@contrast/core 1.28.0 → 1.29.0

package/lib/app-info.js

@@ -19,190 +19,183 @@ const os = require('os');
 const path = require('path');
 const fs = require('fs');
 const process = require('process');
+const { IntentionalError } = require('@contrast/common');
+const { findPackageJsonSync } = require('@contrast/find-package-json');
 
-const MAX_ATTEMPTS = 10; // temporary until test dir is flattened a bit
+/**
+ * @typedef {Object} PackageInfo
+ * @property {string} dir - the directory containing the `package.json`
+ * @property {object} packageData - parsed package contents
+ * @property {string} packageFile - filename of `package.json` (abs path)
+*/
 
 module.exports = function (core) {
   const { logger, config } = core;
+  const { app_root, cmd_ignore_list, exclusive_entrypoint } = config.agent.node;
 
-  const appInfo = (core.appInfo = {
+  let cmd;
+  let entrypoint;
+  let pkgInfo;
+  let err;
+
+  try {
+    cmd = getCommand();
+    entrypoint = getEntrypoint();
+    pkgInfo = getPackageInfo(entrypoint);
+  } catch (_err) {
+    err = _err;
+  }
+
+  return core.appInfo = !err ? {
+    // dedupe this? - it's already in systemInfo
     os: {
       type: os.type(),
       platform: os.platform(),
       architecture: os.arch(),
       release: os.release(),
     },
+    cmd,
     hostname: os.hostname(),
-  });
+    indexFile: entrypoint,
+    path: pkgInfo.packageFile,
+    pkg: pkgInfo.packageData,
+    name: config.application.name || pkgInfo.packageData.name,
+    app_dir: pkgInfo.dir,
+    version: config.application.version || pkgInfo.packageData.version,
+    serverVersion: config.server.version,
+    node_version: process.version,
+    appPath: config.application.path || pkgInfo.dir,
+    serverName: config.server.name,
+    serverType: config.server.type,
+    serverEnvironment: config.server.environment,
+    group: config.application.group,
+    metadata: config.application.metadata,
+  } : {
+    _errors: [err]
+  };
 
-  let cmd, _path, pkg;
+  /**
+   * Generates a command string based on ARGV and process.argv0, which will be used
+   * for the `appInfo.cmd` field. This function will throw if any of the config's
+   * cmd_ignore_list values match the command.
+   * @returns {string} the issued command that started the current node process
+   * @throws {IntentionalError} when command should be is ignored by Contrast
+   */
+  function getCommand() {
+    const args = [process.argv0, ...process.argv].map((a) => path.basename(a));
+    const cmd = Array.from(new Set(args)).join(' ');
+    const message = 'application command matches cmd_ignore_list config option';
+    let err;
+
+    if (cmd_ignore_list) {
+      for (const ignoreCommand of cmd_ignore_list) {
+        if (err) break;
+
+        if (ignoreCommand === 'npm*') {
+          if (cmd.includes('npm ')) err = new IntentionalError(message);
+        } else {
+          if (cmd.includes(ignoreCommand)) err = new IntentionalError(message);
+        }
+      }
+    }
 
-  try {
-    const entrypoint = config.script || config.entrypoint;
-    if (entrypoint) {
-      cmd = appInfo.cmd = path.resolve(entrypoint);
-    } else {
-      appInfo.cmd = undefined;
+    if (err) {
+      logger.trace({ cmd_ignore_list, cmd }, message);
+      throw err;
     }
 
-    _path = appInfo.path = resolveAppPath(
-      config.agent.node.app_root,
-      cmd ? path.dirname(cmd) : undefined
-    );
-    pkg = require(_path);
-    appInfo.pkg = pkg;
-    appInfo.name = config.application.name || pkg.name;
-    appInfo.app_dir = path.dirname(appInfo.path);
-    appInfo.version = config.application.version || pkg.version;
-  } catch (e) {
-    throw new Error(`Unable to find application's package.json: ${_path}`);
+    return cmd;
   }
 
-  appInfo.serverVersion = config.server.version;
-  appInfo.node_version = process.version;
-
-  appInfo.appPath = config.application.path || appInfo.app_dir;
-  appInfo.indexFile = cmd;
-  appInfo.serverName = config.server.name;
-  appInfo.serverType = config.server.type;
-  appInfo.serverEnvironment = config.server.environment;
-  appInfo.group = config.application.group;
-  appInfo.metadata = config.application.metadata;
-
-  return appInfo;
-
-  function resolveAppPath(appRoot, scriptPath) {
-    let packageLocation;
+  /**
+   * Returns the entrypoint file. If none is found, or the one discovered doesn't match the
+   * config's `agent.node.exclusive_entrypoint` value, this will throw.
+   * @returns {string} entrypoint file name
+   * @throws {Error|IntentionalError} if no entrypoint is found or we're supposed to ignore the app
+   */
+  function getEntrypoint() {
+    let entrypoint = process.argv[1];
 
-    if (appRoot) {
-      packageLocation = findFile({ directory: appRoot, file: 'package.json' });
-    }
+    try {
+      if (entrypoint && fs.statSync(entrypoint).isDirectory()) {
+        const indexJs = path.join(entrypoint, './index.js');
+        try {
+          if (fs.statSync(indexJs)) {
+            entrypoint = indexJs;
+          }
+        } catch (err) {
+          entrypoint = null;
+        }
+      }
+    } catch (err) {} // eslint-disable-line no-empty
 
-    if (!packageLocation) {
-      packageLocation = findFile({
-        directory: scriptPath,
-        file: 'package.json',
-      });
+    if (!entrypoint) {
+      logger.error('no entrypoint found for application');
+      throw new Error('No entrypoint found');
     }
 
