- Vorpal Custom Path Implementation

Author: cx-anjali-deore

internal/commands/asca/asca-engine.go

@@ -6,16 +6,24 @@ import (
 	"github.com/checkmarx/ast-cli/internal/services"
 	"github.com/checkmarx/ast-cli/internal/wrappers"
 	"github.com/checkmarx/ast-cli/internal/wrappers/grpcs"
+	"github.com/checkmarx/ast-cli/internal/wrappers/utils"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 
 func RunScanASCACommand(jwtWrapper wrappers.JWTWrapper) func(cmd *cobra.Command, args []string) error {
 	return func(cmd *cobra.Command, args []string) error {
+		var vorpalLocation string
 		ASCALatestVersion, _ := cmd.Flags().GetBool(commonParams.ASCALatestVersion)
 		fileSourceFlag, _ := cmd.Flags().GetString(commonParams.SourcesFlag)
 		ignoredFilePathFlag, _ := cmd.Flags().GetString(commonParams.IgnoredFilePathFlag)
 		agent, _ := cmd.Flags().GetString(commonParams.AgentFlag)
+		vorpal := viper.GetString(commonParams.VorpalCustomPathKey)
+		if vorpal != "" {
+			vorpalLocation = vorpal
+		} else if location := utils.GetOptionalParam(commonParams.ASCALocationFlag); location != "" {
+			vorpalLocation = location
+		}
 		var port = viper.GetInt(commonParams.ASCAPortKey)
 		ASCAWrapper := grpcs.NewASCAGrpcWrapper(port)
 		ASCAParams := services.AscaScanParams{
@@ -28,7 +36,7 @@ func RunScanASCACommand(jwtWrapper wrappers.JWTWrapper) func(cmd *cobra.Command,
 			JwtWrapper:  jwtWrapper,
 			ASCAWrapper: ASCAWrapper,
 		}
-		scanResult, err := services.CreateASCAScanRequest(ASCAParams, wrapperParams)
+		scanResult, err := services.CreateASCAScanRequest(ASCAParams, wrapperParams, vorpalLocation)
 		if err != nil {
 			return err
 		}

internal/commands/asca/asca-engine_test.go

@@ -75,7 +75,8 @@ func Test_ExecuteAscaScan(t *testing.T) {
 				JwtWrapper:  &mock.JWTMockWrapper{},
 				ASCAWrapper: &mock.ASCAMockWrapper{},
 			}
-			got, err := services.CreateASCAScanRequest(ASCAParams, wrapperParams)
+			// No CustomVorpal Location
+			got, err := services.CreateASCAScanRequest(ASCAParams, wrapperParams, "")
 			if (err != nil) != ttt.wantErr {
 				t.Errorf("executeASCAScan() error = %v, wantErr %v", err, ttt.wantErr)
 				return
@@ -140,3 +141,59 @@ func Test_runScanASCACommand(t *testing.T) {
 		})
 	}
 }
+
+func Test_runScanASCAWithAscaLocationFlagCommand(t *testing.T) {
+	tests := []struct {
+		name         string
+		sourceFlag   string
+		engineFlag   bool
+		ascaLocation string
+		wantErr      bool
+		want         *grpcs.ScanResult
+		wantErrMsg   string
+	}{
+		{
+			name:         "Test with empty fileSourceFlag",
+			sourceFlag:   "",
+			engineFlag:   true,
+			ascaLocation: "C:/Users/test/Downloads/vorpal.exe",
+			wantErr:      false,
+			want:         nil,
+		},
+		{
+			name:         "Test with valid fileSource Flag and ASCAUpdateVersion flag set false ",
+			sourceFlag:   "data/python-vul-file.py",
+			engineFlag:   false,
+			ascaLocation: "C:/Users/test/Downloads/vorpal.exe",
+			want:         nil,
+			wantErr:      false,
+		},
+		{
+			name:         "Test with valid fileSource Flag and ASCAUpdateVersion flag set true ",
+			sourceFlag:   "data/python-vul-file.py",
+			engineFlag:   true,
+			ascaLocation: "C:/Users/test/Downloads/vorpal.exe",
+			want:         nil,
+			wantErr:      false,
+		},
+	}
+	for _, tt := range tests {
+		ttt := tt
+		t.Run(ttt.name, func(t *testing.T) {
+			cmd := &cobra.Command{}
+			cmd.Flags().String(commonParams.SourcesFlag, ttt.sourceFlag, "")
+			cmd.Flags().Bool(commonParams.ASCALatestVersion, ttt.engineFlag, "")
+			cmd.Flags().String(commonParams.FormatFlag, printer.FormatJSON, "")
+			cmd.Flags().String(commonParams.ASCALocationFlag, ttt.ascaLocation, "")
+			runFunc := RunScanASCACommand(&mock.JWTMockWrapper{})
+			err := runFunc(cmd, []string{})
+			if (err != nil) != ttt.wantErr {
+				t.Errorf("RunScanASCACommand() error = %v, wantErr %v", err, ttt.wantErr)
+				return
+			}
+			if ttt.wantErr && err.Error() != ttt.wantErrMsg {
+				t.Errorf("RunScanASCACommand() error message = %v, wantErrMsg %v", err.Error(), ttt.wantErrMsg)
+			}
+		})
+	}
+}

