@contrast/contrast 2.0.0 → 2.0.2-beta.0

package/src/cliConstants.js

@@ -412,6 +412,7 @@ const auditOptionDefinitions = [
     name: 'legacy',
     alias: 'l',
     type: Boolean,
+    defaultValue: false,
     description:
       '{bold ' +
       i18n.__('constantsOptional') +
@@ -426,6 +427,16 @@ const auditOptionDefinitions = [
       i18n.__('constantsOptional') +
       '}:' +
       i18n.__('auditOptionsRepoSummary')
+  },
+  {
+    name: 'repository-id',
+    type: String,
+    description: ''
+  },
+  {
+    name: 'project-group-id',
+    type: String,
+    description: ''
   }
 ]
 
@@ -438,7 +449,17 @@ const fingerprintOptionDefinitions = [
       '{bold ' + i18n.__('constantsOptional') + '}: ' + i18n.__('depthOption')
   },
   {
-    name: 'repoUrl',
+    name: 'repository-url',
+    type: String,
+    description: ''
+  },
+  {
+    name: 'external-id',
+    type: String,
+    description: ''
+  },
+  {
+    name: 'repository-name',
     type: String,
     description: ''
   }

package/src/commands/audit/help.js

@@ -53,10 +53,8 @@ const auditUsageGuide = commandLineUsage([
       'language',
       'app-groups',
       'metadata',
-      'fingerprint',
       'branch',
-      'repo',
-      'name'
+      'repo'
     ]
   },
   {

package/src/commands/audit/processAudit.js

@@ -3,7 +3,6 @@ const { auditUsageGuide } = require('./help')
 const scaController = require('../../scaAnalysis/scaAnalysis')
 const { sendTelemetryConfigAsObject } = require('../../telemetry/telemetry')
 const { postRunMessage } = require('../../common/commonHelp')
-const settingsHelper = require('../../utils/settingsHelper')
 
 const processAudit = async (contrastConf, argvMain) => {
   if (argvMain.indexOf('--help') !== -1) {
@@ -12,7 +11,6 @@ const processAudit = async (contrastConf, argvMain) => {
   }
 
   let config = await auditConfig.getAuditConfig(contrastConf, 'audit', argvMain)
-  config = await settingsHelper.getSettings(config)
 
   await scaController.processSca(config)
   if (!config.fingerprint) {

package/src/commands/github/fingerprintConfig.js

@@ -3,14 +3,14 @@ const constants = require('../../cliConstants')
 const paramHandler = require('../../utils/paramsUtil/paramHandler')
 
 const getFingerprintConfig = async (contrastConf, command, argv) => {
-  const fingerprintParameters = await parsedCLIOptions.getCommandLineArgsCustom(
+  let fingerprintParameters = await parsedCLIOptions.getCommandLineArgsCustom(
     contrastConf,
     command,
     argv,
     constants.commandLineDefinitions.fingerprintOptionDefinitions
   )
   const paramsAuth = paramHandler.getAuth(fingerprintParameters)
-
+  fingerprintParameters = paramHandler.getFingerprint(fingerprintParameters)
   return { ...paramsAuth, ...fingerprintParameters }
 }
 

package/src/commands/github/processFingerprint.js

@@ -0,0 +1,37 @@
+const fingerprintConfig = require('./fingerprintConfig')
+const repoServices = require('./repoServices')
+const autoDetection = require('../../scan/autoDetection')
+const saveResults = require('../../scan/saveResults')
+const projectConfig = require('./projectGroup')
+const processFingerprint = async (contrastConf, argvMain) => {
+  let config = await fingerprintConfig.getFingerprintConfig(
+    contrastConf,
+    'fingerprint',
+    argvMain
+  )
+  config.repositoryId = await repoServices.getRepoId(config)
+  if (config.repositoryId !== '') {
+    config.projectGroupId = await projectConfig.getProjectGroupId(config)
+    let fingerprint = await autoDetection.autoDetectFingerprintInfo(
+      config.file,
+      config.depth,
+      config
+    )
+
+    if (fingerprint.length === 0) {
+      console.log('No supported manifests found')
+      process.exit(0)
+    }
+
+    let idArray = fingerprint.map(x => x.id)
+    await saveResults.writeResultsToFile(fingerprint, 'fingerPrintInfo.json')
+    return console.log(idArray)
+  } else {
+    console.log('No repository Id found')
+    process.exit(1)
+  }
+}
+
+module.exports = {
+  processFingerprint: processFingerprint
+}

package/src/commands/github/projectGroup.js

@@ -15,17 +15,43 @@ const getProjectIdByOrg = async config => {
   return projectId
 }
 
