@contrast/contrast 1.0.0

package/dist/lambda/aws.js

@@ -0,0 +1,169 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.throwAwsError = exports.getLambdaPolicies = exports.getLayersLinks = exports.getLambdaFunctionConfiguration = exports.getLambdaClient = exports.getIAMClient = exports.getRolePolicyNames = exports.getAttachedPolicyNames = void 0;
+const client_lambda_1 = require("@aws-sdk/client-lambda");
+const client_iam_1 = require("@aws-sdk/client-iam");
+const credential_provider_ini_1 = require("@aws-sdk/credential-provider-ini");
+const cliError_1 = require("./cliError");
+const constants_1 = require("./constants");
+const getAwsClientOptions = ({ region, endpointUrl, profile }) => {
+    const credentials = profile ? (0, credential_provider_ini_1.fromIni)({ profile }) : undefined;
+    return {
+        region: region || process.env.AWS_DEFAULT_REGION,
+        endpoint: endpointUrl,
+        credentials
+    };
+};
+const getLambdaClient = (lambdaOptions) => {
+    try {
+        const clientOptions = getAwsClientOptions(lambdaOptions);
+        return new client_lambda_1.Lambda(clientOptions);
+    }
+    catch (error) {
+        const errorObj = error;
+        if (errorObj?.code === 'ERR_INVALID_URL') {
+            throw new cliError_1.CliError(constants_1.ERRORS.AWS_ERROR, { description: errorObj.message });
+        }
+        throw error;
+    }
+};
+exports.getLambdaClient = getLambdaClient;
+const getIAMClient = (lambdaOptions) => {
+    const clientOptions = getAwsClientOptions(lambdaOptions);
+    return new client_iam_1.IAMClient(clientOptions);
+};
+exports.getIAMClient = getIAMClient;
+const getLambdaFunctionConfiguration = async (client, lambdaOptions) => {
+    const { functionName: FunctionName } = lambdaOptions;
+    const getFunctionCommand = new client_lambda_1.GetFunctionCommand({ FunctionName });
+    try {
+        return await client.send(getFunctionCommand);
+    }
+    catch (error) {
+        throwAwsError(error);
+    }
+};
+exports.getLambdaFunctionConfiguration = getLambdaFunctionConfiguration;
+const getLayersLinks = async (client, functionConfiguration) => {
+    const { Layers: layers = [] } = functionConfiguration;
+    const resultPromises = layers.map(async (layerDict) => {
+        try {
+            const layerArn = layerDict.Arn;
+            const getLayerVersionByArnCommand = new client_lambda_1.GetLayerVersionByArnCommand({
+                Arn: layerArn
+            });
+            const layer = await client.send(getLayerVersionByArnCommand);
+            return {
+                Arn: layerArn,
+                Location: layer.Content?.Location
+            };
+        }
+        catch (e) {
+            if (e instanceof client_lambda_1.ResourceNotFoundException) {
+                e.message = `The layer ${layerDict.Arn} could not be found. We will continue the scan without it.`;
+                throw e;
+            }
+            throw e;
+        }
+    });
+    const results = await Promise.allSettled(resultPromises);
+    const validLayers = results.filter(layerResult => {
+        if (layerResult.status === 'rejected') {
+            console.warn(layerResult.reason.message);
+            return false;
+        }
+        return true;
+    });
+    return validLayers.map(layer => layer.value);
+};
+exports.getLayersLinks = getLayersLinks;
+const getLambdaPolicies = async (functionConfiguration, lambdaOptions) => {
+    const { Role: roleArn } = functionConfiguration;
+    const roleSplitList = roleArn?.split('/');
+    if (roleSplitList) {
+        const roleName = roleSplitList[roleSplitList.length - 1];
+        const client = exports.getIAMClient(lambdaOptions);
+        const rolePolicies = await getRolePolicies(roleName, client);
+        const attachedPolicies = await getAttachedPolicies(roleName, client);
+        return [...rolePolicies, ...attachedPolicies];
+    }
+};
+exports.getLambdaPolicies = getLambdaPolicies;
+const getRolePolicyNames = async (roleName, client) => {
+    const listRolePolicyNames = [];
+    try {
+        for await (const page of (0, client_iam_1.paginateListRolePolicies)({ client }, { RoleName: roleName })) {
+            if (page.PolicyNames) {
+                listRolePolicyNames.push(...page.PolicyNames);
+            }
+        }
+    }
+    catch (error) {
+        throwAwsError(error);
+    }
+    return listRolePolicyNames;
+};
+exports.getRolePolicyNames = getRolePolicyNames;
+const getAttachedPolicyNames = async (roleName, client) => {
+    const listAttachedPolicies = [];
+    for await (const page of (0, client_iam_1.paginateListAttachedRolePolicies)({ client }, { RoleName: roleName })) {
+        if (page.AttachedPolicies) {
+            listAttachedPolicies.push(...page.AttachedPolicies);
+        }
+    }
+    return listAttachedPolicies;
+};
+exports.getAttachedPolicyNames = getAttachedPolicyNames;
+const getRolePolicies = async (roleName, client) => {
+    const listRolePolicyNames = await exports.getRolePolicyNames(roleName, client);
+    if (listRolePolicyNames) {
+        const rolePoliciesPromises = listRolePolicyNames.map(async (policyName) => {
+            const getRolePolicyCommand = new client_iam_1.GetRolePolicyCommand({
+                PolicyName: policyName,
+                RoleName: roleName
+            });
+            const rolePolicy = await client.send(getRolePolicyCommand);
+            const policyDoc = JSON.parse(decodeURIComponent(rolePolicy?.PolicyDocument || '{}'));
+            policyDoc.PolicyName = policyName;
+            return policyDoc;
+        });
+        const rolePolicies = await Promise.all(rolePoliciesPromises);
+        return rolePolicies;
+    }
+    return [];
+};
+const getAttachedPolicies = async (roleName, client) => {
+    const listAttachedPolicies = await exports.getAttachedPolicyNames(roleName, client);
+    const attachedPoliciesPromises = listAttachedPolicies.map(async (policyDict) => {
+        const getPolicyCommand = new client_iam_1.GetPolicyCommand({
+            PolicyArn: policyDict.PolicyArn
+        });
+        const policy = await client.send(getPolicyCommand);
+        if (policy.Policy) {
+            const getPolicyVersionCommand = new client_iam_1.GetPolicyVersionCommand({
+                PolicyArn: policy.Policy.Arn,
+                VersionId: policy.Policy.DefaultVersionId
+            });
+            const policyVersion = await client.send(getPolicyVersionCommand);
+            const policyDoc = JSON.parse(decodeURIComponent(policyVersion?.PolicyVersion?.Document || '{}'));
+            policyDoc['PolicyName'] = policyDict.PolicyName;
+            policyDoc['PolicyArn'] = policyDict.PolicyArn;
+            return policyDoc;
+        }
+    });
+    const attachedPolicies = await Promise.all(attachedPoliciesPromises);
+    return attachedPolicies;
+};
+const throwAwsError = (error) => {
+    const serviceError = error;
+    if (error instanceof Error && serviceError.$metadata) {
+        const { httpStatusCode } = serviceError.$metadata;
+        const { message } = error;
+        throw new cliError_1.CliError(constants_1.ERRORS.AWS_ERROR, {
+            statusCode: httpStatusCode,
+            description: message
+        });
+    }
+    throw error;
+};
+exports.throwAwsError = throwAwsError;

