From 2be304879733abafb946dcbfbad7e21e38ec5cdc Mon Sep 17 00:00:00 2001 From: Rojhat Sinan Balka Date: Fri, 13 Aug 2021 14:29:44 +0300 Subject: [PATCH 1/3] Add PR option to import scan --- client/scans.go | 9 ++++++++- cmd/scan.go | 14 +++++++++++++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/client/scans.go b/client/scans.go index 2e51be3..26a671f 100755 --- a/client/scans.go +++ b/client/scans.go @@ -15,6 +15,7 @@ import ( "net/url" "os" "path/filepath" + "strconv" "time" "github.com/google/go-querystring/query" @@ -217,7 +218,7 @@ func (c *Client) ScanByImage(project, branch, tool, image string) (string, error return respBody.EventID, nil } -func (c *Client) ImportScanResult(project, branch, tool string, file string) (string, error) { +func (c *Client) ImportScanResult(project, branch, tool string, file string, target string, override bool) (string, error) { klog.Debugf("importing scan results using the file:%s", file) @@ -254,6 +255,12 @@ func (c *Client) ImportScanResult(project, branch, tool string, file string) (st if err = writer.WriteField("tool", tool); err != nil { return "", err } + if err = writer.WriteField("target", target); err != nil { + return "", err + } + if err = writer.WriteField("override-old-analyze", strconv.FormatBool(override)); err != nil { + return "", err + } _ = writer.Close() req, err := http.NewRequest(http.MethodPost, u.String(), body) diff --git a/cmd/scan.go b/cmd/scan.go index 638c174..dc6d87e 100755 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -402,7 +402,19 @@ func scanByFile(cmd *cobra.Command, c *client.Client) (string, error) { return "", fmt.Errorf("failed to parse branch flag: %w", err) } - eventID, err := c.ImportScanResult(project, branch, tool, absoluteFilePath) + target, err := cmd.Flags().GetString("merge-target") + if err != nil { + return "", fmt.Errorf("failed to parse merge target flag: %w", err) + } + override, err := cmd.Flags().GetBool("override") + if err != nil { + return "", fmt.Errorf("failed to parse override flag: %w", err) + } + if override && target == "" { + return "", errors.New("overriding PR analysis requires a merge target") + } + + eventID, err := c.ImportScanResult(project, branch, tool, absoluteFilePath, target, override) if err != nil { return "", fmt.Errorf("failed to import scan results: %w", err) } From c953e64ec3c8fd515df63e05c9c73c341899b295 Mon Sep 17 00:00:00 2001 From: Rojhat Sinan Balka Date: Fri, 13 Aug 2021 14:34:43 +0300 Subject: [PATCH 2/3] Add override option to scan restart --- client/scans.go | 5 +++-- cmd/scan.go | 11 ++++++++--- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/client/scans.go b/client/scans.go index 26a671f..277113a 100755 --- a/client/scans.go +++ b/client/scans.go @@ -48,8 +48,9 @@ type ( } ScanPROptions struct { - From string `json:"from"` - To string `json:"to"` + From string `json:"from"` + To string `json:"to"` + OverrideOldAnalyze bool `json:"override-old-analyze"` } ResultSet struct { diff --git a/cmd/scan.go b/cmd/scan.go index dc6d87e..1257cba 100755 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -545,11 +545,15 @@ func findScanIDByProjectToolAndPR(cmd *cobra.Command, c *client.Client) (string, } branch, err := cmd.Flags().GetString("branch") if err != nil { - return "", fmt.Errorf("failed to parse tool flag: %w", err) + return "", fmt.Errorf("failed to parse branch flag: %w", err) } if branch == "" { return "", errors.New("missing branch field") } + override, err := cmd.Flags().GetBool("override") + if err != nil { + return "", fmt.Errorf("failed to parse override flag: %w", err) + } mergeTarget, err := cmd.Flags().GetString("merge-target") if err != nil { @@ -573,8 +577,9 @@ func findScanIDByProjectToolAndPR(cmd *cobra.Command, c *client.Client) (string, scan, err := c.FindScan(project, params) if err == nil { opt := &client.ScanPROptions{ - From: branch, - To: mergeTarget, + From: branch, + To: mergeTarget, + OverrideOldAnalyze: override, } eventID, err := c.RestartScanWithOption(scan.ID, opt) if err != nil { From d3707e161e981fc852568f1e16faccb19cc78092 Mon Sep 17 00:00:00 2001 From: Rojhat Sinan Balka Date: Fri, 13 Aug 2021 14:51:05 +0300 Subject: [PATCH 3/3] Add override flag description --- cmd/import.go | 97 --------------------------------------------------- cmd/scan.go | 3 +- 2 files changed, 2 insertions(+), 98 deletions(-) delete mode 100755 cmd/import.go diff --git a/cmd/import.go b/cmd/import.go deleted file mode 100755 index 49fdc36..0000000 --- a/cmd/import.go +++ /dev/null @@ -1,97 +0,0 @@ -/* -Copyright © 2019 Kondukto - -*/ - -package cmd - -import ( - "path/filepath" - - "github.com/kondukto-io/kdt/client" - "github.com/kondukto-io/kdt/klog" - "github.com/spf13/cobra" -) - -// importCmd represents the import command -var importCmd = &cobra.Command{ - Use: "import", - Short: "base command for importing scans", - Args: cobra.MinimumNArgs(1), - Run: importRootCommand, -} - -func init() { - rootCmd.AddCommand(importCmd) - - importCmd.Flags().StringP("project", "p", "", "project name or id") - importCmd.Flags().StringP("tool", "t", "", "tool name") - importCmd.Flags().StringP("branch", "b", "", "branch") - importCmd.Flags().Bool("async", false, "does not block build process") - importCmd.Flags().Int("timeout", 0, "minutes to wait for import to finish. import will continue async if duration exceeds limit") - - _ = importCmd.MarkFlagRequired("project") - _ = importCmd.MarkFlagRequired("tool") - _ = importCmd.MarkFlagRequired("branch") -} - -func importRootCommand(cmd *cobra.Command, args []string) { - if len(args) == 0 { - qwm(1, "missing file path argument") - } - - // Initialize Kondukto client - c, err := client.New() - if err != nil { - qwe(1, err, "could not initialize Kondukto client") - } - - // Parse command line flags - project, err := cmd.Flags().GetString("project") - if err != nil { - qwe(1, err, "failed to parse project flag") - } - branch, err := cmd.Flags().GetString("branch") - if err != nil { - qwe(1, err, "failed to parse branch flag") - } - tool, err := cmd.Flags().GetString("tool") - if err != nil { - qwe(1, err, "failed to parse tool flag") - } - - if !c.IsValidTool(tool) { - qwm(1, "invalid or inactive tool name") - } - - path := args[0] - absoluteFilePath, err := filepath.Abs(path) - if err != nil { - qwe(1, err, "failed to parse absolute path") - } - - eventID, err := c.ImportScanResult(project, branch, tool, absoluteFilePath) - if err != nil { - qwe(1, err, "failed to import scan results") - } - - async, err := cmd.Flags().GetBool("async") - if err != nil { - klog.Fatalf("failed to parse async flag: %v", err) - } - - // Do not wait for import to finish if async set to true - if async { - eventRows := []Row{ - {Columns: []string{"EVENT ID"}}, - {Columns: []string{"--------"}}, - {Columns: []string{eventID}}, - } - TableWriter(eventRows...) - qwm(0, "import has been started with async parameter, exiting.") - } - - waitTillScanEnded(cmd, c, eventID) - - qwm(0, "scan results imported successfully") -} diff --git a/cmd/scan.go b/cmd/scan.go index 1257cba..f11c45e 100755 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -101,7 +101,8 @@ func init() { scanCmd.Flags().StringP("meta", "m", "", "meta data") scanCmd.Flags().StringP("file", "f", "", "scan file") scanCmd.Flags().StringP("branch", "b", "", "branch") - scanCmd.Flags().StringP("merge-target", "M", "", "target branch name for pull request") + scanCmd.Flags().StringP("merge-target", "M", "", "source branch name for pull request") + scanCmd.Flags().Bool("override", false, "overrides old analysis results for the source branch") scanCmd.Flags().String("image", "", "image to scan with container security products") scanCmd.Flags().Bool("threshold-risk", false, "set risk score of last scan as threshold")