-const registerNewProjectGroup = async config => {
-  let projectId = ''
+const createNewProjectGroupBody = async config => {
   let body = {
-    organizationId: config.organizationId,
-    name: config.name ? config.name : config.file, //has to be unique per project
-    repositoryId: null,
-    type: 'CLI'
+    organizationId: config.organizationId
   }
-  const client = await commonApi.getHttpClient(config)
-  body.projects = createProjects([config])
+  if (config.repo || config?.repositoryId) {
+    body.repositoryId = config.repositoryId
+    body.type = 'REPOSITORY'
+    body.name = getProjectGroupNameRepo(config)
+  } else {
+    body.repositoryId = null
+    body.type = 'CLI'
+    body.name = getProjectGroupNameCLI(config)
+  }
+  return body
+}
 
+const getProjectGroupNameRepo = config => {
+  return config.repositoryName
+}
+const getProjectGroupNameCLI = config => {
+  // file here is actually folder name
+  return config.name ? config.name : config.file
+}
+
+const getProjectName = config => {
+  return config.name ? config.name : config.fileName
+}
+
+const registerNewProjectGroup = async config => {
+  let body = await createNewProjectGroupBody(config)
+
+  const client = await commonApi.getHttpClient(config)
+  if (config.repositoryId) {
+    body.projects = []
+  } else {
+    body.projects = createProjectsArray([config])
+  }
   let projectGroupInfo = await client
     .registerProjectGroup(config, body)
     .then(res => {
@@ -43,7 +69,7 @@ const registerNewProjectGroup = async config => {
       }
 
       if (res.statusCode === 409) {
-        return []
+        return ''
       }
     })
     .catch(err => {
@@ -54,30 +80,33 @@ const registerNewProjectGroup = async config => {
   return projectGroupInfo
 }
 
-const createProjects = params => {
+const createProjectsArray = params => {
   let projectsArray = []
   let projects = {}
-
   params.forEach(param => {
-    projects = {
-      path: param.file,
-      name: param.name ? param.name : param.file,
-      source: 'SCA',
-      language: param.language,
-      packageManager: 'MAVEN',
-      target: 'SCA',
-      sourceId: '' // this is appID at the moment and scaID in future
-    }
+    projects = createProject(param)
     projectsArray.push(projects)
   })
 
   return projectsArray
 }
 
+const createProject = param => {
+  return {
+    path: param.fileName,
+    name: param.repo ? param.fileName : getProjectName(param),
+    source: 'SCA',
+    language: param.language,
+    packageManager: param.packageManager,
+    target: 'SCA',
+    sourceId: ''
+  }
+}
+
 const getExistingGroupProjectId = (config, projectGroupsInfoEx) => {
   let existingGroupProjectId = ''
   projectGroupsInfoEx.forEach(i => {
-    if (i.name === config.name) {
+    if (i.repositoryId === config.repositoryId) {
       existingGroupProjectId = i.projectGroupId
     }
   })
@@ -85,21 +114,46 @@ const getExistingGroupProjectId = (config, projectGroupsInfoEx) => {
 }
 
 const getProjectIdFromArray = (config, array) => {
-  let projectId = ''
-  array?.forEach(i => {
-    if (i.name === config.name) {
-      projectId = i.projectId
+  if (array.length === 1) {
+    return array[0].projectId
+  }
+
+  if (config.name) {
+    for (const i of array) {
+      //match on name
+      if (i.name === config.name) return i.projectId
     }
-  })
-  return projectId
+  }
+
+  for (const i of array) {
+    //match on fileName
+    if (i.name === config.fileName) return i.projectId
+  }
+
+  return ''
+}
+
+const addAdditionalData = (body, data) => {
+  body.projectGroupId = data.projectGroupId ? data.projectGroupId : null
+  body.projectGroupName = data.projectGroupName ? data.projectGroupName : null
+  body.projectLanguage = data.projectLanguage ? data.projectLanguage : null
+  body.projectType = data.projectType ? data.projectType : null
 }
 
