diff --git a/cmd/codeqlExecuteScan.go b/cmd/codeqlExecuteScan.go index f99679771..7b52c174f 100644 --- a/cmd/codeqlExecuteScan.go +++ b/cmd/codeqlExecuteScan.go @@ -120,12 +120,13 @@ func getGitRepoInfo(repoUri string, repoInfo *RepoInfo) error { return fmt.Errorf("Invalid repository %s", repoUri) } -func initGitInfo(config *codeqlExecuteScanOptions) RepoInfo { +func initGitInfo(config *codeqlExecuteScanOptions) (RepoInfo, error) { var repoInfo RepoInfo err := getGitRepoInfo(config.Repository, &repoInfo) if err != nil { log.Entry().Error(err) } + repoInfo.ref = config.AnalyzedRef repoInfo.commitId = config.CommitID @@ -148,8 +149,25 @@ func initGitInfo(config *codeqlExecuteScanOptions) RepoInfo { } } } + if len(config.TargetGithubRepoURL) > 0 { + if strings.Contains(repoInfo.serverUrl, "github") { + log.Entry().Errorf("TargetGithubRepoURL should not be set as the source repo is on github.") + return repoInfo, errors.New("TargetGithubRepoURL should not be set as the source repo is on github.") + } + err := getGitRepoInfo(config.TargetGithubRepoURL, &repoInfo) + if err != nil { + log.Entry().Error(err) + return repoInfo, err + } + if len(config.TargetGithubBranchName) > 0 { + repoInfo.ref = config.TargetGithubBranchName + if len(strings.Split(config.TargetGithubBranchName, "/")) < 3 { + repoInfo.ref = "refs/heads/" + config.TargetGithubBranchName + } + } + } - return repoInfo + return repoInfo, nil } func getToken(config *codeqlExecuteScanOptions) (bool, string) { @@ -311,11 +329,37 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem reports = append(reports, piperutils.Path{Target: filepath.Join(config.ModulePath, "target", "codeqlReport.csv")}) - repoInfo := initGitInfo(config) + repoInfo, err := initGitInfo(config) + if err != nil { + return reports, err + } repoUrl := fmt.Sprintf("%s/%s/%s", repoInfo.serverUrl, repoInfo.owner, repoInfo.repo) repoReference, err := buildRepoReference(repoUrl, repoInfo.ref) repoCodeqlScanUrl := fmt.Sprintf("%s/security/code-scanning?query=is:open+ref:%s", repoUrl, repoInfo.ref) + if len(config.TargetGithubRepoURL) > 0 { + hasToken, token := getToken(config) + if !hasToken { + return reports, errors.New("failed running upload db sources to GitHub as githubToken was not specified") + } + repoUploader, err := codeql.NewGitUploaderInstance( + token, + repoInfo.ref, + config.Database, + repoInfo.commitId, + config.Repository, + config.TargetGithubRepoURL, + ) + if err != nil { + return reports, err + } + targetCommitId, err := repoUploader.UploadProjectToGithub() + if err != nil { + return reports, errors.Wrap(err, "failed uploading db sources from non-GitHub SCM to GitHub") + } + repoInfo.commitId = targetCommitId + } + if !config.UploadResults { log.Entry().Warn("The sarif results will not be uploaded to the repository and compliance report will not be generated as uploadResults is set to false.") } else { diff --git a/cmd/codeqlExecuteScan_generated.go b/cmd/codeqlExecuteScan_generated.go index afbb1c9a1..55b575a4f 100644 --- a/cmd/codeqlExecuteScan_generated.go +++ b/cmd/codeqlExecuteScan_generated.go @@ -30,6 +30,8 @@ type codeqlExecuteScanOptions struct { UploadResults bool `json:"uploadResults,omitempty"` SarifCheckMaxRetries int `json:"sarifCheckMaxRetries,omitempty"` SarifCheckRetryInterval int `json:"sarifCheckRetryInterval,omitempty"` + TargetGithubRepoURL string `json:"targetGithubRepoURL,omitempty"` + TargetGithubBranchName string `json:"targetGithubBranchName,omitempty"` Threads string `json:"threads,omitempty"` Ram string `json:"ram,omitempty"` AnalyzedRef string `json:"analyzedRef,omitempty"` @@ -193,6 +195,8 @@ func addCodeqlExecuteScanFlags(cmd *cobra.Command, stepConfig *codeqlExecuteScan cmd.Flags().BoolVar(&stepConfig.UploadResults, "uploadResults", false, "Allows you to upload codeql SARIF results to your github project. You will need to set githubToken for this.") cmd.Flags().IntVar(&stepConfig.SarifCheckMaxRetries, "sarifCheckMaxRetries", 10, "Maximum number of retries when waiting for the server to finish processing the SARIF upload.") cmd.Flags().IntVar(&stepConfig.SarifCheckRetryInterval, "sarifCheckRetryInterval", 30, "Interval in seconds between retries when waiting for the server to finish processing the SARIF upload.") + cmd.Flags().StringVar(&stepConfig.TargetGithubRepoURL, "targetGithubRepoURL", os.Getenv("PIPER_targetGithubRepoURL"), "") + cmd.Flags().StringVar(&stepConfig.TargetGithubBranchName, "targetGithubBranchName", os.Getenv("PIPER_targetGithubBranchName"), "") cmd.Flags().StringVar(&stepConfig.Threads, "threads", `0`, "Use this many threads for the codeql operations.") cmd.Flags().StringVar(&stepConfig.Ram, "ram", os.Getenv("PIPER_ram"), "Use