-    if (packageLocation) {
-      core.logger.info('using package.json at %s', packageLocation);
+    if (exclusive_entrypoint) {
+      const expectedEntrypoint = path.resolve(app_root || process.cwd(), exclusive_entrypoint);
+      if (entrypoint !== expectedEntrypoint) {
+        const message = 'application does not match exclusive_entrypoint config option';
+        logger.trace({
+          entrypoint,
+          exclusive_entrypoint: expectedEntrypoint,
+        }, message);
+        throw new IntentionalError(message);
+      }
     }
 
-    return packageLocation;
+    return entrypoint;
   }
 
   /**
-   * Gets contents of a directory
-   *
-   * @param {String} directory
-   * @param {Array} contents of a directory
+   * Will try to read the `package.json` file of the app. This will use find-pacakge-json
+   * starting first from entrypoint, then from CWD.
+   * NOTE: If the `app_root` value is specified, this will check only there and then throw if not found.
+   * @param {string} entrypoint app entrypoint
+   * @returns {PackageInfo} dir, packageData, and packageFile
+   * @throws {Error} if package can't be found or parsed
    */
-  function getDirectoryEntries(directory) {
-    try {
-      return fs.readdirSync(directory);
-    } catch (err) {
-      logger.error({ err }, 'error reading directory %s', directory);
-      return [];
-    }
-  }
+  function getPackageInfo(entrypoint) {
+    const cwd = process.cwd();
+    const dirs = new Set();
 
-  /**
-   * Filters files with name matching the file param
-   *
-   * @param {String} directory path to check for file
-   * @param {Array} files list of entries in a directory
-   * @param {String} file file to check
-   *
-   * @return {*} path to file file or false
-   */
-  function filterFiles(directory, files, file) {
-    const hit = files.filter((entry) => entry === file)[0];
-    return hit ? path.resolve(directory, hit) : false;
-  }
+    let dir;
+    let packageData;
+    let packageFile;
 
-  /**
-   * Checks each direct sibling folder for file
-   *
-   * @param {Object} params
-   * @param {String} params.file file to check
-   * @param {String} params.directory path to check for file
-   * @param {Array} params.foundFiles array to hold found files
-   * @param {Array} params.entries list of directory contents
-   */
-  function checkNestedFolders({ file, directory, entries, foundFiles }) {
-    entries.reduce((foundFiles, entry) => {
-      const resolvedEntry = path.resolve(directory, entry);
-      try {
-        if (!fs.statSync(resolvedEntry).isFile()) {
-          const path = filterFiles(
-            resolvedEntry,
-            getDirectoryEntries(resolvedEntry),
-            file
-          );
-          if (path) {
-            foundFiles.push(path);
-          }
-        }
-      } catch (err) {
-        // swallow this error, we don't care
-      }
-      return foundFiles;
-    }, foundFiles);
-  }
-
-  /**
-   * Tries to find a file in entryPoint, 1 folder below or up to 5 directories
-   * above initial path
-   *
-   * @param {Object} params
-   * @param {String} params.directory path to check for file
-   * @param {String} params.file file to check
-   * @param {Int} [params.maxAttempts=5] max attempts to check above params.directory
-   * @param {Int} params.attempts current attempt to find file in path
-   * @param {Boolean} params.checkNested flag to check in nested directories
-   *
-   * @return {String} path to file
-   */
-  function findFile({
-    directory,
-    file,
-    maxAttempts = MAX_ATTEMPTS,
-    attempts = 0,
-    checkNested = true,
-  }) {
-    if (attempts >= maxAttempts) {
-      return;
+    // if this is not the default value, we should only check it
+    if (app_root && app_root !== cwd) {
+      dirs.add(path.resolve(app_root));
+    } else {
+      // otherwise check up folder tree from entrypoint and then cwd
+      dirs.add(path.dirname(entrypoint));
+      dirs.add(cwd);
     }
 
-    attempts++;
-    directory = path.resolve(directory);
-
-    const entries = getDirectoryEntries(directory);
-    const location = filterFiles(directory, entries, file);
-    if (location) {
-      return location;
+    for (dir of dirs) {
+      try {
+        packageFile = findPackageJsonSync({ cwd: dir });
+        packageData = require(packageFile);
+        break;
+      } catch (err) {} // eslint-disable-line no-empty
     }
 
-    // we only want to check files for each directory in the intial call to this function
-    if (checkNested) {
-      const foundFiles = [];
-      checkNestedFolders({ directory, entries, file, foundFiles });
-      // we found a file in the child folders return path to it
-      if (foundFiles.length > 0) {
-        return foundFiles[0];
-      }
+    if (!packageData) {
+      const message = 'unable to locate application package.json';
+      logger.error({
+        app_root,
+        entrypoint,
+        paths: Array.from(dirs),
+      }, message);
+      throw new Error(message);
     }
 
-    // we only want to look at dirs in the initial directory
-    // assign parent directory to directory
-    directory = path.dirname(directory);
-    return findFile({
-      directory,
-      file,
-      maxAttempts,
-      attempts,
-      checkNested: false,
-    });
+    return {
+      dir: path.dirname(packageFile),
+      packageData,
+      packageFile,
+    };
   }
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/core",
-  "version": "1.28.0",
+  "version": "1.29.0",
   "description": "Preconfigured Contrast agent core services and models",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -16,7 +16,8 @@
     "test": "../scripts/test.sh"
   },
   "dependencies": {
-    "@contrast/common": "1.17.0",
+    "@contrast/common": "1.18.0",
+    "@contrast/find-package-json": "^1.0.0",
     "@contrast/fn-inspect": "^4.0.0"
   }
 }