internal/commands/root.go

@@ -2,6 +2,7 @@ package commands
 
 import (
 	"fmt"
+	"github.com/checkmarx/ast-cli/internal/wrappers/utils"
 	"io"
 	"log"
 	"os"
@@ -106,6 +107,7 @@ func NewAstCLI(
 	rootCmd.PersistentFlags().String(params.ConfigFilePathFlag, "", "Path to the configuration file")
 
 	rootCmd.PersistentFlags().Bool(params.ApikeyOverrideFlag, false, "")
+	rootCmd.PersistentFlags().String(params.OptionalFlags, "", params.OptionalFlagUsage)
 
 	_ = rootCmd.PersistentFlags().MarkHidden(params.ApikeyOverrideFlag)
 	rootCmd.PersistentFlags().String(params.LogFileFlag, "", params.LogFileUsage)
@@ -115,7 +117,8 @@ func NewAstCLI(
 	// are passed to Cobra.
 	rootCmd.PersistentPreRunE = func(cmd *cobra.Command, args []string) error {
 		CheckPreferredCredentials(cmd)
-		err := customLogConfiguration(rootCmd)
+		err := extractOptionalFlags()
+		err = customLogConfiguration(rootCmd)
 		if err != nil {
 			return err
 		}
@@ -149,6 +152,8 @@ func NewAstCLI(
 	_ = viper.BindPFlag(params.OriginKey, rootCmd.PersistentFlags().Lookup(params.OriginFlag))
 	_ = viper.BindPFlag(params.IgnoreProxyKey, rootCmd.PersistentFlags().Lookup(params.IgnoreProxyFlag))
 	_ = viper.BindPFlag(params.ConfigFilePathKey, rootCmd.PersistentFlags().Lookup(params.ConfigFilePathFlag))
+	_ = viper.BindPFlag(params.OptionalFlagsKey, rootCmd.PersistentFlags().Lookup(params.OptionalFlags))
+
 	// Key here is the actual flag since it doesn't use an environment variable
 	_ = viper.BindPFlag(params.DebugFlag, rootCmd.PersistentFlags().Lookup(params.DebugFlag))
 	_ = viper.BindPFlag(params.InsecureFlag, rootCmd.PersistentFlags().Lookup(params.InsecureFlag))
@@ -427,3 +432,23 @@ func CheckPreferredCredentials(cmd *cobra.Command) {
 		viper.Set(params.PreferredCredentialTypeKey, "")
 	}
 }
+
+func extractOptionalFlags() error {
+	optionalFlags := strings.TrimSpace(viper.GetString(params.OptionalFlagsKey))
+	if optionalFlags == "" {
+		return nil
+	}
+	pairs := strings.Split(optionalFlags, ";")
+	for _, pair := range pairs {
+		pair = strings.TrimSpace(pair)
+		if pair == "" {
+			continue
+		}
+		keyVal := strings.Split(pair, "=")
+		if len(keyVal) != params.KeyValuePairSize {
+			return errors.New("Invalid optional flags. Optional flags should be in a KEY1=VALUE1;KEY2=VALUE2 format")
+		}
+		utils.SetOptionalParam(keyVal[0], keyVal[1])
+	}
+	return nil
+}

