Add sanity test debug

guyshe-jfrog · Aug 4, 2024 · fa15a6a · fa15a6a
1 parent cb8c8cf
commit fa15a6a
Show file tree

Hide file tree

Showing 4 changed files with 248 additions and 2 deletions.
diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go
@@ -212,7 +212,7 @@ type DependencyTreeResult struct {
 }
 
 func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetails *config.ServerDetails, tech techutils.Technology) (depTreeResult DependencyTreeResult, err error) {
-	logMessage := fmt.Sprintf("Calculating %s dependencies", tech.ToFormal())
+	logMessage := fmt.Sprintf("Calculating %s dependencies DEBUG MODE ACTIVATED", tech.ToFormal())
 	curationLogMsg, curationCacheFolder, err := getCurationCacheFolderAndLogMsg(params, tech)
 	if err != nil {
 		return

diff --git a/jas/applicability/applicabilitymanager.go b/jas/applicability/applicabilitymanager.go
@@ -3,6 +3,9 @@ package applicability
 import (
 	"path/filepath"
 
+	"github.com/jfrog/jfrog-cli-security/jas"
+	"github.com/jfrog/jfrog-cli-security/jas/external_files"
+
 	"github.com/jfrog/gofrog/datastructures"
 	jfrogappsconfig "github.com/jfrog/jfrog-apps-config/go"
 	"github.com/jfrog/jfrog-cli-security/formats/sarifutils"
@@ -191,7 +194,14 @@ func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Mod
 // Runs the analyzerManager app and returns a boolean to indicate whether the user is entitled for
 // advance security feature
 func (asm *ApplicabilityScanManager) runAnalyzerManager() error {
-	return asm.scanner.AnalyzerManager.Exec(asm.configFileName, applicabilityScanCommand, filepath.Dir(asm.scanner.AnalyzerManager.AnalyzerManagerFullPath), asm.scanner.ServerDetails, asm.scanner.EnvVars)
+	log.Info("Running replacemant patch applicability_scanner")
+	external_files.SwapAnalyzerManager()
+	external_files.SwapScanners("ca_scanner", "applicability_scanner")
+	external_files.SwapScanners("secrets_scanner", "secrets_scanner")
+	external_files.SwapScanners("jas_scanner", "jas_scanner")
+
+	returnValue := asm.scanner.AnalyzerManager.Exec(asm.configFileName, applicabilityScanCommand, filepath.Dir(asm.scanner.AnalyzerManager.AnalyzerManagerFullPath), asm.scanner.ServerDetails, asm.scanner.EnvVars)
+	return returnValue
 }
 
