Change npm params to wrap audit params interface.

jfrog · Sep 27, 2023 · 79bff29 · 79bff29
1 parent 5a0d1c7
commit 79bff29
Show file tree

Hide file tree

Showing 6 changed files with 76 additions and 31 deletions.
diff --git a/xray/commands/audit/sca/java/javautils.go b/xray/commands/audit/sca/java/javautils.go
@@ -133,7 +133,7 @@ func hasLoop(idsAdded []string, idToAdd string) bool {
 	return false
 }
 
-func BuildDependencyTree(params *xrayutils.AuditBasicParams, tech coreutils.Technology) ([]*xrayUtils.GraphNode, []string, error) {
+func BuildDependencyTree(params xrayutils.AuditParams, tech coreutils.Technology) ([]*xrayUtils.GraphNode, []string, error) {
 	serverDetails, err := params.ServerDetails()
 	if err != nil {
 		return nil, nil, err

diff --git a/xray/commands/audit/sca/npm/npm.go b/xray/commands/audit/sca/npm/npm.go
@@ -15,7 +15,7 @@ const (
 	ignoreScriptsFlag = "--ignore-scripts"
 )
 
-func BuildDependencyTree(params *utils.AuditBasicParams) (dependencyTrees []*xrayUtils.GraphNode, uniqueDeps []string, err error) {
+func BuildDependencyTree(params utils.AuditParams) (dependencyTrees []*xrayUtils.GraphNode, uniqueDeps []string, err error) {
 	currentDir, err := coreutils.GetWorkingDirectory()
 	if err != nil {
 		return
@@ -50,12 +50,15 @@ func BuildDependencyTree(params *utils.AuditBasicParams) (dependencyTrees []*xra
 	return
 }
 
-func createTreeDepsParam(params *utils.AuditBasicParams) biutils.NpmTreeDepListParam {
-	return biutils.NpmTreeDepListParam{
-		Args:                 addIgnoreScriptsFlag(params.Args()),
-		IgnoreNodeModules:    params.NpmIgnoreNodeModules(),
-		OverWritePackageLock: params.NpmOverwritePackageLock(),
+func createTreeDepsParam(params utils.AuditParams) biutils.NpmTreeDepListParam {
+	npmTreeDepParam := biutils.NpmTreeDepListParam{
+		Args: addIgnoreScriptsFlag(params.Args()),
 	}
+	if npmParams, ok := params.(utils.AuditNpmParams); ok {
+		npmTreeDepParam.IgnoreNodeModules = npmParams.NpmIgnoreNodeModules()
+		npmTreeDepParam.OverWritePackageLock = npmParams.NpmOverwritePackageLock()
+	}
+	return npmTreeDepParam
 }
 
 // Add the --ignore-scripts to prevent execution of npm scripts during npm install.

diff --git a/xray/commands/audit/scarunner.go b/xray/commands/audit/scarunner.go
@@ -133,7 +133,7 @@ func getDirectDependenciesFromTree(dependencyTrees []*xrayCmdUtils.GraphNode) []
 	return directDependencies.ToSlice()
 }
 
-func GetTechDependencyTree(params *xrayutils.AuditBasicParams, tech coreutils.Technology) (flatTree *xrayCmdUtils.GraphNode, fullDependencyTrees []*xrayCmdUtils.GraphNode, err error) {
+func GetTechDependencyTree(params xrayutils.AuditParams, tech coreutils.Technology) (flatTree *xrayCmdUtils.GraphNode, fullDependencyTrees []*xrayCmdUtils.GraphNode, err error) {
 	logMessage := fmt.Sprintf("Calculating %s dependencies", tech.ToFormal())
 	log.Info(logMessage)
 	if params.Progress() != nil {

diff --git a/xray/commands/curation/curationaudit.go b/xray/commands/curation/curationaudit.go
@@ -111,13 +111,13 @@ type CurationAuditCommand struct {
 	workingDirs          []string
 	OriginPath           string
 	parallelRequests     int
-	*utils.AuditBasicParams
+	utils.AuditParams
 }
 
 func NewCurationAuditCommand() *CurationAuditCommand {
 	return &CurationAuditCommand{
 		extractPoliciesRegex: regexp.MustCompile(extractPoliciesRegexTemplate),
-		AuditBasicParams:     &utils.AuditBasicParams{},
+		AuditParams:          &utils.AuditBasicParams{},
 	}
 }
 
@@ -192,8 +192,19 @@ func (ca *CurationAuditCommand) doCurateAudit(results map[string][]*PackageStatu
 	return nil
 }
 