internal/commands/root_test.go

@@ -309,3 +309,10 @@ func TestSetLogOutputFromFlag_DirPath_Console_Success(t *testing.T) {
 	err := setLogOutputFromFlag(params.LogFileConsoleFlag, tempDir)
 	assert.NilError(t, err)
 }
+
+func TestOptionalFlag(t *testing.T) {
+	baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-s", githubDummyRepo, "-b", "dummy_branch", "--optional-flags", "asca-location=/optional/path"}
+	cmd := createASTTestCommand()
+	err := executeTestCommand(cmd, baseArgs...)
+	assert.NilError(t, err)
+}

internal/commands/scan.go

@@ -482,6 +482,9 @@ func scanASCASubCommand(jwtWrapper wrappers.JWTWrapper, featureFlagsWrapper wrap
 	)
 
 	scanASCACmd.PersistentFlags().String(commonParams.IgnoredFilePathFlag, "", "Path to ignored secrets file")
+	scanASCACmd.PersistentFlags().String(commonParams.ASCALocationFlag, "", "Path to ASCA installed location")
+	_ = viper.BindPFlag(commonParams.VorpalCustomPathKey, scanASCACmd.PersistentFlags().Lookup(commonParams.ASCALocationFlag))
+
 	return scanASCACmd
 }
 

internal/params/binds.go

@@ -87,4 +87,6 @@ var EnvVarsBinds = []struct {
 	{CompleteMultiPartUploadPathKey, CompleteMultipartUploadPathEnv, "api/uploads/complete-multipart-upload"},
 	{MultipartFileSizeKey, MultipartFileSizeEnv, "2"},
 	{DisableASCALatestVersionKey, DisableASCALatestVersionEnv, ""},
+	{VorpalCustomPathKey, VorpalPathEnv, ""},
+	{OptionalFlagsKey, OptionalFlagsEnv, ""},
 }

internal/params/envs.go

@@ -90,4 +90,6 @@ const (
 	CompleteMultipartUploadPathEnv      = "CX_COMPLETE_MULTIPART_UPLOAD_PATH"
 	MultipartFileSizeEnv                = "MULTIPART_FILE_SIZE"
 	DisableASCALatestVersionEnv         = "DISABLE_ASCA_UPDATE"
+	VorpalPathEnv                       = "CX_ASCA_PATH"
+	OptionalFlagsEnv                    = "CX_OPTIONAL_FLAGS"
 )

internal/params/flags.go

@@ -64,9 +64,11 @@ const (
 	FormatFlagUsageFormat          = "Format for the output. One of %s"
 	FilterFlag                     = "filter"
 	ASCALatestVersion              = "asca-latest-version"
+	ASCALocationFlag               = "asca-location"
 	BaseURIFlag                    = "base-uri"
 	ProxyFlag                      = "proxy"
 	ProxyFlagUsage                 = "Proxy server to send communication through"
+	OptionalFlagUsage              = "Optional global flags for CLI "
 	IgnoreProxyFlag                = "ignore-proxy"
 	IgnoreProxyFlagUsage           = "Ignore proxy configuration"
 	ProxyTypeFlag                  = "proxy-auth-type"
@@ -77,6 +79,7 @@ const (
 	KerberosProxySPNFlag           = "proxy-kerberos-spn"
 	KerberosKrb5ConfFlag           = "proxy-kerberos-krb5-conf"
 	KerberosCcacheFlag             = "proxy-kerberos-ccache"
+	OptionalFlags                  = "optional-flags"
 	SastFastScanFlag               = "sast-fast-scan"
 	SastLightQueriesFlag           = "sast-light-queries"
 	BranchPrimaryFlag              = "branch-primary"

