Sast Lightweight Scan Add New Command (AST-42347) (#648)

cx-elchanan-arbiv · web-flow · commit 5f6ae1b7a7f3 · 2024-07-02T20:05:05.000+03:00
* Sast Lightweight Scan Add New Command
diff --git a/src/main/vorpal/CxVorpal.ts b/src/main/vorpal/CxVorpal.ts
@@ -0,0 +1,44 @@
+import VorpalScanDetail from "./VorpalScanDetail";
+
+export default class CxVorpal {
+    requestId: string;
+    status: boolean;
+    message: string;
+    scanDetails: VorpalScanDetail[];
+    error: any;
+
+    constructor() {
+        this.requestId = '';
+        this.status = false;
+        this.message = '';
+        this.scanDetails = [];
+        this.error = null;
+    }
+
+    static parseScan(resultObject: any): CxVorpal {
+        const scan = new CxVorpal();
+        scan.requestId = resultObject.request_id;
+        scan.status = resultObject.status;
+        scan.message = resultObject.message;
+        scan.error = resultObject.error;
+
+        if (resultObject.scan_details instanceof Array) {
+            scan.scanDetails = resultObject.scan_details.map((detail: any) => {
+                const scanDetail = new VorpalScanDetail();
+                scanDetail.ruleId = detail.rule_id;
+                scanDetail.language = detail.language;
+                scanDetail.ruleName = detail.rule_name;
+                scanDetail.severity = detail.severity;
+                scanDetail.fileName = detail.file_name;
+                scanDetail.line = detail.line;
+                scanDetail.length = detail.length;
+                scanDetail.problematicLine = detail.problematicLine;
+                scanDetail.remediationAdvise = detail.remediationAdvise;
+                scanDetail.description = detail.description;
+                return scanDetail;
+            });
+        }
+
+        return scan;
+    }
+}
diff --git a/src/main/vorpal/VorpalScanDetail.ts b/src/main/vorpal/VorpalScanDetail.ts
@@ -0,0 +1,25 @@
+export default class VorpalScanDetail {
+    ruleId: number;
+    language: string;
+    ruleName: string;
+    severity: string;
+    fileName: string;
+    line: number;
+    length: number;
+    problematicLine: string;
+    remediationAdvise: string;
+    description: string;
+
+    constructor() {
+        this.ruleId = 0;
+        this.language = '';
+        this.ruleName = '';
+        this.severity = '';
+        this.fileName = '';
+        this.line = 0;
+        this.length = 0;
+        this.problematicLine = '';
+        this.remediationAdvise = '';
+        this.description = '';
+    }
+}
diff --git a/src/main/wrapper/CxConstants.ts b/src/main/wrapper/CxConstants.ts
@@ -65,6 +65,9 @@ export enum CxConstants {
     FORMAT_HTML_CLI = "summaryHTML",
     FILTER = "--filter",
     SCAN_ID = "--scan-id",
+    CMD_VORPAL = "vorpal",
+    SOURCE_FILE = "--file-source",
+    VORPAL_UPDATE_VERSION = "--vorpal-latest-version",
     PROJECT_ID = "--project-id",
     SIMILARITY_ID = "--similarity-id",
     QUERY_ID = "--query-id",
@@ -78,6 +81,7 @@ export enum CxConstants {
     ADDITONAL_PARAMS = "--additional-params",
     ENGINE = "--engine",
     SCAN_TYPE = "CxScan",
+    SCAN_VORPAL = "CxVorpal",
     PROJECT_TYPE = "CxProject",
     PREDICATE_TYPE = "CxPredicate",
     CODE_BASHING_TYPE = "CxCodeBashing",
diff --git a/src/main/wrapper/CxWrapper.ts b/src/main/wrapper/CxWrapper.ts
@@ -125,6 +125,28 @@ export class CxWrapper {
         return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_TYPE);
     }
 