this much ram (MB) for the codeql operations.") cmd.Flags().StringVar(&stepConfig.AnalyzedRef, "analyzedRef", os.Getenv("PIPER_analyzedRef"), "Name of the ref that was analyzed.") @@ -324,6 +328,24 @@ func codeqlExecuteScanMetadata() config.StepData { Aliases: []config.Alias{}, Default: 30, }, + { + Name: "targetGithubRepoURL", + ResourceRef: []config.ResourceReference{}, + Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, + Type: "string", + Mandatory: false, + Aliases: []config.Alias{}, + Default: os.Getenv("PIPER_targetGithubRepoURL"), + }, + { + Name: "targetGithubBranchName", + ResourceRef: []config.ResourceReference{}, + Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, + Type: "string", + Mandatory: false, + Aliases: []config.Alias{}, + Default: os.Getenv("PIPER_targetGithubBranchName"), + }, { Name: "threads", ResourceRef: []config.ResourceReference{}, diff --git a/cmd/codeqlExecuteScan_test.go b/cmd/codeqlExecuteScan_test.go index b0784a515..ffcfc57e4 100644 --- a/cmd/codeqlExecuteScan_test.go +++ b/cmd/codeqlExecuteScan_test.go @@ -180,7 +180,8 @@ func TestGetGitRepoInfo(t *testing.T) { func TestInitGitInfo(t *testing.T) { t.Run("Valid URL1", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "codeql", repoInfo.repo) @@ -190,7 +191,8 @@ func TestInitGitInfo(t *testing.T) { t.Run("Valid URL2", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "codeql", repoInfo.repo) @@ -200,7 +202,8 @@ func TestInitGitInfo(t *testing.T) { t.Run("Valid url with dots URL1", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/com.sap.codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "com.sap.codeql", repoInfo.repo) @@ -210,7 +213,8 @@ func TestInitGitInfo(t *testing.T) { t.Run("Valid url with dots URL2", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/com.sap.codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "com.sap.codeql", repoInfo.repo) @@ -220,7 +224,8 @@ func TestInitGitInfo(t *testing.T) { t.Run("Valid url with username and token URL1", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://username:token@github.hello.test/Testing/codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "codeql", repoInfo.repo) @@ -230,7 +235,8 @@ func TestInitGitInfo(t *testing.T) { t.Run("Valid url with username and token URL2", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://username:token@github.hello.test/Testing/codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "Testing", repoInfo.owner) assert.Equal(t, "codeql", repoInfo.repo) @@ -240,8 +246,9 @@ func TestInitGitInfo(t *testing.T) { t.Run("Invalid URL with no org/reponame", func(t *testing.T) { config := codeqlExecuteScanOptions{Repository: "https://github.hello.test", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"} - repoInfo := initGitInfo(&config) - _, err := orchestrator.NewOrchestratorSpecificConfigProvider() + repoInfo, err := initGitInfo(&config) + assert.NoError(t, err) + _, err = orchestrator.NewOrchestratorSpecificConfigProvider() assert.Equal(t, "abcd1234", repoInfo.commitId) assert.Equal(t, "refs/head/branch", repoInfo.ref) if err != nil { diff --git a/go.mod b/go.mod index aefa10b51..d80dbd188 100644 --- a/go.mod +++ b/go.mod @@ -23,8 +23,8 @@ require ( github.com/evanphx/json-patch v5.6.0+incompatible github.com/getsentry/sentry-go v0.11.0 github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 - github.com/go-git/go-billy/v5 v5.3.1 - github.com/go-git/go-git/v5 v5.4.2 + github.com/go-git/go-billy/v5 v5.4.1 + github.com/go-git/go-git/v5 v5.8.1 github.com/go-openapi/runtime v0.24.1 github.com/go-openapi/strfmt v0.21.3 github.com/go-playground/locales v0.14.0 @@ -69,6 +69,7 @@ require ( require ( cloud.google.com/go/compute/metadata v0.2.3 // indirect + dario.cat/mergo v1.0.0 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 // indirect github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.23 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.6 // indirect @@ -101,9 +102,11 @@ require ( github.com/okta/okta-sdk-golang/v2 v2.12.1 // indirect github.com/oracle/oci-go-sdk/v60 v60.0.0 // indirect github.com/pires/go-proxyproto v0.6.1 // indirect + github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d // indirect github.com/shirou/gopsutil/v3 v3.22.6 // indirect + github.com/skeema/knownhosts v1.2.0 // indirect github.com/sony/gobreaker v0.4.2-0.20210216022020-dd874f9dd33b // indirect github.com/yusufpapurcu/wmi v1.2.2 // indirect go.opentelemetry.io/otel v1.14.0 // indirect @@ -143,8 +146,8 @@ require ( github.com/Masterminds/semver/v3 v3.2.1 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/NYTimes/gziphandler v1.1.1 