Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor codeqlExecuteScan #4888

Merged
merged 10 commits into from
Apr 16, 2024
Merged

refactor codeqlExecuteScan #4888

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
a1d8beb
refactored codeql step
daskuznetsova Apr 2, 2024
aef205e
fixed tests
daskuznetsova Apr 4, 2024
7127b9b
fixed reports output dir
daskuznetsova Apr 4, 2024
272dfb9
refactored
daskuznetsova Apr 4, 2024
a630c92
Merge branch 'master' into codeql-refactoring-dev-2
daskuznetsova Apr 5, 2024
e4f11ba
fixed returning error
daskuznetsova Apr 8, 2024
03fb4d2
Merge branch 'codeql-refactoring-dev-2' of github.com:daskuznetsova/j…
daskuznetsova Apr 8, 2024
671642d
Merge branch 'master' into codeql-refactoring-dev-2
daskuznetsova Apr 8, 2024
431a0dc
fixed tests
daskuznetsova Apr 8, 2024
918f44f
Merge branch 'master' into codeql-refactoring-dev-2
sumeetpatil Apr 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
393 changes: 168 additions & 225 deletions cmd/codeqlExecuteScan.go
View file
Open in desktop

Large diffs are not rendered by default.

464 changes: 132 additions & 332 deletions cmd/codeqlExecuteScan_test.go
View file
Open in desktop

Large diffs are not rendered by default.

140 changes: 140 additions & 0 deletions pkg/codeql/repo_info.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
package codeql

import (
"errors"
"fmt"
"regexp"
"strings"

"github.com/SAP/jenkins-library/pkg/log"
"github.com/SAP/jenkins-library/pkg/orchestrator"
)

type RepoInfo struct {
ServerUrl string
Owner string
Repo string
CommitId string
AnalyzedRef string
FullRef string
FullUrl string
ScanUrl string
}

func GetRepoInfo(repository, analyzedRef, commitID, targetGithubRepoURL, targetGithubBranchName string) (*RepoInfo, error) {
repoInfo := &RepoInfo{}
err := setRepoInfoFromRepoUri(repository, repoInfo)
if err != nil {
log.Entry().Error(err)
}
repoInfo.AnalyzedRef = analyzedRef
repoInfo.CommitId = commitID

getRepoInfoFromOrchestrator(repoInfo)

if len(targetGithubRepoURL) > 0 {
log.Entry().Infof("Checking target GitHub repo URL: %s", targetGithubRepoURL)
if err := setTargetGithubRepoInfo(targetGithubRepoURL, targetGithubBranchName, repoInfo); err != nil {
return repoInfo, err
}
}

repoUrl := fmt.Sprintf("%s/%s/%s", repoInfo.ServerUrl, repoInfo.Owner, repoInfo.Repo)
repoInfo.FullUrl = repoUrl
repoInfo.ScanUrl = fmt.Sprintf("%s/security/code-scanning?query=is:open+ref:%s", repoUrl, repoInfo.AnalyzedRef)

repoRef, err := buildRepoReference(repoUrl, repoInfo.AnalyzedRef)
if err != nil {
return nil, err
}
repoInfo.FullRef = repoRef

return repoInfo, nil
}

func buildRepoReference(repository, analyzedRef string) (string, error) {
ref := strings.Split(analyzedRef, "/")
if len(ref) < 3 {
return "", fmt.Errorf("wrong analyzedRef format: %s", analyzedRef)
}
if strings.Contains(analyzedRef, "pull") {
if len(ref) < 4 {
return "", fmt.Errorf("wrong analyzedRef format: %s", analyzedRef)
}
return fmt.Sprintf("%s/pull/%s", repository, ref[2]), nil
}
return fmt.Sprintf("%s/tree/%s", repository, ref[2]), nil
}

func setRepoInfoFromRepoUri(repoUri string, repoInfo *RepoInfo) error {
if repoUri == "" {
return errors.New("repository param is not set or it cannot be auto populated")
}
serverUrl, owner, repo, err := parseRepoUri(repoUri)
if err != nil {
return err
}
repoInfo.ServerUrl = serverUrl
repoInfo.Owner = owner
repoInfo.Repo = repo
return nil
}

func parseRepoUri(repoUri string) (string, string, string, error) {
pat := regexp.MustCompile(`^(https:\/\/|git@)([\S]+:[\S]+@)?([^\/:]+)[\/:]([^\/:]+\/[\S]+)$`)
matches := pat.FindAllStringSubmatch(repoUri, -1)
if len(matches) > 0 {
match := matches[0]
serverUrl := "https://" + match[3]
repoData := strings.Split(strings.TrimSuffix(match[4], ".git"), "/")
if len(repoData) != 2 {
return "", "", "", fmt.Errorf("invalid repository %s", repoUri)
}
owner, repo := repoData[0], repoData[1]
return serverUrl, owner, repo, nil
}
return "", "", "", fmt.Errorf("invalid repository %s", repoUri)
}

func getRepoInfoFromOrchestrator(repoInfo *RepoInfo) {
provider, err := orchestrator.GetOrchestratorConfigProvider(nil)
if err != nil {
log.Entry().Warn("No orchestrator found. We assume piper is running locally.")
} else {
if repoInfo.AnalyzedRef == "" {
repoInfo.AnalyzedRef = provider.GitReference()
}
if repoInfo.CommitId == "" || repoInfo.CommitId == "NA" {
repoInfo.CommitId = provider.CommitSHA()
}
if repoInfo.ServerUrl == "" {
err := setRepoInfoFromRepoUri(provider.RepoURL(), repoInfo)
if err != nil {
log.Entry().WithError(err).Error("failed to get repo info from orchestrator")
}
}
}
}

func setTargetGithubRepoInfo(targetGHRepoURL, targetGHBranchName string, repoInfo *RepoInfo) error {
if strings.Contains(repoInfo.ServerUrl, "github") {
return errors.New("TargetGithubRepoURL should not be set as the source repo is on github")
}
err := setRepoInfoFromRepoUri(targetGHRepoURL, repoInfo)
if err != nil {
log.Entry().WithError(err).Error("Failed to get target github repo info")
return err
}
if len(targetGHBranchName) > 0 {
log.Entry().Infof("Target GitHub branch name: %s", targetGHBranchName)
repoInfo.AnalyzedRef = getFullBranchName(targetGHBranchName)
}
return nil
}

func getFullBranchName(branchName string) string {
if len(strings.Split(branchName, "/")) < 3 {
return "refs/heads/" + branchName
}
return branchName
}
Loading
Loading