From 08791f82c30a98c83870d8363740b895799afdd0 Mon Sep 17 00:00:00 2001 From: Yair Zohar Date: Tue, 2 Aug 2022 16:07:23 +0300 Subject: [PATCH] feat: add project attributes support in --experimental --- src/cli/commands/test/iac/v2/index.ts | 12 ++++++++- src/lib/iac/test/v2/scan/index.ts | 38 +++++++++++++++++++++++---- src/lib/iac/test/v2/types.ts | 2 ++ 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/src/cli/commands/test/iac/v2/index.ts b/src/cli/commands/test/iac/v2/index.ts index be13427a8a..2972bcc830 100644 --- a/src/cli/commands/test/iac/v2/index.ts +++ b/src/cli/commands/test/iac/v2/index.ts @@ -9,6 +9,7 @@ import { spinnerMessage } from '../../../../../lib/formatters/iac-output'; import { buildOutput } from '../../../../../lib/iac/test/v2/output'; import { getIacOrgSettings } from '../local-execution/org-settings/get-iac-org-settings'; import { Options, TestOptions } from '../../../../../lib/types'; +import { generateProjectAttributes } from '../../../monitor'; export async function test( paths: string[], @@ -42,7 +43,7 @@ export async function test( async function prepareTestConfig( paths: string[], - options: any, + options: Options & TestOptions, ): Promise { const systemCachePath = config.CACHE_PATH ?? envPaths('snyk').cache; const iacCachePath = pathLib.join(systemCachePath, 'iac'); @@ -51,6 +52,8 @@ async function prepareTestConfig( const org = (options.org as string) || config.org; const orgSettings = await getIacOrgSettings(org); + const attributes = parseAttributes(options); + return { paths, iacCachePath, @@ -59,5 +62,12 @@ async function prepareTestConfig( userRulesBundlePath: config.IAC_BUNDLE_PATH, userPolicyEnginePath: config.IAC_POLICY_ENGINE_PATH, severityThreshold: options.severityThreshold, + attributes, }; } + +function parseAttributes(options: Options & TestOptions) { + if (options.report) { + return generateProjectAttributes(options); + } +} diff --git a/src/lib/iac/test/v2/scan/index.ts b/src/lib/iac/test/v2/scan/index.ts index 3a9d198f59..dbb617cfb1 100644 --- a/src/lib/iac/test/v2/scan/index.ts +++ b/src/lib/iac/test/v2/scan/index.ts @@ -39,11 +39,7 @@ function scanWithConfig( rulesBundlePath: string, configPath: string, ): SnykIacTestOutput { - const args = ['-bundle', rulesBundlePath, '-config', configPath]; - - if (options.severityThreshold) { - args.push('-severity-threshold', options.severityThreshold); - } + const args = processFlags(options, rulesBundlePath, configPath); args.push(...options.paths); @@ -73,6 +69,38 @@ function scanWithConfig( return output; } +function processFlags( + options: TestConfig, + rulesBundlePath: string, + configPath: string, +) { + const flags = ['-bundle', rulesBundlePath, '-config', configPath]; + + if (options.severityThreshold) { + flags.push('-severity-threshold', options.severityThreshold); + } + + if (options.attributes?.criticality) { + flags.push( + '-project-business-criticality', + options.attributes.criticality.join(','), + ); + } + + if (options.attributes?.environment) { + flags.push( + '-project-environment', + options.attributes.environment.join(','), + ); + } + + if (options.attributes?.lifecycle) { + flags.push('-project-lifecycle', options.attributes.lifecycle.join(',')); + } + + return flags; +} + function createConfig(options: TestConfig): string { try { const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'snyk-')); diff --git a/src/lib/iac/test/v2/types.ts b/src/lib/iac/test/v2/types.ts index 7662bd1dd4..45bb37d6d5 100644 --- a/src/lib/iac/test/v2/types.ts +++ b/src/lib/iac/test/v2/types.ts @@ -1,5 +1,6 @@ import { IacOrgSettings } from '../../../../cli/commands/test/iac/local-execution/types'; import { SEVERITY } from '../../../snyk-test/legacy'; +import { ProjectAttributes } from '../../../types'; export interface TestConfig { paths: string[]; @@ -9,4 +10,5 @@ export interface TestConfig { projectName: string; orgSettings: IacOrgSettings; severityThreshold?: SEVERITY; + attributes?: ProjectAttributes; }