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20230626094100-7e9e0395ebec // indirect - github.com/acomagu/bufpipe v1.0.3 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 // indirect + github.com/acomagu/bufpipe v1.0.4 // indirect github.com/aliyun/alibaba-cloud-sdk-go v1.62.301 // indirect github.com/antchfx/xpath v1.2.0 // indirect github.com/armon/go-metrics v0.4.1 // indirect @@ -189,12 +192,12 @@ require ( github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/emicklei/go-restful/v3 v3.10.1 // indirect - github.com/emirpasic/gods v1.12.0 // indirect + github.com/emirpasic/gods v1.18.1 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/fatih/color v1.15.0 // indirect github.com/frankban/quicktest v1.14.4 // indirect github.com/go-errors/errors v1.4.2 // indirect - github.com/go-git/gcfg v1.5.0 // indirect + github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-logr/logr v1.2.3 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/go-openapi/analysis v0.21.2 // indirect @@ -265,7 +268,7 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect + github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.16.5 // indirect github.com/leodido/go-urn v1.2.1 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect @@ -325,7 +328,7 @@ require ( github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c // indirect github.com/vbatts/tar-split v0.11.2 // indirect github.com/vmware/govmomi v0.18.0 // indirect - github.com/xanzy/ssh-agent v0.3.0 // indirect + github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xlab/treeprint v1.1.0 // indirect github.com/xuri/efp v0.0.0-20210322160811-ab561f5b45e3 // indirect go.etcd.io/bbolt v1.3.7 // indirect @@ -355,7 +358,7 @@ require ( k8s.io/client-go v0.27.2 // indirect k8s.io/klog/v2 v2.90.1 // indirect k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect - k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect + k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 oras.land/oras-go v1.2.3 // indirect sigs.k8s.io/kustomize/api v0.12.1 // indirect sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect diff --git a/go.sum b/go.sum index 47b956218..e61b6838f 100644 --- a/go.sum +++ b/go.sum @@ -54,6 +54,8 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 cloud.google.com/go/storage v1.29.0 h1:6weCgzRvMg7lzuUurI4697AqIRPU1SvzHhynwpW31jI= cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f h1:UrKzEwTgeiff9vxdrfdqxibzpWjxLnuXDI5m6z3GJAk= +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMbk2FiG/kXiLl8BRyzTWDw7gX/Hz7Dd5eDMs= github.com/99designs/keyring v1.2.2 h1:pZd3neh/EmUzWONb35LxQfvuY7kiSXAq3HQd97+XBn0= @@ -159,6 +161,7 @@ github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JP github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= @@ -176,9 +179,8 @@ github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cq github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20230626094100-7e9e0395ebec h1:vV3RryLxt42+ZIVOFbYJCH1jsZNTNmj2NYru5zfx+4E= -github.com/ProtonMail/go-crypto v0.0.0-20230626094100-7e9e0395ebec/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= +github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 h1:KLq8BE0KwCL+mmXnjLWEAOYO+2l2AE4YMmqG1ZpZHBs= +github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= @@ -190,8 +192,8 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/O github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/abdullin/seq v0.0.0-20160510034733-d5467c17e7af h1:DBNMBMuMiWYu0b+8KMJuWmfCkcxl09JwdlqwDZZ6U14= github.com/abdullin/seq v0.0.0-20160510034733-d5467c17e7af/go.mod h1:5Jv4cbFiHJMsVxt52+i0Ha45fjshj6wxYr1r19tB9bw= -github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= -github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= +github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= +github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -203,8 +205,7 @@ github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:C github.com/aliyun/alibaba-cloud-sdk-go v1.62.301 h1:8mgvCpqsv3mQAcqZ/baAaMGUBj5J6MKMhxLd+K8L27Q= github.com/aliyun/alibaba-cloud-sdk-go v1.62.301/go.mod h1:Api2AkmMgGaSUAhmk76oaFObkoeCPc/bKAqcyplPODs= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/antchfx/htmlquery v1.2.4 h1:qLteofCMe/KGovBI6SQgmou2QNyedFUW+pE+BpeZ494= github.com/antchfx/htmlquery v1.2.4/go.mod h1:2xO6iu3EVWs7R2JYqBbp8YzG50gj/ofqs5/0VZoDZLc= github.com/antchfx/xpath v1.2.0 h1:mbwv7co+x0RwgeGAOHdrKy89GvHaGvxxBtPK0uF9Zr8= @@ -227,7 +228,6 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= @@ -549,14 +549,15 @@ github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25Kn github.com/dvsekhvalnov/jose2go v1.5.0 h1:3j8ya4Z4kMCwT5nXIKFSV84YS+HdqSSO0VsTQxaLAeM= github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385/go.mod