Merge branch 'hotfix/v1.0.39-infra-scan-import'

kondukto-io · Dec 18, 2024 · 895a79b · 895a79b
2 parents 2fc8464 + 0e52299
commit 895a79b
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 30 deletions.
diff --git a/client/projects.go b/client/projects.go
@@ -162,6 +162,7 @@ type ReleaseStatus struct {
 	CS             PlaybookTypeDetail `json:"cs"`
 	IAC            PlaybookTypeDetail `json:"iac"`
 	MAST           PlaybookTypeDetail `json:"mast"`
+	INFRA          PlaybookTypeDetail `json:"infra"`
 }
 
 const ReleaseStatusHistoryInprogress = "in_progress"

diff --git a/client/scanners.go b/client/scanners.go
@@ -18,14 +18,15 @@ import (
 type ScannerType string
 
 const (
-	ScannerTypeSAST ScannerType = "sast"
-	ScannerTypeDAST ScannerType = "dast"
-	ScannerTypeSCA  ScannerType = "sca"
-	ScannerTypeCS   ScannerType = "cs"
-	ScannerTypeIAC  ScannerType = "iac"
-	ScannerTypeIAST ScannerType = "iast"
-	ScannerTypeCSPM ScannerType = "cspm"
-	ScannerTypeMAST ScannerType = "mast"
+	ScannerTypeSAST  ScannerType = "sast"
+	ScannerTypeDAST  ScannerType = "dast"
+	ScannerTypeSCA   ScannerType = "sca"
+	ScannerTypeCS    ScannerType = "cs"
+	ScannerTypeIAC   ScannerType = "iac"
+	ScannerTypeIAST  ScannerType = "iast"
+	ScannerTypeCSPM  ScannerType = "cspm"
+	ScannerTypeMAST  ScannerType = "mast"
+	ScannerTypeINFRA ScannerType = "infra"
 )
 
 func (s ScannerType) String() string {
@@ -36,6 +37,7 @@ func ScannerTypes() []ScannerType {
 	return []ScannerType{
 		ScannerTypeSAST, ScannerTypeDAST, ScannerTypeSCA, ScannerTypeCS,
 		ScannerTypeIAC, ScannerTypeIAST, ScannerTypeCSPM, ScannerTypeMAST,
+		ScannerTypeINFRA,
 	}
 }
 
@@ -199,29 +201,29 @@ func (c *Client) ListActiveScanners(input *ListActiveScannersInput) (*ScannersRe
 }
 
 // IsValidTool returns true if the given tool name is a valid tool
-func (c *Client) IsValidTool(tool string) bool {
+func (c *Client) IsValidTool(tool string) (*ScannerInfo, bool) {
 	klog.Debugf("validating given tool name [%s]", tool)
 
 	scanners, err := c.ListActiveScanners(&ListActiveScannersInput{
 		Name: tool,
 	})
 	if err != nil {
 		klog.Debugf("failed to get active tools: %v", err)
-		return false
+		return nil, false
 	}
 
 	if scanners.Total == 0 {
 		klog.Debugf("no tool found by given tool name. invalid or inactive tool name: %s", tool)
-		return false
+		return nil, false
 	}
 
 	var scanner = scanners.ActiveScanners[0]
 	if scanner.Disabled {
 		klog.Printf("the scanner [%s] is disabled on the Kondukto", tool)
-		return false
+		return nil, false
 	}
 
-	return true
+	return &scanner, true
 }
 
 // IsRescanOnlyLabel returns true if the given label is a rescan only label

diff --git a/client/scans.go b/client/scans.go
@@ -34,18 +34,19 @@ type (
 	}
 
 	ScanDetail struct {
-		ID          string     `json:"id"`
-		Name        string     `json:"name"`
-		Branch      string     `json:"branch"`
-		ScanType    string     `json:"scan_type"`
-		MetaData    string     `json:"meta_data"`
-		Tool        string     `json:"tool"`
-		ScannerType string     `json:"scanner_type"`
-		Date        *time.Time `json:"date"`
-		Project     string     `json:"project"`
-		Score       int        `json:"score"`
-		Summary     Summary    `json:"summary"`
-		Links       struct {
+		ID                   string     `json:"id"`
+		Name                 string     `json:"name"`
+		Branch               string     `json:"branch"`
+		ScanType             string     `json:"scan_type"`
+		MetaData             string     `json:"meta_data"`
+		Tool                 string     `json:"tool"`
+		ScannerType          string     `json:"scanner_type"`
+		Date                 *time.Time `json:"date"`
+		Project              string     `json:"project"`
+		Score                int        `json:"score"`
+		Summary              Summary    `json:"summary"`
+		InfraSourceProjectID string     `json:"infra_source_project_id"`
+		Links                struct {
 			HTML string `json:"html"`
 		} `json:"links"`
 	}