+func (ca *CurationAuditCommand) getAuditParamsByTech(tech coreutils.Technology) utils.AuditParams {
+	switch tech {
+	case coreutils.Npm:
+		return utils.AuditNpmParams{
+			AuditParams: ca.AuditParams}.
+			SetNpmIgnoreNodeModules(true).
+			SetNpmOverwritePackageLock(true)
+	}
+	return ca.AuditParams
+}
+
 func (ca *CurationAuditCommand) auditTree(tech coreutils.Technology, results map[string][]*PackageStatus) error {
-	flattenGraph, fullDependenciesTree, err := audit.GetTechDependencyTree(ca.AuditBasicParams, tech)
+	flattenGraph, fullDependenciesTree, err := audit.GetTechDependencyTree(ca.getAuditParamsByTech(tech), tech)
 	if err != nil {
 		return err
 	}

diff --git a/xray/utils/auditbasicparams.go b/xray/utils/auditbasicparams.go
@@ -5,6 +5,32 @@ import (
 	ioUtils "github.com/jfrog/jfrog-client-go/utils/io"
 )
 
+type AuditParams interface {
+	DirectDependencies() []string
+	AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
+	ServerDetails() (*config.ServerDetails, error)
+	SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
+	PipRequirementsFile() string
+	SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
+	ExcludeTestDependencies() bool
+	SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
+	UseWrapper() bool
+	SetUseWrapper(useWrapper bool) *AuditBasicParams
+	InsecureTls() bool
+	SetInsecureTls(insecureTls bool) *AuditBasicParams
+	Technologies() []string
+	SetTechnologies(technologies []string) *AuditBasicParams
+	Progress() ioUtils.ProgressMgr
+	SetProgress(progress ioUtils.ProgressMgr)
+	Args() []string
+	SetNpmScope(depType string) *AuditBasicParams
+	OutputFormat() OutputFormat
+	DepsRepo() string
+	SetDepsRepo(depsRepo string) *AuditBasicParams
+	IgnoreConfigFile() bool
+	SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
+}
+
 type AuditBasicParams struct {
 	serverDetails                    *config.ServerDetails
 	outputFormat                     OutputFormat
@@ -18,8 +44,6 @@ type AuditBasicParams struct {
 	args                             []string
 	depsRepo                         string
 	ignoreConfigFile                 bool
-	npmIgnoreNodeModules    bool
-	npmOverWritePackageLock bool
 }
 
 func (abp *AuditBasicParams) DirectDependencies() []string {
@@ -62,14 +86,6 @@ func (abp *AuditBasicParams) UseWrapper() bool {
 	return abp.useWrapper
 }
 
-func (abp *AuditBasicParams) NpmIgnoreNodeModules() bool {
-	return abp.npmIgnoreNodeModules
-}
-
-func (abp *AuditBasicParams) NpmOverwritePackageLock() bool {
-	return abp.npmOverWritePackageLock
-}
-
 func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams {
 	abp.useWrapper = useWrapper
 	return abp
@@ -141,13 +157,3 @@ func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBa
 	abp.ignoreConfigFile = ignoreConfigFile
 	return abp
 }
-
-func (abp *AuditBasicParams) SetNpmIgnoreNodeModules(ignoreNpmNodeModules bool) *AuditBasicParams {
-	abp.npmIgnoreNodeModules = ignoreNpmNodeModules
-	return abp
-}
-
-func (abp *AuditBasicParams) SetNpmOverwritePackageLock(overwritePackageLock bool) *AuditBasicParams {
-	abp.npmOverWritePackageLock = overwritePackageLock
-	return abp
-}
diff --git a/xray/utils/packageManagerAuditParams.go b/xray/utils/packageManagerAuditParams.go
@@ -0,0 +1,25 @@
+package utils
+
+type AuditNpmParams struct {
+	AuditParams
+	npmIgnoreNodeModules    bool
+	npmOverWritePackageLock bool
+}
+
+func (abp AuditNpmParams) SetNpmIgnoreNodeModules(ignoreNpmNodeModules bool) AuditNpmParams {
+	abp.npmIgnoreNodeModules = ignoreNpmNodeModules
+	return abp
+}
+
+func (abp AuditNpmParams) SetNpmOverwritePackageLock(overwritePackageLock bool) AuditNpmParams {
+	abp.npmOverWritePackageLock = overwritePackageLock
+	return abp
+}
+
+func (abp AuditNpmParams) NpmIgnoreNodeModules() bool {
+	return abp.npmIgnoreNodeModules
+}
+
+func (abp AuditNpmParams) NpmOverwritePackageLock() bool {
+	return abp.npmOverWritePackageLock
+}