Merge pull request #2 from CheckmarxDev/benalvo/create-runtime-wrapper

JS Wrapper | Remove CLI from the wrapper and download from S3 (AST-64803)

Author: OrShamirCM

.gitattributes

@@ -6,43 +6,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-        with:
-          lfs: true
-
-      - name: Install Git LFS
-        run: |
-          sudo apt-get update
-          sudo apt-get install git-lfs
-          git lfs install
 
-      - name: Use Node.js 14
+      - name: Use Node.js 16
         uses: actions/setup-node@v4.0.2
         with:
-          node-version: 14
+          node-version: 16
           registry-url: https://npm.pkg.github.com/
       - run: npm ci
       - name: Code Linting
         run: npm run lint
       - run: npm run build --if-present
 
-      - name: Check existence of cx-linux binary
-        run: |
-          if [ ! -f "src/main/wrapper/resources/cx-linux" ]; then
-            echo "cx-linux binary does not exist"; exit 1;
-          fi
-
-      - name: Check existence of cx.exe binary
-        run: |
-          if [ ! -f "src/main/wrapper/resources/cx.exe" ]; then
-            echo "cx.exe binary does not exist"; exit 1;
-          fi
-
-      - name: Check existence of cx-mac binary
-        run: |
-          if [ ! -f "src/main/wrapper/resources/cx-mac" ]; then
-            echo "cx-mac binary does not exist"; exit 1;
-          fi
-
       - name: Run tests
         env:
           CX_CLIENT_ID: ${{ secrets.CX_CLIENT_ID}}

.github/scripts/update_cli.sh

@@ -30,12 +30,12 @@ jobs:
 
           echo "Deleting all npm packages whose name ends with '-${{inputs.tag}}.0'"
 
-          VERSION_IDS=($(curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.PERSONAL_ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/CheckmarxDev/packages/npm/ast-cli-javascript-wrapper/versions | jq '.[]|select(.name | contains("-${{inputs.tag}}.0"))|.id'))
+          VERSION_IDS=($(curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.PERSONAL_ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/CheckmarxDev/packages/npm/ast-cli-javascript-wrapper-runtime-cli/versions | jq '.[]|select(.name | contains("-${{inputs.tag}}.0"))|.id'))
 
           for versionId in "${VERSION_IDS[@]}"
           do
              echo "Deleting version $versionId..."
-             curl -L -X DELETE -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.PERSONAL_ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" "https://api.github.com/orgs/CheckmarxDev/packages/npm/ast-cli-javascript-wrapper/versions/$versionId"
+             curl -L -X DELETE -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.PERSONAL_ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" "https://api.github.com/orgs/CheckmarxDev/packages/npm/ast-cli-javascript-wrapper-runtime-cli/versions/$versionId"
              echo "Version $versionId deleted successfully!"
           done
 

.github/workflows/ci.yml

@@ -12,5 +12,5 @@ on:
 
 jobs:
   nightly:
-    uses: CheckmarxDev/ast-cli-javascript-wrapper/.github/workflows/release.yml@main
+    uses: CheckmarxDev/ast-cli-javascript-wrapper-runtime-cli/.github/workflows/release.yml@main
     secrets: inherit

.github/workflows/delete-packages-and-releases.yml

@@ -42,7 +42,7 @@ permissions:
 
 jobs:
   delete:
-    uses: CheckmarxDev/ast-cli-javascript-wrapper/.github/workflows/delete-packages-and-releases.yml@main
+    uses: CheckmarxDev/ast-cli-javascript-wrapper-runtime-cli/.github/workflows/delete-packages-and-releases.yml@main
     with:
       tag: ${{ inputs.jsTag }}
     secrets: inherit
@@ -58,7 +58,6 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          lfs: true  # Ensure LFS files are checked out
 
       # GIT CONFIGURATION
       - run: |
@@ -80,14 +79,6 @@ jobs:
             echo "TAG_NAME=$(npm version patch --no-git-tag-version)" >> $GITHUB_ENV
           fi
 
-      # DOWNLOAD CLI IF IT IS A DEV VERSION AND A CLI TAG WAS PROVIDED
-      - name: Download cli with tag ${{ inputs.cliTag }}
-        if: inputs.dev == true && inputs.cliTag != ''
-        run: |
-          # Update binaries
-          chmod +x ./.github/scripts/update_cli.sh
-          ./.github/scripts/update_cli.sh ${{ inputs.cliTag }}
-
       # RUN NPM INSTALL AND BUILD
       - name: NPM ci and build
         run: |