h1:0vRUJqYpeSZifjYj7uP3BG/gKcuzL9xWVV/Y+cK33KM= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= github.com/elliotchance/orderedmap v1.4.0 h1:wZtfeEONCbx6in1CZyE6bELEt/vFayMvsxqI5SgsR+A= github.com/elliotchance/orderedmap v1.4.0/go.mod h1:wsDwEaX5jEoyhbs7x93zk2H/qv0zwuhg4inXhDkYqys= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= +github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -580,7 +581,6 @@ github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBD github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.5+incompatible h1:/l4kBbb4/vGSsdtB5nUe8L7B9mImVMaBPw9L/0TBHU8= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= @@ -608,8 +608,7 @@ github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/3rZdM= github.com/gin-gonic/gin v1.6.3 h1:ahKqKTFpO5KTPHxWZjEdPScmYaGtLo8Y4DMHoEsnp14= github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M= -github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/go-asn1-ber/asn1-ber v1.5.4 h1:vXT6d/FNDiELJnLb6hGNa309LMsrCoYFvpwHDF0+Y1A= @@ -618,15 +617,13 @@ github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJ github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= -github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8= -github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= -github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= -github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= +github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= +github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= +github.com/go-git/go-git/v5 v5.8.1 h1:Zo79E4p7TRk0xoRgMq0RShiTHGKcKI4+DI6BfJc/Q+A= +github.com/go-git/go-git/v5 v5.8.1/go.mod h1:FHFuoD6yGz5OSKEBK+aWN9Oah0q54Jxl0abmj6GnqAo= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -1151,7 +1148,6 @@ github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJ github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA= @@ -1198,7 +1194,6 @@ github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2 github.com/jefferai/jsonx v1.0.0 h1:Xoz0ZbmkpBvED5W9W1B5B/zc3Oiq7oXqiW7iRV3B6EI= github.com/jefferai/jsonx v1.0.0/go.mod h1:OGmqmi2tTeI/PS+qQfBDToLHHJIy/RMp24fPo8vFvoQ= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.10.3 h1:8ogeubpKh2TiulA0apmGlW5YAH4U1Vi4TINIP+gpNfQ= github.com/jhump/protoreflect v1.10.3/go.mod h1:7GcYQDdMU/O/BBrl/cX6PNHpXh6cenjd8pneu5yW7Tg= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= @@ -1242,8 +1237,8 @@ github.com/kataras/pio v0.0.2/go.mod h1:hAoW0t9UmXi4R5Oyq5Z4irTbaTsOemSrDGUtaTl7 github.com/kataras/sitemap v0.0.5/go.mod h1:KY2eugMKiPwsJgx7+U103YZehfvNGOXURubcGyk0Bz8= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= +github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -1530,6 +1525,8 @@ github.com/piper-validation/fortify-client-go v0.0.0-20220126145513-7b3e9a72af01 github.com/piper-validation/fortify-client-go v0.0.0-20220126145513-7b3e9a72af01/go.mod h1:EZkdCgngw/tInYdidqDQlRIXvyM1fSbqn/vx83YNCcw= github.com/pires/go-proxyproto v0.6.1 h1:EBupykFmo22SDjv4fQVQd2J9NOoLPmyZA/15ldOGkPw= github.com/pires/go-proxyproto v0.6.1/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY= +github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= +github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -1640,7 +1637,6 @@ github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUt github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sethvargo/go-limiter v0.7.1 h1:wWNhTj0pxjyJ7wuJHpRJpYwJn+bUnjYfw2a85eu5w9U= @@ -1660,6 +1656,8 @@ github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/skeema/knownhosts v1.2.0 h1:h9r9cf0+u7wSE+M183ZtMGgOJKiL96brpaz5ekfJCpM= +github.com/skeema/knownhosts v1.2.0/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v1.0.0/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM= @@ -1780,8 +1778,8 @@ github.com/vmware/govmomi v0.18.0 h1:f7QxSmP7meCtoAmiKZogvVbLInT+CZx6Px6K5rYsJZo github.com/vmware/govmomi v0.18.0/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= -github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= +github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= +github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= @@ -1874,7 +1872,6 @@ golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= @@ -1896,7 +1893,6 @@ golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -2004,7 +2000,6 @@ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= -golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= @@ -2151,7 +2146,6 @@ golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/pkg/codeql/github_repo_upload.go b/pkg/codeql/github_repo_upload.go new file mode 100644 index 