Merge branch 'release/1.0.13'

client/client.go

@@ -9,11 +9,13 @@ import (
 	"bytes"
 	"crypto/tls"
 	"encoding/json"
+	"fmt"
 	"io"
 	"io/ioutil"
 	"net/http"
 	"net/url"
 
+	"github.com/kondukto-io/kdt/klog"
 	"github.com/spf13/viper"
 )
 
@@ -27,6 +29,10 @@ type Client struct {
 	BaseURL *url.URL
 }
 
+type KonduktoError struct {
+	Error string `json:"error"`
+}
+
 func New() (*Client, error) {
 	client := new(Client)
 
@@ -90,6 +96,15 @@ func (c *Client) do(req *http.Request, v interface{}) (*http.Response, error) {
 		return resp, err
 	}
 
+	if resp.StatusCode < 200 || resp.StatusCode > 299 {
+		var e KonduktoError
+		if err = json.Unmarshal(data, &e); err != nil {
+			klog.Debugf("failed to parse error message: %v: %v", err, data)
+			return nil, err
+		}
+		return nil, fmt.Errorf("response not OK: %s", e.Error)
+	}
+
 	err = json.Unmarshal(data, &v)
 	return resp, err
 }

client/scans.go

@@ -28,9 +28,11 @@ type (
 		ID       string     `json:"id"`
 		Name     string     `json:"name"`
 		Branch   string     `json:"branch"`
+		ScanType string     `json:"scan_type"`
 		MetaData string     `json:"meta_data"`
 		Tool     string     `json:"tool"`
 		Date     *time.Time `json:"date"`
+		Project  string     `json:"project"`
 		Score    int        `json:"score"`
 		Summary  Summary    `json:"summary"`
 	}
@@ -41,6 +43,7 @@ type (
 		Meta   string `url:"meta,omitempty"`
 		Limit  int    `url:"limit,omitempty"`
 	}
+
 	ScanPROptions struct {
 		From string `json:"from"`
 		To   string `json:"to"`
@@ -121,6 +124,26 @@ func (c *Client) FindScan(project string, params *ScanSearchParams) (*Scan, erro
 	return &scans[0], nil
 }
 
+func (c *Client) FindScanByID(id string) (*Scan, error) {
+	path := fmt.Sprintf("/api/v1/scans/%s", id)
+	req, err := c.newRequest(http.MethodGet, path, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var scan Scan
+	resp, err := c.do(req, &scan)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("HTTP response not OK: %d", resp.StatusCode)
+	}
+
+	return &scan, nil
+}
+
 func (c *Client) StartScanByScanId(id string) (string, error) {
 	klog.Debug("starting scan by scan_id")
 	path := fmt.Sprintf("/api/v1/scans/%s/restart", id)
@@ -134,19 +157,11 @@ func (c *Client) StartScanByScanId(id string) (string, error) {
 		Message string `json:"message"`
 	}
 	var rsr restartScanResponse
-	resp, err := c.do(req, &rsr)
+	_, err = c.do(req, &rsr)
 	if err != nil {
 		return "", err
 	}
 
-	if resp.StatusCode != http.StatusCreated {
-		return "", fmt.Errorf("HTTP response not OK: %d", resp.StatusCode)
-	}
-
-	if rsr.Event == "" {
-		return "", errors.New("event not found")
-	}
-
 	return rsr.Event, nil
 }
 
@@ -202,26 +217,6 @@ func (c *Client) GetScanStatus(eventId string) (*Event, error) {
 	return &e, nil
 }
 
-func (c *Client) GetScanSummary(id string) (*Scan, error) {
-	path := fmt.Sprintf("/api/v1/scans/%s", id)
-	req, err := c.newRequest(http.MethodGet, path, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	var scan Scan
-	resp, err := c.do(req, &scan)
-	if err != nil {
-		return nil, err
-	}
-
-	if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("HTTP response not OK: %d", resp.StatusCode)
-	}
-
-	return &scan, nil
-}
-
 func (c *Client) GetLastResults(id string) (map[string]*ResultSet, error) {
 	path := fmt.Sprintf("/api/v1/scans/%s/last_results", id)
 	req, err := c.newRequest(http.MethodGet, path, nil)
@@ -281,7 +276,7 @@ func (c *Client) ImportScanResult(project, branch, tool string, file string) (st
 	}
 	_ = writer.Close()
 