internal/params/keys.go

@@ -89,4 +89,6 @@ var (
 	CompleteMultiPartUploadPathKey      = strings.ToLower(CompleteMultipartUploadPathEnv)
 	MultipartFileSizeKey                = strings.ToLower(MultipartFileSizeEnv)
 	DisableASCALatestVersionKey         = strings.ToLower(DisableASCALatestVersionEnv)
+	VorpalCustomPathKey                 = strings.ToLower(VorpalPathEnv)
+	OptionalFlagsKey                    = strings.ToLower(OptionalFlagsEnv)
 )

internal/services/asca.go

@@ -3,12 +3,6 @@ package services
 import (
 	"encoding/json"
 	"fmt"
-	"net"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"time"
 
 	"github.com/checkmarx/ast-cli/internal/commands/asca/ascaconfig"
 	"github.com/checkmarx/ast-cli/internal/logger"
@@ -19,7 +13,14 @@ import (
 	"github.com/checkmarx/ast-cli/internal/wrappers/configuration"
 	"github.com/checkmarx/ast-cli/internal/wrappers/grpcs"
 	getport "github.com/jsumners/go-getport"
+	"github.com/pkg/errors"
 	"github.com/spf13/viper"
+	"net"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
 )
 
 const (
@@ -39,22 +40,53 @@ type AscaWrappersParam struct {
 	ASCAWrapper grpcs.AscaWrapper
 }
 
-func CreateASCAScanRequest(ascaParams AscaScanParams, wrapperParams AscaWrappersParam) (*grpcs.ScanResult, error) {
-	err := manageASCAInstallation(ascaParams, wrapperParams)
+func validateVorpalDirExist(dirPath string) error {
+	info, err := os.Stat(dirPath)
 	if err != nil {
-		return nil, err
+		if os.IsNotExist(err) {
+			return errors.Errorf("%s path does not exist", dirPath)
+		}
+		if errors.Is(err, os.ErrPermission) {
+			return errors.Errorf("permission denied while accessing path %s", dirPath)
+		}
+		return errors.Errorf("cannot access path %s: %v", dirPath, err)
+	}
+	if !info.IsDir() {
+		return errors.Errorf("provided path is not a directory %s", dirPath)
 	}
+	return nil
+}
+
+func ValidateCustomASCAInstallation(vorpalLocation string) error {
+	if err := validateVorpalDirExist(vorpalLocation); err != nil {
+		return errors.Wrap(err, "Failed to validate ASCA location")
+	}
+	ascaconfig.Params.SetVorpalCustomPath(vorpalLocation)
+	ASCAInstalled, _ := osinstaller.FileExists(ascaconfig.Params.ExecutableFilePath())
+	if !ASCAInstalled {
+		return errors.Errorf("No ASCA executable found in provided location: %s", vorpalLocation)
+	}
+	return nil
+}
 
+func CreateASCAScanRequest(ascaParams AscaScanParams, wrapperParams AscaWrappersParam, vorpalLocation string) (*grpcs.ScanResult, error) {
+	var err error
+	if vorpalLocation == "" {
+		err = manageASCAInstallation(ascaParams, wrapperParams)
+		if err != nil {
+			return nil, err
+		}
+	} else if err = ValidateCustomASCAInstallation(vorpalLocation); err != nil {
+		return nil, err
+	}
 	err = ensureASCAServiceRunning(wrapperParams, ascaParams)
 	if err != nil {
 		return nil, err
 	}
-
 	emptyResults := validateFilePath(ascaParams.FilePath)
 	if emptyResults != nil {
 		return emptyResults, nil
 	}
-
 	ignoredResults := validateIgnoredFilePath(ascaParams.IgnoredFilePath)
 	if ignoredResults != nil {
 		return ignoredResults, nil
@@ -266,7 +298,6 @@ func RunASCAEngine(port int) error {
 	if err != nil {
 		return err
 	}
-
 	ready := waitForServer(fmt.Sprintf("localhost:%d", port), dialTimeout)
 	if !ready {
 		return fmt.Errorf("server did not become ready in time")