000000000..60a220d11 --- /dev/null +++ b/pkg/codeql/github_repo_upload.go @@ -0,0 +1,335 @@ +package codeql + +import ( + "archive/zip" + "fmt" + "io" + "os" + "path" + "path/filepath" + "runtime" + "strings" + "time" + + "github.com/SAP/jenkins-library/pkg/command" + "github.com/SAP/jenkins-library/pkg/log" + "github.com/go-git/go-git/v5" + "github.com/go-git/go-git/v5/config" + "github.com/go-git/go-git/v5/plumbing" + "github.com/go-git/go-git/v5/plumbing/object" + "github.com/go-git/go-git/v5/plumbing/transport/http" + "github.com/go-git/go-git/v5/storage/memory" + "gopkg.in/yaml.v2" +) + +type GitUploader interface { + UploadProjectToGithub() (string, error) +} + +type GitUploaderInstance struct { + *command.Command + + token string + ref string + sourceCommitId string + sourceRepo string + targetRepo string + dbDir string +} + +func NewGitUploaderInstance(token, ref, dbDir, sourceCommitId, sourceRepo, targetRepo string) (*GitUploaderInstance, error) { + dbAbsPath, err := filepath.Abs(dbDir) + if err != nil { + return nil, err + } + instance := &GitUploaderInstance{ + Command: &command.Command{}, + token: token, + ref: ref, + sourceCommitId: sourceCommitId, + sourceRepo: sourceRepo, + targetRepo: targetRepo, + dbDir: filepath.Clean(dbAbsPath), + } + + instance.Stdout(log.Writer()) + instance.Stderr(log.Writer()) + return instance, nil +} + +type gitUtils interface { + listRemote() ([]reference, error) + cloneRepo(dir string, opts *git.CloneOptions) (*git.Repository, error) + switchOrphan(ref string, repo *git.Repository) error +} + +type repository interface { + Worktree() (*git.Worktree, error) + CommitObject(commit plumbing.Hash) (*object.Commit, error) + Push(o *git.PushOptions) error +} + +type worktree interface { + RemoveGlob(pattern string) error + Clean(opts *git.CleanOptions) error + AddWithOptions(opts *git.AddOptions) error + Commit(msg string, opts *git.CommitOptions) (plumbing.Hash, error) +} + +type reference interface { + Name() plumbing.ReferenceName +} + +const ( + CommitMessageMirroringCode = "Mirroring code for revision %s from %s" + SrcZip = "src.zip" + codeqlDatabaseYml = "codeql-database.yml" +) + +func (uploader *GitUploaderInstance) UploadProjectToGithub() (string, error) { + tmpDir, err := os.MkdirTemp("", "tmp") + if err != nil { + return "", err + } + defer os.RemoveAll(tmpDir) + + refExists, err := doesRefExist(uploader, uploader.ref) + if err != nil { + return "", err + } + + repo, err := clone(uploader, uploader.targetRepo, uploader.token, uploader.ref, tmpDir, refExists) + if err != nil { + return "", err + } + + tree, err := repo.Worktree() + if err != nil { + return "", err + } + err = cleanDir(tree) + if err != nil { + return "", err + } + + srcLocationPrefix, err := getSourceLocationPrefix(filepath.Join(uploader.dbDir, codeqlDatabaseYml)) + if err != nil { + return "", err + } + + zipPath := path.Join(uploader.dbDir, SrcZip) + err = unzip(zipPath, tmpDir, strings.Trim(srcLocationPrefix, fmt.Sprintf("%c", os.PathSeparator))) + if err != nil { + return "", err + } + + err = add(tree) + if err != nil { + return "", err + } + + newCommit, err := commit(repo, tree, uploader.sourceCommitId, uploader.sourceRepo) + if err != nil { + return "", err + } + + err = push(repo, uploader.token) + if err != nil { + return "", err + } + + return newCommit.ID().String(), err +} + +func (uploader *GitUploaderInstance) listRemote() ([]reference, error) { + rem := git.NewRemote(memory.NewStorage(), &config.RemoteConfig{ + Name: "origin", + URLs: []string{uploader.targetRepo}, + }) + + list, err := rem.List(&git.ListOptions{ + Auth: &http.BasicAuth{ + Username: "does-not-matter", + Password: uploader.token, + }, + }) + if err != nil { + return nil, err + } + var convertedList []reference + for _, ref := range list { + convertedList = append(convertedList, ref) + } + return convertedList, err +} + +func (uploader *GitUploaderInstance) cloneRepo(dir string, opts *git.CloneOptions) (*git.Repository, error) { + return git.PlainClone(dir, false, opts) +} + +func (uploader *GitUploaderInstance) switchOrphan(ref string, r *git.Repository) error { + branchName := strings.Split(ref, "/")[2:] + newRef := plumbing.NewBranchReferenceName(strings.Join(branchName, "/")) + return r.Storer.SetReference(plumbing.NewSymbolicReference(plumbing.HEAD, newRef)) +} + +func doesRefExist(uploader gitUtils, ref string) (bool, error) { + // git ls-remote + remoteRefs, err := uploader.listRemote() + if err != nil { + return false, err + } + for _, r := range remoteRefs { + if string(r.Name()) == ref { + return true, nil + } + } + return false, nil +} + +func clone(uploader gitUtils, url, token, ref, dir