package/dist/lambda/cliError.js

@@ -0,0 +1,76 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CliError = void 0;
+const i18n_1 = __importDefault(require("i18n"));
+const errorHandling = __importStar(require("../common/errorHandling"));
+class CliError extends Error {
+    constructor(headerMessage, details) {
+        const message = i18n_1.default.__(headerMessage || '');
+        super(message);
+        const { statusCode, errorCode, data, description } = details || {};
+        this.statusCode = statusCode;
+        this.errorCode = errorCode;
+        this.data = data;
+        this.description = description;
+        if (errorCode) {
+            this.errorCodeDescription = i18n_1.default.__(errorCode || '');
+        }
+        if (statusCode) {
+            this.statusCodeDescription = this.getMessageByStatusCode(statusCode);
+        }
+    }
+    getErrorMessage() {
+        let finalDesc = this.errorCodeDescription || this.statusCodeDescription || '';
+        if (this.description) {
+            finalDesc += finalDesc ? `\n${this.description}` : this.description;
+        }
+        return errorHandling.getErrorMessage(this.message, finalDesc);
+    }
+    getMessageByStatusCode(statusCode) {
+        switch (statusCode) {
+            case 200:
+                return '';
+            case 400:
+                return i18n_1.default.__('badRequestErrorHeader');
+            case 401:
+                return i18n_1.default.__('unauthenticatedErrorHeader');
+            case 403:
+                return i18n_1.default.__('forbiddenRequestErrorHeader');
+            case 404:
+                return i18n_1.default.__('not_found_404');
+            case 423:
+                return i18n_1.default.__('resourceLockedErrorHeader');
+            case 500:
+                return i18n_1.default.__('internalServerErrorHeader');
+            default:
+                return i18n_1.default.__('something_went_wrong');
+        }
+    }
+}
+exports.CliError = CliError;