-	req, err := http.NewRequest("POST", u.String(), body)
+	req, err := http.NewRequest(http.MethodPost, u.String(), body)
 	if err != nil {
 		return "", err
 	}

cmd/import.go

@@ -6,12 +6,10 @@ Copyright © 2019 Kondukto
 package cmd
 
 import (
-	"fmt"
-	"os"
 	"path/filepath"
-	"text/tabwriter"
 
 	"github.com/kondukto-io/kdt/client"
+	"github.com/kondukto-io/kdt/klog"
 	"github.com/spf13/cobra"
 )
 
@@ -29,6 +27,8 @@ func init() {
 	importCmd.Flags().StringP("project", "p", "", "project name or id")
 	importCmd.Flags().StringP("tool", "t", "", "tool name")
 	importCmd.Flags().StringP("branch", "b", "", "branch")
+	importCmd.Flags().Bool("async", false, "does not block build process")
+	importCmd.Flags().Int("timeout", 0, "minutes to wait for import to finish. import will continue async if duration exceeds limit")
 
 	_ = importCmd.MarkFlagRequired("project")
 	_ = importCmd.MarkFlagRequired("tool")
@@ -75,10 +75,23 @@ func importRootCommand(cmd *cobra.Command, args []string) {
 		qwe(1, err, "failed to import scan results")
 	}
 
-	w := tabwriter.NewWriter(os.Stdout, 8, 8, 4, ' ', 0)
-	_, _ = fmt.Fprintf(w, "Event ID\n")
-	_, _ = fmt.Fprintf(w, "---\n")
-	_, _ = fmt.Fprintf(w, "%s\n", eventID)
-	_ = w.Flush()
+	async, err := cmd.Flags().GetBool("async")
+	if err != nil {
+		klog.Fatalf("failed to parse async flag: %v", err)
+	}
+
+	// Do not wait for import to finish if async set to true
+	if async {
+		eventRows := []Row{
+			{Columns: []string{"EVENT ID"}},
+			{Columns: []string{"--------"}},
+			{Columns: []string{eventID}},
+		}
+		tableWriter(eventRows...)
+		qwm(0, "import has been started with async parameter, exiting.")
+	}
+
+	waitTillScanEnded(cmd, c, eventID)
+
 	qwm(0, "scan results imported successfully")
 }

cmd/listProjects.go

@@ -6,10 +6,6 @@ Copyright © 2019 Kondukto
 package cmd
 
 import (
-	"fmt"
-	"os"
-	"text/tabwriter"
-
 	"github.com/kondukto-io/kdt/client"
 	"github.com/spf13/cobra"
 )
@@ -45,12 +41,12 @@ func projectsRootCommand(_ *cobra.Command, args []string) {
 		qwm(1, "no projects found")
 	}
 
-	w := tabwriter.NewWriter(os.Stdout, 8, 8, 4, ' ', 0)
-	defer func() { _ = w.Flush() }()
-
-	_, _ = fmt.Fprintln(w, "NAME\tID")
-	_, _ = fmt.Fprintln(w, "---\t---")
+	projectRows := []Row{
+		{Columns: []string{"NAME", "ID"}},
+		{Columns: []string{"----", "--"}},
+	}
 	for _, project := range projects {
-		_, _ = fmt.Fprintf(w, "%s\t%s\n", project.Name, project.ID)
+		projectRows = append(projectRows, Row{Columns: []string{project.Name, project.ID}})
 	}
+	tableWriter(projectRows...)
 }

cmd/listScanners.go

@@ -1,25 +1,21 @@
 package cmd
 
 import (
-	"fmt"
-	"os"
-	"text/tabwriter"
-
 	"github.com/spf13/cobra"
 )
 
