poc: add snykcode to the cli

snyk · Feb 15, 2021 · 2583025 · 2583025
1 parent 2e53647
commit 2583025
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 14 deletions.
diff --git a/.dccache b/.dccache
diff --git a/config.default.json b/config.default.json
@@ -2,5 +2,6 @@
   "API": "https://snyk.io/api/v1",
   "devDeps": false,
   "PRUNE_DEPS_THRESHOLD": 40000,
-  "MAX_PATH_COUNT": 1500000
+  "MAX_PATH_COUNT": 1500000,
+  "SNYKCODE_PROXY": "snyk2deepcode-token-exchange.dev.snyk.io"
 }
diff --git a/package.json b/package.json
@@ -64,7 +64,7 @@
   "license": "Apache-2.0",
   "dependencies": {
     "@open-policy-agent/opa-wasm": "^1.2.0",
-    "@deepcode/tsc": "^2.1.1",
+    "@snyk/code-client": "^2.1.1",
     "@snyk/cli-interface": "2.11.0",
     "@snyk/dep-graph": "1.23.1",
     "@snyk/gemfile": "1.2.0",

diff --git a/src/lib/config.ts b/src/lib/config.ts
@@ -15,6 +15,7 @@ interface Config {
   timeout: number;
   PROJECT_NAME: string;
   TOKEN: string;
+  SNYKCODE_PROXY: string;
 }
 
 // TODO: fix the types!

diff --git a/src/lib/snyk-test/run-code-test.ts b/src/lib/snyk-test/run-code-test.ts
@@ -1,24 +1,49 @@
-import * as tsc from '@deepcode/tsc';
+import * as codeClient from '@snyk/code-client';
+import { api } from '../../lib/api-token';
+import * as config from '../config';
+import spinner = require('../spinner');
+import * as analytics from '../analytics';
 
-tsc.emitter.on('scanFilesProgress', (processed: number) => {
+codeClient.emitter.on('scanFilesProgress', (processed: number) => {
   console.log(`Indexed ${processed} files`);
 });
 
 /** Bundle upload process is started with provided data */
-tsc.emitter.on('uploadBundleProgress', (processed: number, total: number) => {
-  console.log(`Upload bundle progress: ${processed}/${total}`);
-});
+codeClient.emitter.on(
+  'uploadBundleProgress',
+  (processed: number, total: number) => {
+    console.log(`Upload bundle progress: ${processed}/${total}`);
+  },
+);
 
 /** Receives an error object and logs an error message */
-tsc.emitter.on('sendError', (error) => {
+codeClient.emitter.on('sendError', (error) => {
   console.log(error);
 });
+
+export async function getCodeAnalysisAndParseResults(
+  spinnerLbl,
+  root,
+  options,
+) {
+  await spinner.clear<void>(spinnerLbl)();
+  await spinner(spinnerLbl);
+
+  analytics.add('Code type', true);
+  const res = await getCodeAnalysis(root);
+
+  return await parseCodeTestResult(res, options.severityThreshold);
+}
 export async function getCodeAnalysis(root) {
-  let baseURL = `snyk2deepcode-token-exchange.dev.snyk.io`;
-  let sessionToken = `insert token here`;
-  return await tsc.analyzeFolders(baseURL, sessionToken, false, 1, [root]);
+  let baseURL = config.SNYKCODE_PROXY;
+  let sessionToken = api();
+  return await codeClient.analyzeFolders(baseURL, sessionToken, false, 1, [
+    root,
+  ]);
 }
 
-export function parseCodeTestResult(result) {
-  console.log(result);
+export function parseCodeTestResult(result, severityThreshold) {
+  console.log(result, severityThreshold);
+  //filtering
+  return result;
 }
diff --git a/src/lib/snyk-test/run-test.ts b/src/lib/snyk-test/run-test.ts
@@ -57,7 +57,11 @@ import { serializeCallGraphWithMetrics } from '../reachable-vulns';
 import { validateOptions } from '../options-validator';
 import { findAndLoadPolicy } from '../policy';
 import { assembleIacLocalPayloads, parseIacTestResult } from './run-iac-test';
+<<<<<<< HEAD
 import { parseCodeTestResult, getCodeAnalysis } from './run-code-test';
+=======
+import { getCodeAnalysisAndParseResults } from './run-code-test';
+>>>>>>> poc: add snykcode to the cli
 import {
   Payload,
   PayloadBody,
@@ -302,9 +306,15 @@ async function sendAndParseResults(
         options.severityThreshold,
       );
       results.push(result);
+<<<<<<< HEAD
     } else if (options.code) {
       const res = await getCodeAnalysis(root);
       console.log(res);
+=======
+    // } else if (options.code) {
+    //   const res = await getCodeAnalysis(root);
+    //   console.log(res);
+>>>>>>> poc: add snykcode to the cli
     } else {
       /** sendTestPayload() deletes the request.body from the payload once completed. */
       const payloadCopy = Object.assign({}, payload);
@@ -365,6 +375,9 @@ export async function runTest(
   const spinnerLbl = 'Querying vulnerabilities database...';
   try {
     await validateOptions(options, options.packageManager);
+    if(options.code){
+      return await getCodeAnalysisAndParseResults(spinnerLbl, root, options)
+    }
     const payloads = await assemblePayloads(root, options);
     return await sendAndParseResults(payloads, spinnerLbl, root, options);
   } catch (error) {