string, refExists bool) (*git.Repository, error) { + opts := &git.CloneOptions{ + URL: url, + Auth: &http.BasicAuth{ + Username: "does-not-matter", + Password: token, + }, + SingleBranch: true, + Depth: 1, + } + if refExists { + opts.ReferenceName = plumbing.ReferenceName(ref) + // git clone -b --single-branch --depth=1 + return uploader.cloneRepo(dir, opts) + } + + // git clone --single-branch --depth=1 + r, err := uploader.cloneRepo(dir, opts) + if err != nil { + return nil, err + } + + // git switch --orphan + err = uploader.switchOrphan(ref, r) + if err != nil { + return nil, err + } + return r, nil +} + +func cleanDir(t worktree) error { + // git rm -r + err := t.RemoveGlob("*") + if err != nil { + return err + } + // git clean -d + err = t.Clean(&git.CleanOptions{Dir: true}) + return err +} + +func add(t worktree) error { + // git add --all + return t.AddWithOptions(&git.AddOptions{ + All: true, + }) +} + +func commit(r repository, t worktree, sourceCommitId, sourceRepo string) (*object.Commit, error) { + // git commit --allow-empty -m + newCommit, err := t.Commit(fmt.Sprintf(CommitMessageMirroringCode, sourceCommitId, sourceRepo), &git.CommitOptions{ + AllowEmptyCommits: true, + Author: &object.Signature{ + When: time.Now(), + }, + }) + if err != nil { + return nil, err + } + return r.CommitObject(newCommit) +} + +func push(r repository, token string) error { + // git push + return r.Push(&git.PushOptions{ + Auth: &http.BasicAuth{ + Username: "does-not-matter", + Password: token, + }, + }) +} + +func unzip(zipPath, targetDir, srcDir string) error { + r, err := zip.OpenReader(zipPath) + if err != nil { + return err + } + defer r.Close() + + for _, f := range r.File { + fName := f.Name + + if runtime.GOOS == "windows" { + fNameSplit := strings.Split(fName, "/") + if len(fNameSplit) == 0 { + continue + } + fNameSplit[0] = strings.Replace(fNameSplit[0], "_", ":", 1) + fName = strings.Join(fNameSplit, fmt.Sprintf("%c", os.PathSeparator)) + } + if !strings.Contains(fName, srcDir) { + continue + } + + rc, err := f.Open() + if err != nil { + return err + } + + fName = strings.TrimPrefix(fName, srcDir) + fpath := filepath.Join(targetDir, fName) + if f.FileInfo().IsDir() { + os.MkdirAll(fpath, os.ModePerm) + rc.Close() + continue + } + err = os.MkdirAll(filepath.Dir(fpath), os.ModePerm) + if err != nil { + rc.Close() + return err + } + + fNew, err := os.OpenFile(fpath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode()) + if err != nil { + rc.Close() + return err + } + + _, err = io.Copy(fNew, rc) + if err != nil { + rc.Close() + fNew.Close() + return err + } + rc.Close() + fNew.Close() + } + return nil +} + +func getSourceLocationPrefix(fileName string) (string, error) { + type codeqlDatabase struct { + SourceLocation string `yaml:"sourceLocationPrefix"` + } + var db codeqlDatabase + file, err := os.ReadFile(fileName) + if err != nil { + return "", err + } + err = yaml.Unmarshal(file, &db) + if err != nil { + return "", err + } + + return db.SourceLocation, nil +} diff --git a/pkg/codeql/github_repo_upload_test.go b/pkg/codeql/github_repo_upload_test.go new file mode 100644 index 000000000..3288a41b7 --- /dev/null +++ b/pkg/codeql/github_repo_upload_test.go @@ -0,0 +1,416 @@ +package codeql + +import ( + "archive/zip" + "fmt" + "io" + "os" + "path" + "path/filepath" + "strings" + "testing" + + "github.com/go-git/go-git/v5" + "github.com/go-git/go-git/v5/plumbing" + "github.com/go-git/go-git/v5/plumbing/object" + "github.com/stretchr/testify/assert" + "gopkg.in/yaml.v2" + "k8s.io/utils/strings/slices" +) + +const ( + notExists = "not-exists" + exists = "exists" + refsHeads = "refs/heads/" +) + +type gitMock struct { + ref string + url string +} + +func newGitMock(ref, url string) *gitMock { + return &gitMock{ref: ref, url: url} +} + +func (g *gitMock) listRemote() ([]reference, error) { + if g.url == notExists { + return nil, fmt.Errorf("repository not found") + } + list := []*referenceMock{ + { + name: refsHeads + "ref1", + }, + { + name: refsHeads + "ref2", + }, + { + name: refsHeads + "ref3", + }, + { + name: refsHeads + exists, + }, + } + var convertedList []reference + for _, ref := range list { + convertedList = append(convertedList, ref) + } + return convertedList, nil +} + +func (g *gitMock) cloneRepo(dir string, opts *git.CloneOptions) (*git.Repository, error) { + if opts.Auth == nil { + return nil, fmt.Errorf("error") + } + if opts.URL == notExists { + return nil, fmt.Errorf("error") + } + return &git.Repository{}, nil +} + +func (g *gitMock) switchOrphan(branch string, repo *git.Repository) error { + return nil +} + +type referenceMock struct { + name string +} + +func (r *referenceMock) Name() plumbing.ReferenceName { + return plumbing.ReferenceName(r.name) +} + +type repoMock struct{} + +func (r *repoMock) Worktree() (*git.Worktree, error) { + return &git.Worktree{}, nil +} + +func (r *repoMock) CommitObject(commit plumbing.Hash) (*object.Commit, error) { + return &object.Commit{Hash: commit}, nil +} + +func (r *repoMock) Push(opts *git.PushOptions) error { + if opts.Auth == nil { + return fmt.Errorf("error") + } + return nil +} + +type worktreeMock struct{} + +func (t *worktreeMock) RemoveGlob(pattern string) error { + return nil +} + +func (t *worktreeMock) Clean(opts *git.CleanOptions) error { + return nil +} + +func (t *worktreeMock) AddWithOptions(opts *git.AddOptions) error { + return nil +} + +func (t *worktreeMock) Commit(msg string, opts *git.CommitOptions) (plumbing.Hash, error) { + if opts.Author == nil { + return plumbing.Hash{}, fmt.Errorf("error") + } + return plumbing.Hash{}, nil +} + +func TestDoesRefExist(t *testing.T) { + t.Parallel() + t.Run("Invalid repository", func(t *testing.T) { + ghUploader := newGitMock(refsHeads+notExists, notExists) + _, err := doesRefExist(ghUploader, refsHeads+notExists) + assert.Error(t, err) + + }) + t.Run("Ref exists", func(t *testing.T) { + ghUploader := newGitMock(refsHeads+exists, exists) + ok, err := doesRefExist(ghUploader, refsHeads+exists) + assert.NoError(t, err) + assert.True(t, ok) + }) + t.Run("Ref doesn't exist", func(t *testing.T) { + ghUploader := newGitMock(refsHeads+notExists, exists) + ok, err := doesRefExist(ghUploader, refsHeads+notExists) + assert.NoError(t, err) + assert.False(t, ok) + }) +} + +func TestClone(t *testing.T) { + t.Parallel() + t.Run("Created new branch", func(t *testing.T) { + ghUploader := newGitMock(refsHeads+notExists, exists) + repo, err := clone(ghUploader, ghUploader.url, "", ghUploader.ref, "", false) + assert.NoError(t, err) + assert.NotNil(t, repo) + }) + t.Run("Target branch exists", func(t *testing.T) { + ghUploader := newGitMock(refsHeads+exists, exists) + repo, err := clone(ghUploader, ghUploader.url, "", ghUploader.ref, "", true) + assert.NoError(t, err) + assert.NotNil(t, repo) + }) +} + +func TestClean(t *testing.T) { + t.Parallel() + t.Run("Success", func(t *testing.T) { + tree := &worktreeMock{} + err := cleanDir(tree) + assert.NoError(t, err) + }) +} + +func TestAdd(t *testing.T) { + t.Run("Success", func(t *testing.T) { + tree := &worktreeMock{} + err := add(tree) + assert.NoError(t, err) + }) +} + +func TestCommit(t *testing.T) { + t.Run("Success", func(t *testing.T) { + tree := &worktreeMock{} + repo := &repoMock{} + c, err := commit(repo, tree, "", "") + assert.NoError(t, err) + assert.NotNil(t, c) + }) +} + +func TestPush(t *testing.T) { + t.Run("Success", func(t *testing.T) { + repo := &repoMock{} + err := push(repo, "") + assert.NoError(t, err) + }) +} + +func TestUnzip(t *testing.T) { + t.Parallel() + + t.Run("Success", func(t *testing.T) { + targetDir, err := os.MkdirTemp("", "tmp_target") + if err != nil { + panic(err) + } + defer os.RemoveAll(targetDir) + sourceDir, err := os.MkdirTemp("", "tmp_source") + if err != nil { + panic(err) + } + defer os.RemoveAll(sourceDir) + zipPath := filepath.Join(sourceDir, "src.zip") + + srcFilenames := []string{ + filepath.Join(sourceDir, "file1"), + filepath.Join(sourceDir, "file2"), + filepath.Join(sourceDir, "subfolder1", "file1"), + filepath.Join(sourceDir, "subfolder1", "file2"), + filepath.Join(sourceDir, "subfolder2", "file1"), + } + err = createZIP(zipPath, srcFilenames) + if err != nil { + panic(err) + } + assert.NoError(t, unzip(zipPath, targetDir, sourceDir)) + targetFilenames := []string{ + filepath.Join(targetDir, "file1"), + filepath.Join(targetDir, "file2"), + filepath.Join(targetDir, "subfolder1", "file1"), + filepath.Join(targetDir, "subfolder1", "file2"), + filepath.Join(targetDir, "subfolder2", "file1"), + } + checkExistedFiles(t, targetDir, targetFilenames) + }) + + t.Run("Empty zip", func(t *testing.T) { + targetDir, err := os.MkdirTemp("", "tmp_target") + if err != nil { + panic(err) + } + defer os.RemoveAll(targetDir) + sourceDir, err := os.MkdirTemp("", "tmp_source") + if err != nil { + panic(err) + } + defer os.RemoveAll(sourceDir) + zipPath := filepath.Join(sourceDir, "src.zip") + + filenames := []string{} + err = createZIP(zipPath, filenames) + if err != nil { + panic(err) + } + assert.NoError(t, unzip(zipPath, targetDir, sourceDir)) + checkExistedFiles(t, targetDir, filenames) + }) + + t.Run("zip not found", func(t *testing.T) { + targetDir, err := os.MkdirTemp("", "tmp_target") + if err != nil { + panic(err) + } + defer os.RemoveAll(targetDir) + sourceDir, err := os.MkdirTemp("", "tmp_source") + if