diff --git a/cmd/scan.go b/cmd/scan.go
@@ -6,6 +6,7 @@ Copyright © 2019 Kondukto
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"path/filepath"
@@ -114,9 +115,16 @@ var scanCmd = &cobra.Command{
 		}
 		t, _ := cmd.Flags().GetString("tool")
 		s, _ := cmd.Flags().GetString("scan-id")
-		if s == "" && !c.IsValidTool(t) {
+
+		toolInfo, isValid := c.IsValidTool(t)
+		if s == "" && !isValid {
 			qwm(ExitCodeError, "unknown, disabled or inactive tool name. Run `kdt list scanners` to see the supported active scanner's list.")
 		}
+
+		if toolInfo != nil {
+			ctx := context.WithValue(cmd.Context(), "internal-scan-type", toolInfo.Type)
+			cmd.SetContext(ctx)
+		}
 	},
 }
 
@@ -159,7 +167,9 @@ type Scan struct {
 }
 
 func (s *Scan) startScan() (string, error) {
+	scanType := s.cmd.Context().Value("internal-scan-type").(string)
 	var scanMode = getScanMode(s.cmd)
+
 	incremental, err := s.cmd.Flags().GetBool("incremental-scan")
 	if err != nil {
 		return "", err
@@ -172,7 +182,7 @@ func (s *Scan) startScan() (string, error) {
 	switch scanMode {
 	case modeByFileImport:
 		// scan mode to start a scan by importing a file
-		eventID, err := s.scanByFileImport()
+		eventID, err := s.scanByFileImport(scanType)
 		if err != nil {
 			return "", err
 		}
@@ -278,7 +288,7 @@ func (s *Scan) scanByImage() (string, error) {
 	return eventID, nil
 }
 
-func (s *Scan) scanByFileImport() (string, error) {
+func (s *Scan) scanByFileImport(scanType string) (string, error) {
 	// Parse command line flags needed for file uploads
 	project, err := s.findORCreateProject()
 	if err != nil {
@@ -289,9 +299,15 @@ func (s *Scan) scanByFileImport() (string, error) {
 	if err != nil {
 		return "", fmt.Errorf("failed to parse tool flag: %w", err)
 	}
-	if !s.cmd.Flag("branch").Changed {
+
+	if !s.cmd.Flag("branch").Changed && scanType != client.ScannerTypeINFRA.String() {
 		return "", errors.New("branch parameter is required to import scan results")
 	}
+
+	if !s.cmd.Flag("meta").Changed && scanType == client.ScannerTypeINFRA.String() {
+		return "", errors.New("meta parameter is required to import infra scan results")
+	}
+
 	pathToFile, err := s.cmd.Flags().GetString("file")
 	if err != nil {
 		return "", fmt.Errorf("failed to parse file path: %w", err)
@@ -1304,7 +1320,12 @@ func checkRelease(scan *client.ScanDetail, cmd *cobra.Command) error {
 		WaitDuration:               time.Second * 5,
 	}
 
-	rs, err := c.ReleaseStatus(scan.Project, scan.Branch, releaseOpts)
+	var project = scan.Project
+	if scan.InfraSourceProjectID != "" {
+		project = scan.InfraSourceProjectID
+	}
+
+	rs, err := c.ReleaseStatus(project, scan.Branch, releaseOpts)
 	if err != nil {
 		return fmt.Errorf("failed to get release status: %w", err)
 	}
@@ -1350,6 +1371,9 @@ func isScanReleaseFailed(scan *client.ScanDetail, release *client.ReleaseStatus,
 	if release.MAST.Status == statusFail {
 		failedScans["MAST"] = scan.ID
 	}
+	if release.INFRA.Status == statusFail {
+		failedScans["INFRA"] = scan.ID
+	}
 
 	if breakByScannerType {
 		scannerType := strings.ToUpper(scan.ScannerType)