package/dist/lambda/constants.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ERRORS = void 0;
+const ERRORS = Object.freeze({
+    AWS_ERROR: 'awsError',
+    FAILED_TO_START_SCAN: 'failedToStartScan',
+    FAILED_TO_GET_SCAN: 'failedToGetScan',
+    FAILED_TO_GET_RESULTS: 'failedToGetResults',
+    VALIDATION_FAILED: 'validationFailed'
+});
+exports.ERRORS = ERRORS;

package/dist/lambda/help.js

@@ -0,0 +1,75 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.lambdaUsageGuide = void 0;
+const command_line_usage_1 = __importDefault(require("command-line-usage"));
+const i18n_1 = __importDefault(require("i18n"));
+const lambdaUsageGuide = (0, command_line_usage_1.default)([
+    {
+        header: i18n_1.default.__('lambdaHeader'),
+        content: [i18n_1.default.__('lambdaSummary')]
+    },
+    {
+        header: i18n_1.default.__('constantsPrerequisitesHeader'),
+        content: [i18n_1.default.__('lambdaPrerequisitesContent')]
+    },
+    {
+        header: i18n_1.default.__('constantsUsage'),
+        content: [i18n_1.default.__('lambdaUsage')]
+    },
+    {
+        header: i18n_1.default.__('constantsOptions'),
+        content: [
+            {
+                name: i18n_1.default.__('lambdaFunctionNameOption'),
+                summary: i18n_1.default.__('lambdaFunctionNameSummery')
+            },
+            {
+                name: i18n_1.default.__('lambdaEndpointOption'),
+                summary: '{italic ' +
+                    i18n_1.default.__('constantsOptional') +
+                    '}: ' +
+                    i18n_1.default.__('lambdaEndpointSummery')
+            },
+            {
+                name: i18n_1.default.__('lambdaRegionOption'),
+                summary: '{italic ' +
+                    i18n_1.default.__('constantsOptional') +
+                    '}: ' +
+                    i18n_1.default.__('lambdaRegionSummery')
+            },
+            {
+                name: i18n_1.default.__('lambdaProfileOption'),
+                summary: '{italic ' +
+                    i18n_1.default.__('constantsOptional') +
+                    '}: ' +
+                    i18n_1.default.__('lambdaProfileSummery')
+            },
+            {
+                name: i18n_1.default.__('lambdaJsonOption'),
+                summary: '{italic ' +
+                    i18n_1.default.__('constantsOptional') +
+                    '}: ' +
+                    i18n_1.default.__('lambdaJsonSummery')
+            },
+            {
+                name: i18n_1.default.__('lambdaVerboseOption'),
+                summary: '{italic ' +
+                    i18n_1.default.__('constantsOptional') +
+                    '}: ' +
+                    i18n_1.default.__('lambdaVerbosSummery')
+            }
+        ]
+    },
+    {
+        content: [
+            { name: i18n_1.default.__('lambdaHelpOption'), summary: i18n_1.default.__('helpSummary') }
+        ]
+    },
+    {
+        content: '{underline https://www.contrastsecurity.com}'
+    }
+]);
+exports.lambdaUsageGuide = lambdaUsageGuide;

