored"
+        },
+        "tfsec.debug": {
+          "type": "boolean",
+          "default": "false",
+          "description": "Run tfsec with vebose flag to get more information"
         }
       }
     },

diff --git a/src/explorer/issues_treeview.ts b/src/explorer/issues_treeview.ts
@@ -32,7 +32,6 @@ export class TfsecIssueProvider implements vscode.TreeDataProvider<TfsecTreeItem
 	refresh(): void {
 		this.taintResults = true;
 		this._onDidChangeTreeData.fire();
-		vscode.window.showInformationMessage("tfsec results updated");
 	}
 
 	// when there is a tfsec output file, load the results

diff --git a/src/extension.ts b/src/extension.ts
@@ -2,7 +2,7 @@ import * as vscode from 'vscode';
 import { addIgnore, triggerDecoration, IgnoreDetails, FileIgnores } from './ignore';
 import { TfsecIssueProvider } from './explorer/issues_treeview';
 import { TfsecTreeItem, TfsecTreeItemType } from './explorer/tfsec_treeitem';
-import { getInstalledTfsecVersion, getBinaryPath } from './utils';
+import { getInstalledTfsecVersion, getBinaryPath, checkTfsecInstalled } from './utils';
 import { TfsecHelpProvider } from './explorer/check_helpview';
 import * as semver from 'semver';
 import * as child from 'child_process';
@@ -30,7 +30,7 @@ export function activate(context: vscode.ExtensionContext) {
 	});
 
 	context.subscriptions.push(vscode.commands.registerCommand('tfsec.refresh', () => issueProvider.refresh()));
-	context.subscriptions.push(vscode.commands.registerCommand('tfsec.version', () => showCurrentTfsecVersion()));
+	context.subscriptions.push(vscode.commands.registerCommand('tfsec.version', () => showCurrentTfsecVersion(outputChannel)));
 	context.subscriptions.push(vscode.commands.registerCommand('tfsec.ignore', (element: TfsecTreeItem) => ignoreInstance(element, outputChannel)));
 	context.subscriptions.push(vscode.commands.registerCommand('tfsec.ignoreAll', (element: TfsecTreeItem) => ignoreAllInstances(element, issueProvider, outputChannel)));
 	context.subscriptions.push(vscode.commands.registerCommand('tfsec.ignoreSeverity', (element: TfsecTreeItem) => ignoreAllInstances(element, issueProvider, outputChannel)));
@@ -53,7 +53,9 @@ export function activate(context: vscode.ExtensionContext) {
 	if (activeEditor) {
 		triggerDecoration();
 	}
-	showCurrentTfsecVersion();
+
+
+	showCurrentTfsecVersion(outputChannel);
 }
 
 function ignoreInstance(element: TfsecTreeItem, outputChannel: vscode.OutputChannel) {
@@ -119,7 +121,11 @@ async function ignoreAllInstances(element: TfsecTreeItem, issueProvider: TfsecIs
 }
 
 
-function showCurrentTfsecVersion() {
+function showCurrentTfsecVersion(outputChannel: vscode.OutputChannel) {
+	if (!checkTfsecInstalled(outputChannel)) {
+		vscode.window.showErrorMessage("tfsec could not be found, check Output window");
+		return;
+	}
 	const currentVersion = getInstalledTfsecVersion();
 	if (currentVersion) {
 		vscode.window.showInformationMessage(`Current tfsec version is ${currentVersion}`);
@@ -139,6 +145,10 @@ function buildCommand(resultsStoragePath: string, scanPath: string) {
 		command.push('--exclude-downloaded-modules');
 	}
 
+	if (config.get<boolean>('debug')) {
+		command.push('--verbose');
+	}
+
 	command.push('--format json');
 	command.push(`--out "${resultsStoragePath}"`);
 	command.push(scanPath);
@@ -151,16 +161,27 @@ function runTfsec(issueProvider: TfsecIssueProvider, outputChannel: vscode.Outpu
 	outputChannel.appendLine("");
 	outputChannel.appendLine("Running tfsec to update results");
 
+	if (!checkTfsecInstalled(outputChannel)) {
+		return;
+	}
+
 	if (vscode.workspace && vscode.workspace.workspaceFolders && vscode.workspace.workspaceFolders.length > 0
 		&& vscode.workspace.workspaceFolders[0] !== undefined) {
 
 		let command = buildCommand(issueProvider.resultsStoragePath, vscode.workspace.workspaceFolders[0].uri.fsPath);
+		outputChannel.appendLine(`command: ${command}`);
 		try {
 			let result: Buffer = child.execSync(command);
-
 			outputChannel.appendLine(result.toString());
 		} catch (err) {
+			let errMsg = (err as Error);
+			const config = vscode.workspace.getConfiguration('tfsec');
+			if (config.get<boolean>('debug')) {
+				outputChannel.appendLine(errMsg.toString());
+			}
+
 		} finally {
+			outputChannel.appendLine("Reloading the treeview");
 			setTimeout(() => { vscode.commands.executeCommand("tfsec.refresh"); }, 250);
 		}
 	}
@@ -170,9 +191,12 @@ function updateBinary(outputChannel: vscode.OutputChannel) {
 	outputChannel.show();
 	outputChannel.appendLine("");
 	outputChannel.appendLine("Checking the current version");
-	const currentVersion = getInstalledTfsecVersion();
 
+	if (!checkTfsecInstalled(outputChannel)) {
+		return;
+	}
 
+	const currentVersion = getInstalledTfsecVersion();
 	if (currentVersion.includes("running a locally built version")) {
 		outputChannel.appendLine("You are using a locally built version which cannot be updated");
 	}

diff --git a/src/utils.ts b/src/utils.ts
@@ -2,6 +2,7 @@
 import * as vscode from 'vscode';
 import * as child from 'child_process';
 import { TfsecTreeItem } from './explorer/tfsec_treeitem';
+import { existsSync } from 'fs';
 
 
 function getSeverityPosition(severity: string): number {
@@ -83,7 +84,16 @@ const getBinaryPath = () => {
         binary = "tfsec";
     }
     return binary;
-}
+};
+
+const checkTfsecInstalled = (outputChannel: vscode.OutputChannel): boolean => {
+    const binaryPath = getBinaryPath();
+
+    if (!existsSync(binaryPath)) {
+        outputChannel.appendLine(`tfsec not found. Check the tfsec extension settings to ensure the path is correct. [${binaryPath}]`);
+    }
+    return true;
+};
 
 const getInstalledTfsecVersion = () => {
     let binary = getBinaryPath();
@@ -97,4 +107,4 @@ const getInstalledTfsecVersion = () => {
 
 const capitalize = (s: string) => (s && s[0] && s[0].toUpperCase() + s.slice(1).toLowerCase()) || "";
 
-export { getBinaryPath, sortByCode, sortBySeverity, uniqueLocations, getInstalledTfsecVersion, capitalize };
+export { getBinaryPath, sortByCode, sortBySeverity, uniqueLocations, getInstalledTfsecVersion, capitalize, checkTfsecInstalled };