err != nil { + panic(err) + } + defer os.RemoveAll(sourceDir) + zipPath := filepath.Join(sourceDir, "src.zip") + + assert.Error(t, unzip(zipPath, targetDir, sourceDir)) + }) + + t.Run("extra files in zip", func(t *testing.T) { + targetDir, err := os.MkdirTemp("", "tmp_target") + if err != nil { + panic(err) + } + defer os.RemoveAll(targetDir) + sourceDir, err := os.MkdirTemp("", "tmp_source") + if err != nil { + panic(err) + } + defer os.RemoveAll(sourceDir) + zipPath := filepath.Join(sourceDir, "src.zip") + + srcFilenames := []string{ + filepath.Join(sourceDir, "file1"), + filepath.Join(sourceDir, "file2"), + filepath.Join(sourceDir, "subfolder1", "file1"), + filepath.Join(sourceDir, "subfolder1", "file2"), + filepath.Join(sourceDir, "subfolder2", "file1"), + filepath.Join(targetDir, "extrafile1"), + filepath.Join(targetDir, "extrafile2"), + filepath.Join(targetDir, "subfolder1", "extrafile1"), + } + err = createZIP(zipPath, srcFilenames) + if err != nil { + panic(err) + } + assert.NoError(t, unzip(zipPath, targetDir, sourceDir)) + targetFilenames := []string{ + filepath.Join(targetDir, "file1"), + filepath.Join(targetDir, "file2"), + filepath.Join(targetDir, "subfolder1", "file1"), + filepath.Join(targetDir, "subfolder1", "file2"), + filepath.Join(targetDir, "subfolder2", "file1"), + } + checkExistedFiles(t, targetDir, targetFilenames) + }) +} + +func TestGetSourceLocationPrefix(t *testing.T) { + t.Parallel() + t.Run("Success", func(t *testing.T) { + filename := "test-file.yml" + location := "/some/location" + err := createFile(filename, location, false) + assert.NoError(t, err) + defer os.Remove(filename) + srcLocationPrefix, err := getSourceLocationPrefix(filename) + assert.NoError(t, err) + assert.Equal(t, location, srcLocationPrefix) + }) + + t.Run("No file found", func(t *testing.T) { + filename := "test-file-2.yml" + _, err := getSourceLocationPrefix(filename) + assert.Error(t, err) + }) + + t.Run("Empty file", func(t *testing.T) { + filename := "test-file-3.yml" + err := createFile(filename, "", true) + assert.NoError(t, err) + defer os.Remove(filename) + srcLocationPrefix, err := getSourceLocationPrefix(filename) + assert.NoError(t, err) + assert.Empty(t, srcLocationPrefix) + }) +} + +func checkExistedFiles(t *testing.T, dir string, filenames []string) { + counter := 0 + err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + if path == dir || info.IsDir() { + return nil + } + assert.True(t, slices.Contains(filenames, path)) + counter++ + return nil + }) + assert.NoError(t, err) + assert.Equal(t, len(filenames), counter) +} + +func createZIP(zipPath string, filenames []string) error { + archive, err := os.Create(zipPath) + if err != nil { + return err + } + defer archive.Close() + + zipWriter := zip.NewWriter(archive) + defer zipWriter.Close() + + for _, filename := range filenames { + writer, err := zipWriter.Create(filename) + if err != nil { + return err + } + + reader := strings.NewReader("test content\n") + if _, err := io.Copy(writer, reader); err != nil { + return err + } + } + return nil +} + +func createFile(fileName, location string, isEmpty bool) error { + err := ensureBaseDir(fileName) + if err != nil { + return err + } + f, err := os.OpenFile(fileName, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.ModePerm) + if err != nil { + return err + } + defer f.Close() + + if isEmpty { + return nil + } + + type codeqlDatabase struct { + SourceLocation string `yaml:"sourceLocationPrefix"` + OtherInfo string `yaml:"otherInfo"` + } + db := codeqlDatabase{SourceLocation: location, OtherInfo: "test"} + data, err := yaml.Marshal(db) + if err != nil { + return err + } + + _, err = f.Write(data) + return err +} + +func ensureBaseDir(fpath string) error { + baseDir := path.Dir(fpath) + info, err := os.Stat(baseDir) + if err == nil && info.IsDir() { + return nil + } + return os.MkdirAll(baseDir, 0755) +} diff --git a/resources/metadata/codeqlExecuteScan.yaml b/resources/metadata/codeqlExecuteScan.yaml index a0e55fc7d..9cb74ce86 100644 --- a/resources/metadata/codeqlExecuteScan.yaml +++ b/resources/metadata/codeqlExecuteScan.yaml @@ -120,6 +120,20 @@ spec: - STAGES - STEPS default: 30 + - name: targetGithubRepoURL + type: string + descriptoin: "Target github repo url. Only relevant, if project uses a combination of Piper and non-GitHub SCM." + scope: + - PARAMETERS + - STAGES + - STEPS + - name: targetGithubBranchName + type: string + descriptoin: "Target github branch name. Only relevant, if project uses a combination of Piper and non-GitHub SCM." + scope: + - PARAMETERS + - STAGES + - STEPS - name: threads type: string description: "Use this many threads for the codeql operations."