package/dist/lambda/lambda.js

@@ -0,0 +1,130 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processLambda = void 0;
+const command_line_args_1 = __importDefault(require("command-line-args"));
+const perf_hooks_1 = require("perf_hooks");
+const lodash_1 = require("lodash");
+const i18n_1 = __importDefault(require("i18n"));
+const paramHandler_1 = require("../utils/paramsUtil/paramHandler");
+const cliError_1 = require("./cliError");
+const constants_1 = require("./constants");
+const help_1 = require("./help");
+const logUtils_1 = require("./logUtils");
+const scanDetailCompletion_1 = require("./scanDetailCompletion");
+const scanRequest_1 = require("./scanRequest");
+const scanResults_1 = require("./scanResults");
+const utils_1 = require("./utils");
+const failedStates = [
+    'UNSUPPORTED',
+    'EXCLUDED',
+    'CANCELED',
+    'FAILED',
+    'DISMISSED'
+];
+const printHelpMessage = () => {
+    (0, logUtils_1.log)(help_1.lambdaUsageGuide);
+};
+const getLambdaOptions = (argv) => {
+    const lambdaDefinitions = [
+        { name: 'function-name', alias: 'f', type: String },
+        { name: 'region', alias: 'r', type: String },
+        { name: 'endpoint-url', alias: 'e', type: String },
+        { name: 'profile', alias: 'p', type: String },
+        { name: 'help', alias: 'h', type: Boolean },
+        { name: 'verbose', alias: 'v', type: Boolean },
+        { name: 'json-output', alias: 'j', type: Boolean }
+    ];
+    const lambdaOptions = (0, command_line_args_1.default)(lambdaDefinitions, {
+        argv,
+        partial: true,
+        camelCase: true,
+        caseInsensitive: true
+    });
+    return lambdaOptions;
+};
+const processLambda = async (argv) => {
+    const lambdaOptions = getLambdaOptions(argv);
+    const { help } = lambdaOptions;
+    if (help) {
+        return handleLambdaHelp();
+    }
+    try {
+        validateRequiredLambdaParams(lambdaOptions);
+        await actualProcessLambda(lambdaOptions);
+    }
+    catch (error) {
+        if (error instanceof cliError_1.CliError) {
+            console.error(error.getErrorMessage());
+        }
+        else if (error instanceof Error) {
+            console.error(error.message);
+        }
+        process.exit(1);
+    }
+};
+exports.processLambda = processLambda;
+const actualProcessLambda = async (lambdaOptions) => {
+    const auth = (0, paramHandler_1.getAuth)();
+    const startTime = perf_hooks_1.performance.now();
+    const { jsonOutput } = lambdaOptions;
+    const { scanId, params, functionArn } = await (0, scanRequest_1.requestScanFunctionPost)(auth, lambdaOptions);
+    const scans = await (0, scanDetailCompletion_1.pollScanUntilCompletion)(auth, 10, params, scanId);
+    const failedScan = scans
+        ?.filter((s) => s.scanType === 2)
+        .find((s) => failedStates.includes(s.state));
+    if (failedScan) {
+        throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_GET_SCAN, {
+            statusCode: 200,
+            errorCode: failedScan.state,
+            description: failedScan.stateReasonText
+        });
+    }
+    const resultsResponse = await (0, scanResults_1.getScanResults)(auth, params, scanId, functionArn);
+    if (jsonOutput) {
+        console.log(JSON.stringify(resultsResponse?.data?.results, null, 2));
+        return;
+    }
+    const results = resultsResponse?.data?.results;
+    if (!results) {
+        throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_GET_RESULTS, {
+            errorCode: 'missingResults'
+        });
+    }
+    if (!results.length) {
+        (0, logUtils_1.log)('👏 No vulnerabilities found');
+    }
+    const endTime = perf_hooks_1.performance.now();
+    const scanDurationMs = endTime - startTime;
+    (0, logUtils_1.log)(`----- Scan completed ${(scanDurationMs / 1000).toFixed(2)}s -----`);
+    if (results?.length) {
+        (0, utils_1.prettyPrintResults)(results);
+    }
+};
+const validateRequiredLambdaParams = (options) => {
+    if (options._unknown?.length) {
+        throw new cliError_1.CliError(constants_1.ERRORS.VALIDATION_FAILED, {
+            description: i18n_1.default.__('notSupportedFlags', options._unknown.join('\n'))
+        });
+    }
+    if (!options?.functionName) {
+        throw new cliError_1.CliError(constants_1.ERRORS.VALIDATION_FAILED, {
+            errorCode: 'missingFunctionName'
+        });
+    }
+    const flagsWithoutValues = Object.entries(options)
+        .filter(([, value]) => !value)
+        .map(([key]) => key)
+        .map(p => `--${(0, lodash_1.kebabCase)(p)}`);
+    if (flagsWithoutValues.length) {
+        throw new cliError_1.CliError(constants_1.ERRORS.VALIDATION_FAILED, {
+            description: i18n_1.default.__('missingFlagArguments', flagsWithoutValues.join('\n'))
+        });
+    }
+};
+const handleLambdaHelp = () => {
+    printHelpMessage();
+    process.exit(0);
+};