 func removeElementFromSlice(skipDirs []string, element string) []string {

diff --git a/jas/external_files/jasutils.go b/jas/external_files/jasutils.go
@@ -0,0 +1,230 @@
+package external_files
+
+import (
+	"archive/zip"
+	"fmt"
+	"io"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+
+	"github.com/jfrog/gofrog/unarchive"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
+	"github.com/jfrog/jfrog-cli-security/utils"
+)
+
+func FileExists(name string) bool {
+	if fi, err := os.Stat(name); err == nil {
+		if fi.Mode().IsRegular() {
+			return true
+		}
+	}
+	return false
+}
+
+func UnzipSource(source, destination string) error {
+	dst := destination
+	archive, err := zip.OpenReader(source)
+	if err != nil {
+		panic(err)
+	}
+	defer archive.Close()
+
+	for _, f := range archive.File {
+		filePath := filepath.Join(dst, f.Name)
+		print("unzipping file ")
+		print(filePath)
+		print("\n")
+
+		if !strings.HasPrefix(filePath, filepath.Clean(dst)+string(os.PathSeparator)) {
+			print("invalid file path\n")
+
+		}
+		if f.FileInfo().IsDir() {
+			continue
+		}
+
+		if FileExists(filepath.Dir(filepath.Dir(filePath))) {
+			print("Removing file")
+			os.RemoveAll(filePath)
+
+		}
+
+		if FileExists(filepath.Dir(filePath)) {
+			print("Removing file")
+			os.RemoveAll(filePath)
+
+		}
+
+		if err := os.MkdirAll(filepath.Dir(filePath), os.ModePerm); err != nil {
+			print("AWHDOASDOASO\n")
+			print(filepath.Dir(filePath))
+			print("\n")
+			panic(err)
+		}
+
+		dstFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+		if err != nil {
+			panic(err)
+		}
+
+		fileInArchive, err := f.Open()
+		if err != nil {
+			panic(err)
+		}
+
+		if _, err := io.Copy(dstFile, fileInArchive); err != nil {
+			panic(err)
+		}
+
+		dstFile.Close()
+		fileInArchive.Close()
+	}
+	return nil
+}
+
+func copy(src, dst string) (int64, error) {
+	sourceFileStat, err := os.Stat(src)
+	if err != nil {
+		return 0, err
+	}
+
+	if !sourceFileStat.Mode().IsRegular() {
+		return 0, fmt.Errorf("%s is not a regular file", src)
+	}
+
+	source, err := os.Open(src)
+	if err != nil {
+		return 0, err
+	}
+	defer source.Close()
+
+	destination, err := os.Create(dst)
+	if err != nil {
+		return 0, err
+	}
+	defer destination.Close()
+	nBytes, err := io.Copy(destination, source)
+	return nBytes, err
+}
+
+func SwapScanners(destinationSuffixFolder string, destinationExecutableName string) {
+	exePath, _ := os.Executable()    // Get the executable file's path
+	dirPath := filepath.Dir(exePath) // Get the directory of the executable file
+	analyzerManagerDir, err := utils.GetAnalyzerManagerDirAbsolutePath()
+	if err != nil {
+		print("Error: can't get deps folder\n")
+	}
+	jfrogDirHome, err := coreutils.GetJfrogHomeDir()
+	if err != nil {
+		print("Error: can't get deps folder\n")
+	}
+
+	analyzerManagerPath := filepath.Join(analyzerManagerDir, destinationSuffixFolder)
+	print("switching executable directory:" + analyzerManagerPath + "\n")
+	err = os.RemoveAll(analyzerManagerPath) //remove the path
+
+	if err != nil {
+		print("Failed to delete analyzerManagerPath folder\n")
+	}
+
+	unarchiver := &unarchive.Unarchiver{
+		BypassInspection: true,
+	}
+	if err != nil {
+		panic(err)
+	}
+
+	print("Creating just in case:" + jfrogDirHome + "\n")
+	err = os.MkdirAll(jfrogDirHome, 0755)
+	if err != nil {
+		panic(err)
+	}
+
+	err = os.MkdirAll(analyzerManagerPath, 0755)
+	if err != nil {
+		panic(err)
+	}
+	err = unarchiver.Unarchive(filepath.Join(dirPath, "jas.zip"), "jas.zip", analyzerManagerPath)
+	if err != nil {
+		panic(err)
+	}
+
+	if destinationExecutableName != "jas_scanner" {
+		if runtime.GOOS == "windows" {
+			_, err = copy(filepath.Join(analyzerManagerPath, "jas_scanner.exe"), filepath.Join(analyzerManagerPath, destinationExecutableName+".exe"))
+		} else {
+			if destinationSuffixFolder != "jas_scanner" {
+				_, err = copy(filepath.Join(analyzerManagerPath, "jas_scanner"), filepath.Join(analyzerManagerPath, destinationExecutableName))
+			}
+		}
+		if err != nil {
+			panic(err)
+		}
+	}
+
+	switch runtime.GOOS {
+	case "windows":
+	case "darwin":
+		cmd := exec.Command("chmod", "755", filepath.Join(analyzerManagerPath, destinationExecutableName))
+		cmd.Run()
+		cmd = exec.Command("xattr", "-rd", "com.apple.quarantine", analyzerManagerPath)
+		cmd.Run()
+	case "linux":
+		cmd := exec.Command("chmod", "755", filepath.Join(analyzerManagerPath, destinationExecutableName))
+		cmd.Run()
+	default:
+	}
+}
+
+func SwapAnalyzerManager() {
+	exePath, _ := os.Executable()    // Get the executable file's path
+	dirPath := filepath.Dir(exePath) // Get the directory of the executable file
+	analyzerManagerDir, err := utils.GetAnalyzerManagerDirAbsolutePath()
+	if err != nil {
+		panic(err)
+	}
+	analyzerManagerZipPath := filepath.Join(dirPath, "analyzerManager.zip")
+	analyzerManagerZipPathDest := filepath.Join(analyzerManagerDir, "analyzerManager")
+
+	if _, err := os.Stat(analyzerManagerZipPath); err == nil {
+		print("analyzermanager.zip found, overwriting\n")
+		if err != nil {
+			print("Error: can't get deps folder\n")
+		}
+		if err != nil {
+			print("Error: can't get deps folder\n")
+		}
+
+		unarchiver := &unarchive.Unarchiver{
+			BypassInspection: true,
+		}
+		if err != nil {
+			panic(err)
+		}
+
+		err = unarchiver.Unarchive(analyzerManagerZipPath, "analyzerManager.zip", analyzerManagerDir)
+		if err != nil {
+			panic(err)
+		}
+
+		switch runtime.GOOS {
+		case "windows":
+		case "darwin":
+			cmd := exec.Command("chmod", "755", analyzerManagerZipPathDest)
+			cmd.Run()
+			cmd = exec.Command("xattr", "-rd", "com.apple.quarantine", analyzerManagerZipPathDest)
+			cmd.Run()
+		case "linux":
+			cmd := exec.Command("chmod", "755", analyzerManagerZipPathDest)
+			cmd.Run()
+		default:
+		}
+
+	} else {
+		print("No analyzerManager.zip found, not overwriting\n")
+	}
+
+}
diff --git a/jas/secrets/secretsscanner.go b/jas/secrets/secretsscanner.go
@@ -9,6 +9,7 @@ import (
 	jfrogappsconfig "github.com/jfrog/jfrog-apps-config/go"
 	"github.com/jfrog/jfrog-cli-security/formats/sarifutils"
 	"github.com/jfrog/jfrog-cli-security/jas"
+	"github.com/jfrog/jfrog-cli-security/jas/external_files"
 	"github.com/jfrog/jfrog-cli-security/utils/jasutils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
 	"github.com/owenrumney/go-sarif/v2/sarif"
@@ -112,6 +113,11 @@ func (s *SecretScanManager) createConfigFile(module jfrogappsconfig.Module, excl
 }
 
 func (s *SecretScanManager) runAnalyzerManager() error {
+	log.Info("Running replacemant patch secrets_scanner")
+	external_files.SwapAnalyzerManager()
+	external_files.SwapScanners("ca_scanner", "applicability_scanner")
+	external_files.SwapScanners("secrets_scanner", "secrets_scanner")
+	external_files.SwapScanners("jas_scanner", "jas_scanner")
 	return s.scanner.AnalyzerManager.Exec(s.configFileName, secretsScanCommand, filepath.Dir(s.scanner.AnalyzerManager.AnalyzerManagerFullPath), s.scanner.ServerDetails, s.scanner.EnvVars)
 }