.github/workflows/nightly.yml

@@ -1,59 +1,53 @@
-name: Update checkmarx ast cli
+name: Update Checkmarx AST CLI
+
 on:
   workflow_dispatch:
+    inputs:
+      new_cli_version:
+        description: 'New CLI version (optional)'
+        required: false
   schedule:
     - cron: '0 0 * * *'
 
 jobs:
   update-checkmarx-cli:
     runs-on: ubuntu-latest
+
     steps:
       - uses: actions/checkout@v4
-        with:
-          lfs: true
-
-      - name: Install Git LFS
-        run: |
-          sudo apt-get update
-          sudo apt-get install git-lfs
-          git lfs install
-
-      - name: Configure Git user
-        run: |
-          git config --global user.name github-actions
-          git config --global user.email github-actions@github.com
 
+      # Fetch the latest Checkmarx AST CLI version
       - name: Get Latest Checkmarx API version
         id: checkmarx-ast-cli
         run: |
-          echo ::set-output name=release_tag::$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name")
-          echo ::set-output name=current_tag::$(<checkmarx-ast-cli.version)
+          if [ "${{ github.event.inputs.new_cli_version }}" ]; then
+            LATEST_VERSION=${{ github.event.inputs.new_cli_version }}
+          else
+            LATEST_VERSION=$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name")
+          fi
+          CURRENT_VERSION=$(<checkmarx-ast-cli.version)
+          echo ::set-output name=release_tag::$LATEST_VERSION
+          echo ::set-output name=current_tag::$CURRENT_VERSION
 
-      - name: Update Checkmarx cli version
+      # Update the version file if the latest version differs
+      - name: Update Checkmarx CLI version in version file
         if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
         env:
           RELEASE_TAG: ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
         run: |
-          # Update current release
           echo ${{ steps.checkmarx-ast-cli.outputs.release_tag }} > checkmarx-ast-cli.version
 
-      - name: Download latest cli and update branch
-        if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
-        run: |
-          # Update binaries
-          chmod +x ./.github/scripts/update_cli.sh
-          ./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
-
-      - name: Track large files with Git LFS
+      # Update the TypeScript file's cliDefaultVersion field
+      - name: Update cliDefaultVersion in CxInstaller.ts
         if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
+        env:
+          NEW_CLI_VERSION: ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
         run: |
-          git lfs track "src/main/wrapper/resources/cx-linux"
-          git lfs track "src/main/wrapper/resources/cx.exe"
-          git lfs track "src/main/wrapper/resources/cx-mac"
-          git add .gitattributes
-          git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac
-          git commit -m "Track Checkmarx CLI binaries with Git LFS"
+          FILE_PATH="src/main/osinstaller/CxInstaller.ts"
+          # Ensure that 'cliDefaultVersion' is updated correctly
+          sed -i "s/\(cliDefaultVersion = '\)[^']*\(';\)/\1${NEW_CLI_VERSION}\2/" $FILE_PATH
 
+      # Create a Pull Request with the version changes
       - name: Create Pull Request
         if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
         uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6

.github/workflows/release.yml

@@ -5,7 +5,7 @@
     <img src="./logo.png" alt="Logo" width="80" height="80">
   </a>
 
-<h3 align="center">AST-CLI-JAVASCRIPT-WRAPPER</h3>
+<h3 align="center">AST-CLI-JAVASCRIPT-WRAPPER-RUNTIME-CLI</h3>
 
 <!-- TABLE OF CONTENTS -->
 <details open="open">
@@ -40,7 +40,7 @@ Add the following dependency:
 
 ```     
 "dependencies": {
-    "@checkmarxdev/ast-cli-javascript-wrapper": "{version}"
+    "@checkmarxdev/ast-cli-javascript-wrapper-runtime-cli": "{version}"
 }
 ```
 
@@ -86,7 +86,7 @@ setx PATH_TO_EXECUTABLE {value}
 
 Checkmarx - AST Integrations Team
 
-CxProject Link: [https://github.com/CheckmarxDev/ast-cli-javascript-wrapper](https://github.com/CheckmarxDev/ast-cli-javascript-wrapper)
+CxProject Link: [https://github.com/CheckmarxDev/ast-cli-javascript-wrapper-runtime-cli](https://github.com/CheckmarxDev/ast-cli-javascript-wrapper-runtime-cli)
 
 
 © 2021 Checkmarx Ltd. All Rights Reserved.

.github/workflows/update-cli.yml

@@ -1 +1 @@
-2.2.6
+2.2.5