package/dist/lambda/logUtils.js

@@ -0,0 +1,36 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.prettyPrintJson = exports.log = void 0;
+const chalk_1 = __importDefault(require("chalk"));
+const util_1 = __importDefault(require("util"));
+const log = (message, styles) => {
+    let chalkFunction = chalk_1.default.reset;
+    if (styles?.bold) {
+        chalkFunction = chalk_1.default.bold;
+    }
+    else if (styles?.italic) {
+        chalkFunction = chalk_1.default.italic;
+    }
+    else if (styles?.underline) {
+        chalkFunction = chalk_1.default.underline;
+    }
+    else if (styles?.strikethrough) {
+        chalkFunction = chalk_1.default.strikethrough;
+    }
+    console.log(styles ? chalkFunction(message) : message);
+};
+exports.log = log;
+const prettyPrintJson = (obj, depth = null) => {
+    if (!obj) {
+        return;
+    }
+    let objToPrint = obj;
+    if (typeof obj === 'string') {
+        objToPrint = JSON.parse(obj);
+    }
+    console.log(util_1.default.inspect(objToPrint, { colors: true, depth }));
+};
+exports.prettyPrintJson = prettyPrintJson;

package/dist/lambda/scanDetail.js

@@ -0,0 +1,30 @@
+'use strict'
+Object.defineProperty(exports, '__esModule', { value: true })
+exports.pollScanDetail = void 0
+const requestUtils_1 = require('../utils/requestUtils')
+const pollScanDetail = async (
+  config,
+  params,
+  scanId,
+  httpClient,
+  pollCount,
+  showProgress = false
+) => {
+  await (0, requestUtils_1.sleep)(5000)
+  return httpClient.getFunctionScan(config, params, scanId).then(res => {
+    const { resultsCount = 0 } = res?.body?.data?.scan || {}
+    if (showProgress) {
+      process.stdout.write(
+        `\rScanning (${resultsCount} results found so far)${'.'.repeat(
+          pollCount
+        )}`
+      )
+    }
+    if (res.statusCode === 200) {
+      return res
+    } else {
+      throw Error(`Failed to get scan detail: ${res.statusCode} ${res.body}`)
+    }
+  })
+}
+exports.pollScanDetail = pollScanDetail

package/dist/lambda/scanDetailCompletion.js

@@ -0,0 +1,56 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getScanResources = exports.pollScanUntilCompletion = void 0;
+const requestUtils_1 = require("../utils/requestUtils");
+const commonApi_1 = require("../utils/commonApi");
+const oraWrapper_1 = __importDefault(require("../utils/oraWrapper"));
+const cliError_1 = require("./cliError");
+const constants_1 = require("./constants");
+const MS_IN_MINUTE = 1000 * 60;
+const getScanResources = async (config, params, scanId, httpClient) => {
+    const res = await httpClient.getScanResources(config, params, scanId);
+    const { statusCode, body } = res;
+    if (statusCode === 200) {
+        return res;
+    }
+    const { errorCode } = body || {};
+    throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_GET_SCAN, { statusCode, errorCode });
+};
+exports.getScanResources = getScanResources;
+const pollScanUntilCompletion = async (config, timeoutInMinutes, params, scanId) => {
+    const client = (0, commonApi_1.getHttpClient)(config);
+    const activeStatuses = ['PENDING', 'SCANNING', 'QUEUED'];
+    const startedText = 'Scan started';
+    const maxEndTime = new Date().getTime() + timeoutInMinutes * MS_IN_MINUTE;
+    const startScanSpinner = oraWrapper_1.default.returnOra(startedText);
+    oraWrapper_1.default.startSpinner(startScanSpinner);
+    await (0, requestUtils_1.sleep)(5000);
+    let complete = false;
+    while (!complete) {
+        try {
+            const result = await exports.getScanResources(config, params, scanId, client);
+            const { resources: scans } = result.body.data;
+            const staticScans = scans?.filter((s) => s.scanType === 2);
+            complete = staticScans.some((s) => !activeStatuses.includes(s.state));
+            if (complete) {
+                oraWrapper_1.default.succeedSpinner(startScanSpinner, 'Scan Finished');
+                return scans;
+            }
+            await (0, requestUtils_1.sleep)(2 * 1000);
+        }
+        catch (error) {
+            oraWrapper_1.default.failSpinner(startScanSpinner, 'Scan Failed');
+            throw error;
+        }
+        if (Date.now() >= maxEndTime) {
+            oraWrapper_1.default.failSpinner(startScanSpinner, 'Scan timed out');
+            throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_GET_SCAN, {
+                errorCode: 'waitingTimedOut'
+            });
+        }
+    }
+};
+exports.pollScanUntilCompletion = pollScanUntilCompletion;