-const registerProjectIdOnCliServices = async (config, projectId) => {
+const registerProjectIdOnCliServices = async (
+  config,
+  projectId,
+  additionalData = undefined
+) => {
   const client = commonApi.getHttpClient(config)
 
   let cliServicesBody = {
     projectId: projectId,
-    name: config.name
+    name: config.repo ? config.fileName : getProjectName(config)
+  }
+
+  if (additionalData) {
+    addAdditionalData(cliServicesBody, additionalData)
   }
 
   let result = await client
@@ -107,24 +161,48 @@ const registerProjectIdOnCliServices = async (config, projectId) => {
     .then(res => {
       if (config.debug || config.verbose) {
         console.log('\nregistration on cli services')
-        console.log(res.statusCode)
+        console.log('request body', cliServicesBody)
+        console.log('response code', res.statusCode)
       }
       if (res.statusCode === 201 || res.statusCode === 200) {
         return res.body
       } else {
-        return []
+        console.log('Failed to Register On Cli Services')
+        console.log(res.statusCode)
+        process.exit(1)
       }
     })
 
   return result
 }
 
+const registerProjectWithGroupProjectId = async config => {
+  const client = commonApi.getHttpClient(config)
+  config.language = config.language === 'NODE' ? 'JAVASCRIPT' : config.language
+
+  let body = createProject(config)
+  let result = await client.registerProject(config, body).then(res => {
+    if (config.debug || config.verbose) {
+      console.log('\nregister Project With Group ProjectId')
+      console.log(res.statusCode)
+      console.log(res.body)
+    }
+    if (res.statusCode === 201 || res.statusCode === 200) {
+      return res.body
+    } else {
+      return []
+    }
+  })
+
+  return result
+}
+
 const retrieveExistingProjectIdWithProjectGroupId = async (
   config,
   client,
   projectGroupId
 ) => {
-  let groups = await client
+  return await client
     .retrieveExistingProjectIdByProjectGroupId(config, projectGroupId)
     .then(res => {
       if (config.debug || config.verbose) {
@@ -136,11 +214,9 @@ const retrieveExistingProjectIdWithProjectGroupId = async (
       if (res.statusCode === 200) {
         return res.body
       } else {
-        return []
+        return ''
       }
     })
-
-  return getProjectIdFromArray(config, groups)
 }
 
 const retrieveProjectByOrganization = async (config, client) => {
@@ -159,16 +235,41 @@ const retrieveProjectByOrganization = async (config, client) => {
   })
 }
 
-const retrieveExistingProjectGroups = async (config, client) => {
+const retrieveExistingProjectGroups = async config => {
+  const client = commonApi.getHttpClient(config)
   return await client.retrieveExistingProjectGroupsByOrg(config).then(res => {
+    if (config.debug || config.verbose) {
+      console.log('retrieve Existing ProjectGroups By Org')
+      console.log(res.statusCode)
+      console.log(res.body)
+    }
     if (res.statusCode === 201 || res.statusCode === 200) {
-      return res.body
+      let correctGroupID = res?.body?.filter(
+        i => i.repositoryId === config.repositoryId
+      )
+
+      if (correctGroupID.length > 0) {
+        return correctGroupID[0].projectGroupId
+      }
+      return ''
     } else {
-      return []
+      return ''
     }
   })
 }
 
+const getProjectGroupId = async config => {
+  let projectGroupId = ''
+  if (config.projectGroupId === '' || config.projectGroupId === undefined) {
+    projectGroupId = await retrieveExistingProjectGroups(config)
+  }
+
+  if (projectGroupId === '') {
+    projectGroupId = await registerNewProjectGroup(config)
+  }
+  return projectGroupId
+}
+
 const dealWithNoName = async config => {
   try {
     config.name = getAppName(config.file)
@@ -183,5 +284,11 @@ module.exports = {
   getProjectIdByOrg,
   registerProjectIdOnCliServices,
   dealWithNoName,
-  registerNewProjectGroup
+  registerNewProjectGroup,
+  createNewProjectGroupBody,
+  registerProjectWithGroupProjectId,
+  getExistingGroupProjectId,
+  getProjectGroupId,
+  retrieveExistingProjectGroups,
+  createProject
 }