+    async scanVorpal(sourceFile: string, updateVersion = false, agent?: string | null): Promise<CxCommandOutput> {
+        const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.CMD_VORPAL, CxConstants.SOURCE_FILE, sourceFile];
+
+        if (updateVersion) {
+            commands.push(CxConstants.VORPAL_UPDATE_VERSION);
+        }
+        if (agent) {
+            commands.push(CxConstants.AGENT);
+            commands.push(agent);
+        }
+        else {
+            commands.push(CxConstants.AGENT);
+            // if we don't send any parameter in the flag
+            // then in the cli takes the default and this is not true
+            commands.push('"js-wrapper"');
+        }
+
+        commands.push(...this.initializeCommands(false));
+        const exec = new ExecutionService();
+        return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_VORPAL);
+    }
+
     async scanCancel(id: string): Promise<CxCommandOutput> {
         const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.SUB_CMD_CANCEL, CxConstants.SCAN_ID, id];
         commands.push(...this.initializeCommands(false));
diff --git a/src/main/wrapper/ExecutionService.ts b/src/main/wrapper/ExecutionService.ts
@@ -22,6 +22,7 @@ import CxKicsRemediation from "../remediation/CxKicsRemediation";
 import CxScaRealTime from "../scaRealtime/CxScaRealTime";
 import CxChat from "../chat/CxChat";
 import CxMask from "../mask/CxMask";
+import CxVorpal from "../vorpal/CxVorpal";
 
 
 function isJsonString(s: string) {
@@ -183,6 +184,10 @@ export class ExecutionService {
                   const scans = CxScan.parseProject(resultObject);
                   cxCommandOutput.payload = scans;
                   break;
+                case CxConstants.SCAN_VORPAL:
+                    const vorpal = CxVorpal.parseScan(resultObject);
+                    cxCommandOutput.payload = [vorpal];
+                    break;
                 case CxConstants.PROJECT_TYPE:
                   const projects = CxProject.parseProject(resultObject);
                   cxCommandOutput.payload = projects;
diff --git a/src/tests/ScanTest.test.ts b/src/tests/ScanTest.test.ts
@@ -125,4 +125,36 @@ describe("ScanCreate cases", () => {
         expect(aiEnabled).toBeDefined();
     })
 
-});
+    it('ScanVorpal fail case Without extensions', async () => {
+        const auth = new CxWrapper(cxScanConfig);
+        const cxCommandOutput: CxCommandOutput = await auth.scanVorpal("tsc/tests/data/python-file");
+        console.log(" Json object from failure case: " + JSON.stringify(cxCommandOutput));
+
+        expect(cxCommandOutput.payload[0].error.description).toEqual("The file name must have an extension.");
+        expect(cxCommandOutput.exitCode).toBe(0);
+        expect(cxCommandOutput.payload[0].status).toBeUndefined();
+    });
+
+    it('ScanVorpal Successful case', async () => {
+        const auth = new CxWrapper(cxScanConfig);
+        const cxCommandOutput: CxCommandOutput = await auth.scanVorpal("tsc/tests/data/python-vul-file.py");
+        console.log("Json object from scanVorpal successful case: " + JSON.stringify(cxCommandOutput));
+        const scanObject = cxCommandOutput.payload.pop();
+        expect(cxCommandOutput.payload).toBeDefined();
+        expect(cxCommandOutput.exitCode).toBe(0);
+        expect(scanObject.status).toEqual(true);
+    });
+
+    it('ScanVorpal Successful case with update version', async () => {
+        const auth = new CxWrapper(cxScanConfig);
+        const cxCommandOutput: CxCommandOutput = await auth.scanVorpal("tsc/tests/data/python-vul-file.py", true);
+        console.log("Json object from scanVorpal successful case with update version: " + JSON.stringify(cxCommandOutput));
+        const scanObject = cxCommandOutput.payload.pop();
+        expect(cxCommandOutput.payload).toBeDefined();
+        expect(cxCommandOutput.exitCode).toBe(0);
+        expect(scanObject.status).toEqual(true);
+        expect(Number.isInteger(scanObject.scanDetails[0].line)).toBe(true);
+        expect(typeof scanObject.scanDetails[0].description).toBe('string');
+    });
+
+});
diff --git a/tsc/tests/data/python-file b/tsc/tests/data/python-file
diff --git a/tsc/tests/data/python-vul-file.py b/tsc/tests/data/python-vul-file.py