package/dist/lambda/scanRequest.js

@@ -0,0 +1,93 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createFunctionEvent = exports.requestScanFunctionPost = exports.sendScanPostRequest = void 0;
+const i18n_1 = __importDefault(require("i18n"));
+const log_symbols_1 = __importDefault(require("log-symbols"));
+const chalk_1 = __importDefault(require("chalk"));
+const arn_1 = require("./arn");
+const aws_1 = require("./aws");
+const utils_1 = require("./utils");
+const commonApi_1 = require("../utils/commonApi");
+const logUtils_1 = require("./logUtils");
+const cliError_1 = require("./cliError");
+const constants_1 = require("./constants");
+const sendScanPostRequest = async (config, params, functionsEvent, showProgress = false) => {
+    const client = (0, commonApi_1.getHttpClient)(config);
+    if (showProgress) {
+        (0, logUtils_1.log)(`${log_symbols_1.default.success} Sending Lambda Function scan request to Contrast`);
+    }
+    const res = await client.postFunctionScan(config, params, functionsEvent);
+    const { statusCode, body } = res;
+    if (statusCode === 201) {
+        if (showProgress) {
+            (0, logUtils_1.log)(`${log_symbols_1.default.success} Scan requested successfully`);
+        }
+        return body?.data?.scanId;
+    }
+    let { errorCode } = body?.data || {};
+    const { data } = body?.data || {};
+    let description = '';
+    switch (errorCode) {
+        case 'not_supported_runtime':
+            description = i18n_1.default.__(errorCode, data?.runtime, data?.supportedRuntimes.sort().join(' | '));
+            errorCode = false;
+            break;
+    }
+    throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_START_SCAN, {
+        statusCode,
+        errorCode,
+        data,
+        description
+    });
+};
+exports.sendScanPostRequest = sendScanPostRequest;
+const createFunctionEvent = (lambdaConfig, layersLinks, lambdaPolicies) => {
+    delete lambdaConfig.$metadata;
+    const functionEvent = (0, utils_1.toLowerKeys)(lambdaConfig.Configuration);
+    functionEvent['code'] = lambdaConfig.Code;
+    functionEvent['rolePolicies'] = lambdaPolicies;
+    if (layersLinks) {
+        functionEvent['layers'] = layersLinks;
+    }
+    return { function: functionEvent };
+};
+exports.createFunctionEvent = createFunctionEvent;
+const requestScanFunctionPost = async (config, lambdaOptions) => {
+    const { verbose, jsonOutput, functionName } = lambdaOptions;
+    const lambdaClient = (0, aws_1.getLambdaClient)(lambdaOptions);
+    if (!jsonOutput) {
+        (0, logUtils_1.log)(`${log_symbols_1.default.success} Fetching configuration and policies for Lambda Function ${chalk_1.default.bold(functionName)}`);
+    }
+    const lambdaConfig = await (0, aws_1.getLambdaFunctionConfiguration)(lambdaClient, lambdaOptions);
+    if (!lambdaConfig?.Configuration) {
+        throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_START_SCAN, {
+            errorCode: 'missingLambdaConfig'
+        });
+    }
+    const { Configuration } = lambdaConfig;
+    const layersLinks = await (0, aws_1.getLayersLinks)(lambdaClient, Configuration);
+    const lambdaPolicies = await (0, aws_1.getLambdaPolicies)(Configuration, lambdaOptions);
+    const functionEvent = createFunctionEvent(lambdaConfig, layersLinks, lambdaPolicies);
+    const { FunctionArn: functionArn } = Configuration;
+    if (!functionArn) {
+        throw new cliError_1.CliError(constants_1.ERRORS.FAILED_TO_START_SCAN, {
+            errorCode: 'missingLambdaArn'
+        });
+    }
+    const parsedARN = (0, arn_1.parseARN)(functionArn);
+    const params = {
+        organizationId: config.organizationId,
+        provider: 'aws',
+        accountId: parsedARN.accountId
+    };
+    if (verbose) {
+        (0, logUtils_1.log)(`${log_symbols_1.default.success} Fetched configuration from AWS:`);
+        (0, logUtils_1.prettyPrintJson)(functionEvent);
+    }
+    const scanId = await sendScanPostRequest(config, params, functionEvent, !jsonOutput);
+    return { scanId, params, functionArn };
+};
+exports.requestScanFunctionPost = requestScanFunctionPost;