 var listScannersCmd = &cobra.Command{
 	Use:   "scanners",
 	Short: "list supported scanners",
 	Run: func(cmd *cobra.Command, args []string) {
-		w := tabwriter.NewWriter(os.Stdout, 8, 8, 4, ' ', 0)
-		defer func() { _ = w.Flush() }()
-
-		_, _ = fmt.Fprintf(w, "Tool Name\tScanner Type\n")
-		_, _ = fmt.Fprintf(w, "------\t------\n")
+		scannerRows := []Row{
+			{Columns: []string{"Tool Name", "Scanner Type"}},
+			{Columns: []string{"------", "------"}},
+		}
 		for k, v := range scanners {
-			_, _ = fmt.Fprintf(w, "%s\t%s\n", k, v)
+			scannerRows = append(scannerRows, Row{Columns: []string{k, v}})
 		}
+		tableWriter(scannerRows...)
 	},
 }
 

cmd/listScans.go

@@ -6,10 +6,6 @@ Copyright © 2019 Kondukto
 package cmd
 
 import (
-	"fmt"
-	"os"
-	"text/tabwriter"
-
 	"github.com/kondukto-io/kdt/client"
 	"github.com/spf13/cobra"
 )
@@ -44,13 +40,16 @@ func scanListRootCommand(cmd *cobra.Command, _ []string) {
 		qwm(1, "no scans found with the project id/name")
 	}
 
-	w := tabwriter.NewWriter(os.Stdout, 8, 8, 4, ' ', 0)
-	defer func() { _ = w.Flush() }()
+	scanSummaryRows := []Row{
+		{Columns: []string{"NAME", "ID", "BRANCH", "META", "TOOL", "CRIT", "HIGH", "MED", "LOW", "SCORE", "DATE"}},
+		{Columns: []string{"----", "--", "------", "----", "----", "----", "----", "---", "---", "-----", "----"}},
+	}
 
-	_, _ = fmt.Fprintf(w, "NAME\tID\tBRANCH\tMETA\tTOOL\tCRIT\tHIGH\tMED\tLOW\tSCORE\tDATE\n")
-	_, _ = fmt.Fprintf(w, "---\t---\t---\t---\t---\t---\t---\t---\t---\t---\n")
 	for _, scan := range scans {
-		_, _ = fmt.Fprintf(w, "%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%s\n", scan.Name, scan.ID, scan.Branch, scan.MetaData,
-			scan.Tool, scan.Summary.Critical, scan.Summary.High, scan.Summary.Medium, scan.Summary.Low, scan.Score, scan.Date)
+		s := scan.Summary
+		name, id, branch, meta, tool, date := scan.Name, scan.ID, scan.Branch, scan.MetaData, scan.Tool, scan.Date.String()
+		crit, high, med, low, score := strC(s.Critical), strC(s.High), strC(s.Medium), strC(s.Low), strC(scan.Score)
+		scanSummaryRows = append(scanSummaryRows, Row{Columns: []string{name, id, branch, meta, tool, crit, high, med, low, score, date}})
 	}
+	tableWriter(scanSummaryRows...)
 }

cmd/release.go

@@ -7,8 +7,6 @@ package cmd
 
 import (
 	"fmt"
-	"os"
-	"text/tabwriter"
 
 	"github.com/kondukto-io/kdt/klog"
 
@@ -57,11 +55,12 @@ func releaseRootCommand(cmd *cobra.Command, _ []string) {
 		qwm(0, "project has no release criteria")
 	}
 
-	w := tabwriter.NewWriter(os.Stdout, 8, 8, 4, ' ', 0)
-	_, _ = fmt.Fprintf(w, "STATUS\tSAST\tDAST\tSCA\n")
-	_, _ = fmt.Fprintf(w, "---\t---\t---\t---\n")
-	_, _ = fmt.Fprintf(w, "%s\t%s\t%s\t%s\n\n", rs.Status, rs.SAST.Status, rs.DAST.Status, rs.SCA.Status)
-	_ = w.Flush()
+	releaseCriteriaRows := []Row{
+		{Columns: []string{"STATUS", "SAST", "DAST", "SCA"}},
+		{Columns: []string{"------", "----", "----", "---"}},
+		{Columns: []string{rs.Status, rs.SAST.Status, rs.DAST.Status, rs.SCA.Status}},
+	}
+	tableWriter(releaseCriteriaRows...)
 
 	sast, err := cmd.Flags().GetBool("sast")
 	if err != nil {