package/src/commands/github/repoServices.js

@@ -0,0 +1,122 @@
+const commonApi = require('../../utils/commonApi')
+const retrieveRepoId = async config => {
+  const client = await commonApi.getHttpClient(config)
+
+  let repositoryId = await client
+    .retrieveRepoByOrgAndGitURL(config)
+    .then(res => {
+      if (config.debug || config.verbose) {
+        console.log('\nRetrieve RepoId By retrieveRepoByOrgAndGitURL')
+        console.log(res.statusCode)
+        console.log(res.body)
+      }
+
+      if (res.statusCode === 201 || res.statusCode === 200) {
+        return res.body.repositoryId
+      } else {
+        return ''
+      }
+    })
+
+  return repositoryId
+}
+
+const registerNewRepo = async config => {
+  let body = {
+    externalScmUrl: config.repositoryUrl,
+    externalScmName: config.repositoryName,
+    externalId: config.externalId,
+    primaryLanguage: config.language,
+    defaultBranch: 'develop'
+  }
+  if (config.debug || config.verbose) {
+    console.log('registerNewRepo')
+    console.log(body)
+  }
+
+  const client = await commonApi.getHttpClient(config)
+
+  let result = await client
+    .registerRepo(config, body)
+    .then(res => {
+      if (config.debug || config.verbose) {
+        console.log('\nRegister Repository')
+        console.log(res.statusCode)
+        console.log(res.body)
+      }
+      if (res.statusCode === 201 || res.statusCode === 200) {
+        if (config.debug || config.verbose) {
+          console.log('registerRepository - response')
+          console.log('response', res.body)
+        }
+        return res?.body?.repositoryId
+      }
+
+      if (res.statusCode === 409) {
+        return ''
+      }
+      if (res.statusCode === 400) {
+        if (config.debug || config.verbose) {
+          console.log('\nError Registering Repository - Bad request')
+          console.log(res.statusCode)
+          console.log(res.message)
+        }
+        process.exit(1)
+      }
+    })
+    .catch(err => {
+      console.log('\nError Registering Repository')
+      console.log(err.statusCode)
+      console.log(err.message)
+      process.exit(1)
+    })
+
+  return result
+}
+
+const retrieveProjectInfoViaRepoId = async config => {
+  const client = await commonApi.getHttpClient(config)
+
+  let result = await client
+    .retrieveProjectByRepoId(config)
+    .then(res => {
+      if (config.debug || config.verbose) {
+        console.log('\nRetrieve Project By RepoId')
+        console.log(res.statusCode)
+        console.log(res.body)
+      }
+      if (res.statusCode === 201 || res.statusCode === 200) {
+        return res?.body
+      }
+
+      if (res.statusCode === 409) {
+        return []
+      }
+    })
+    .catch(err => {
+      console.log('\nError Retrieve Project By RepoId')
+      console.log(err.statusCode)
+    })
+
+  return result
+}
+
+const getRepoId = async config => {
+  let repoId = ''
+  if (config.repositoryId === '' || config.repositoryId === undefined) {
+    repoId = await retrieveRepoId(config)
+  }
+
+  if (repoId === '') {
+    repoId = await registerNewRepo(config)
+  }
+
+  return repoId
+}
+
+module.exports = {
+  retrieveRepoId,
+  registerNewRepo,
+  getRepoId,
+  retrieveProjectInfoViaRepoId
+}

package/src/common/HTTPClient.js

@@ -225,12 +225,6 @@ HTTPClient.prototype.scaServiceIngest = function scaServiceIngest(
   options.url = url
   options.body = requestBody
 
-  if (config.debug || config.verbose) {
-    console.log('scaServiceIngest')
-    console.log('url', options.url)
-    console.log('body', options.body)
-  }
-
   return requestUtils.sendRequest({ method: 'post', options })
 }
 
@@ -346,6 +340,17 @@ HTTPClient.prototype.registerRepo = function registerRepo(config, requestBody) {
   return requestUtils.sendRequest({ method: 'post', options })
 }
 
+HTTPClient.prototype.retrieveProjectByRepoId = function retrieveProjectByRepoId(
+  config,
+  requestBody
+) {
+  const options = _.cloneDeep(this.requestOptions)
+  let url = createRepoProjectUrl(config)
+  options.url = url
+  options.body = requestBody
+  return requestUtils.sendRequest({ method: 'get', options })
+}
+
 HTTPClient.prototype.registerProjectGroup = function (config, requestBody) {
   const options = _.cloneDeep(this.requestOptions)
   let url = registerProjectGroupUrl(config)
@@ -355,17 +360,18 @@ HTTPClient.prototype.registerProjectGroup = function (config, requestBody) {
   if (config.debug || config.verbose) {
     console.log('registerProjectGroup')
     console.log('url', options.url)
-    console.log('body', options.body)
+    // console.log('body', options.body)
   }
 
   return requestUtils.sendRequest({ method: 'post', options })
 }
 
-HTTPClient.prototype.registerProject = function (config, projectGroupId) {
+HTTPClient.prototype.registerProject = function (config, body) {
   const options = _.cloneDeep(this.requestOptions)
-  let url = registerProjectUrl(config, projectGroupId)
+  let url = registerProjectUrl(config)
   options.url = url
-  return requestUtils.sendRequest({ method: 'get', options })
+  options.body = body
+  return requestUtils.sendRequest({ method: 'post', options })
 }
 HTTPClient.prototype.retrieveSourcesViaRepositoryId = function (
   config,
@@ -405,6 +411,9 @@ HTTPClient.prototype.retrieveProjectByOrganizationId = function registerRepo(
   const options = _.cloneDeep(this.requestOptions)
   let url = retrieveProjectByOrganizationIdUrl(config)
   options.url = url
+  if (config.debug || config.verbose) {
+    console.log(url)
+  }
   return requestUtils.sendRequest({ method: 'get', options })
 }
 
@@ -412,8 +421,15 @@ HTTPClient.prototype.retrieveExistingProjectGroupsByOrg = function registerRepo(
   config
 ) {
   const options = _.cloneDeep(this.requestOptions)
-  let url = retrieveExistingGroupProjectsByOrgUrl(config)
+  let url =
+    retrieveExistingGroupProjectsByOrgUrl(config) +
+    '?name=' +
+    config.repositoryName +
+    '&type=REPOSITORY'
   options.url = url
+  if (config.debug || config.verbose) {
+    console.log(options.url)
+  }
   return requestUtils.sendRequest({ method: 'get', options })
 }
 
@@ -622,7 +638,9 @@ function createScaServiceReportStatusURL(config, reportId) {
 function createScaServiceNoProjectIdURL(config) {
   return `${config.host}/Contrast/api/sca/organizations/${
     config.organizationId
-  }/libraries/ingests/tree${config.repo ? '?incomplete=true' : ''}`
+  }/libraries/ingests/tree${
+    config.repo && config.language === 'JAVA?' ? 'incomplete=true' : ''
+  }`
 }
 
 // function createScaServiceIngestsURL(config) {
@@ -635,7 +653,9 @@ function createScaServiceHealthURL(config) {
 
 function createScaServiceIngestURL(config) {
   let optionalParams = []
-  config.repo ? optionalParams.push('incomplete=true') : null
+  config.repo && config.language === 'JAVA'
+    ? optionalParams.push('incomplete=true')
+    : null
   config.track ? optionalParams.push('persist=true') : null
 
   let params = '?'
@@ -664,8 +684,8 @@ const registerProjectGroupUrl = config => {
   return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups`
 }
 
-const registerProjectUrl = (config, projectGroupId) => {
-  return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups/${projectGroupId}/projects`
+const registerProjectUrl = config => {
+  return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups/${config.projectGroupId}/projects`
 }
 
 const retrieveRegisterOnCliServicesUrl = config => {
@@ -677,16 +697,21 @@ const retrieveSourcesUrl = (config, repositoryId) => {
 }
 
 const retrieveRepoByOrgAndGitURL = config => {
-  return `${config.host}/api/v4/organizations/${config.organizationId}/repository`
+  return `${config.host}/api/v4/organizations/${config.organizationId}/repositories/external-url?externalRepoUrl=${config.repositoryUrl}`
 }
 
 const retrieveProjectByOrganizationIdUrl = config => {
   let baseUrl = `${config.host}/api/v4/organizations/${config.organizationId}/projects`
-  baseUrl = config.name ? baseUrl.concat(`?name=${config.name}`) : baseUrl
+  baseUrl = config.name
+    ? baseUrl.concat(`?name=${config.name}`)
+    : baseUrl.concat(`?name=${config.fileName}`)
   baseUrl = config.language
     ? baseUrl.concat(`&language=${config.language}`)
     : baseUrl
   baseUrl = config.language ? baseUrl.concat(`&source=SCA`) : baseUrl
+  baseUrl = config.repo
+    ? baseUrl.concat(`&type=REPOSITORY`)
+    : baseUrl.concat(`&type=CLI`)
   return baseUrl
 }
 
@@ -702,7 +727,11 @@ const retrieveExistingRepoUrl = config => {
 }
 
 function createRepositoryUrl(config) {
-  return `${config.host}/projects/v1/repositories`
+  return `${config.host}/api/v4/organizations/${config.organizationId}/repositories`
+}
+
+function createRepoProjectUrl(config) {
+  return `${config.host}/api/v4/organizations/${config.organizationId}/repositories/${config.repositoryId}/projects`
 }
 
 function createLibraryVulnerabilitiesUrl(config) {