def init(ctx, analyzer_name, org, author_name, author_email, run_on, output_type):
"""
Creates an example analyzer for analyzing JavaScript/TypeScript.
You may use any language to write your analysis and run it from `src/analyze.sh`.
Once you create your analyzer, you can navigate to your analyzer directory
and run 'r2c' commands inside that directory.
Type `r2c -—help` to see all of the commands available.
"""
default_name, default_email = _get_git_author()
if not analyzer_name:
analyzer_name = click.prompt(
"Analyzer name (can only contain lowercase letters, numbers or - and _)",
default="example",
)
if not validate_analyzer_name(analyzer_name):
analyzer_name = click.prompt(
"Try again. Analyzer name (can only contain lowercase letters, numbers or - and _)",
default="example",
)
if not validate_analyzer_name(analyzer_name):
print_error_exit(
f"Analyzer name `{analyzer_name}` still does not match. Please rename your analyzer accordingly."
)
if not author_name:
author_name = click.prompt("Author name", default=default_name)
if not author_email:
author_email = click.prompt("Author email", default=default_email)
if not run_on:
run_on = click.prompt(
"Will your analyzer produce: \n"
+ "- output for a particular `git` repository\n"
+ "- output for a particular git `commit` in a repo\n"
+ "- the same `constant` output regardless of commit or repo?",
default="commit",
type=click.Choice(["git", "commit", "constant"]),
)
if not output_type:
output_type = click.prompt(
"Does your analyzer output \n"
+ "- a single schema-compliant JSON file \n"
+ "- a full filesystem output?",
default="json",
type=click.Choice(["json", "filesystem"]),
)
create_template_analyzer(
org, analyzer_name, author_name, author_email, run_on, output_type
)
print_success(f"Done! Your analyzer can be found in the {analyzer_name} directory")
def check_valid_token_with_logging(org: str, token: str) -> Optional[str]:
valid_token = validate_token(org, token)
if valid_token:
# save to ~/.r2c
save_config_creds(org, token)
if org == PLATFORM_ANALYZER_PREFIX:
print_success(f"You are now logged in to the r2c platform 🎉")
else:
print_success(f"You are now logged in to: {org} 🎉")
return token
else:
print_error(
"Couldn't log you in with that token. Please check your input and try again"
)
return None
def upload_inputset(ctx, input_set_file, verbose, debug):
"""
Uploads INPUT_SET_FILE to the r2c analysis platform as a custom input set.
See http://docs.r2c.dev for how to properly format INPUT_SET_FILE.
"""
if verbose is True: # allow passing --verbose to run as well as globally
set_verbose_flag(ctx, True)
if debug is True:
set_debug_flag(ctx, True)
print_msg(f"Uploading input set defined in `{input_set_file}`...")
with open(input_set_file) as f:
try:
input_set = json.load(f)
except Exception:
print_error_exit(
"Could not parse input set. Make sure it's a proper json file!"
)
r = auth_post(f"{get_base_url()}/api/v1/inputs/", input_set)
handle_request_with_error_message(r)
print_success("Uploaded new input set successfully")
def logout(org=None):
"""Log out of the R2C analysis platform.
Logging out will remove all authentication tokens.
If --org is specified, you will only log out of that org.
"""
try:
success = True
success = delete_creds(org) and success
# remove default org
if org is None or get_default_org() == org:
success = delete_default_org() and success
if success:
if org:
print_success(f"logged out of {org}")
else:
print_success("logged out of all orgs")
else:
print_error_exit("Unexpected error. Please contact us")
except Exception as e:
get_logger().exception(e)
print_error_exit("Unexpected error. Please contact us")
def run(
ctx,
analyzer_directory,
analyzer_input,
output_path,
quiet,
analyzer_quiet,
no_login,
debug,
interactive,
interactive_name,
reset_cache,
verbose,
parameters,
env_args_string,
):
"""
Run the analyzer in the current directory over a code directory.
You may have to log in if your analyzer depends on privately
published analyzers.
"""
if verbose is True: # allow passing --verbose to run as well as globally
set_verbose_flag(ctx, True)
if debug is True:
set_debug_flag(ctx, True)
print_msg(f"🏃 Starting to run analyzer...")
interactive_index = -1 if interactive else None
env_args_dict = parse_remaining(env_args_string)
parameter_obj = load_params(parameters)
manifest, analyzer_directory = find_and_open_analyzer_manifest(
analyzer_directory, ctx)
registry_data = get_registry_data()
dependencies = manifest.dependencies
print_msg("Resolving dependencies")
logger.debug(f"Parsing and resolving dependencies: {dependencies}")
if dependencies:
for analyzer_dep in dependencies:
dep_name = analyzer_dep.name
dep_semver_version = analyzer_dep.wildcard_version
dep_version = registry_data._resolve(
AnalyzerName(analyzer_dep.name), dep_semver_version)
if not dep_version:
if not analyzer_dep.path:
print_error_exit(
f"Error resolving dependency {dep_name} at version {dep_semver_version}. Check that you're using the right version of this dependency and try again."
)
logger.debug(
f"Resolved dependency {dep_name}:{dep_semver_version}")
if not no_login:
# we need at least one dep and its version to get credentials when the user isn't logged in
dep_name = dependencies[0].name
dep_semver_version = dependencies[0].wildcard_version
dep_version = registry_data._resolve(AnalyzerName(dep_name),
dep_semver_version)
artifact_link = (
f"{get_base_url()}/api/v1/artifacts/{dep_name}/{dep_version}")
logger.debug(f"Getting credential from {artifact_link}")
# TODO (ulzii) use proper auth credential once its done
creds = get_docker_creds(artifact_link)
if creds is None:
print_error_exit(
"Error getting dependency credentials. Please contact us with the following information: failed to get Docker credentials."
)
# docker login
successful_login = docker_login(creds)
if not successful_login:
print_error_exit(
"Error validating dependency credentials. Please contact us with the following information: failed to log in to Docker."
)
else:
print_warning(
"No dependencies found; are dependencies intentionally omitted in analyzer.json? Most analyzers are expected to have 1 or more dependencies (e.g. for taking source code as input)."
)
print_msg("🔨 Building docker container")
abort_on_build_failure(
build_docker(
manifest.analyzer_name,
manifest.version,
os.path.relpath(analyzer_directory, os.getcwd()),
env_args_dict=env_args_dict,
no_cache=reset_cache,
))
try:
if interactive_index:
print_msg(
f"🔎 Inspecting containers interactively by `docker exec` into last analyzer in execution."
)
elif interactive_name:
print_msg(
f"🔎 Inspecting containers interactively by `docker exec` into analyzer with name containing `{interactive_name}`."
)
else:
print_msg(f"🔎 Running analysis on `{analyzer_input}`")
logger.info(f"Reset cache: {reset_cache}")
try:
run_analyzer_on_local_code(
registry_data=registry_data,
manifest=manifest,
workdir=None,
analyzer_dir=analyzer_directory,
code_dir=analyzer_input,
output_path=output_path,
show_output_on_stdout=not quiet,
pass_analyzer_output=not analyzer_quiet,
no_preserve_workdir=True,
parameters=parameter_obj,
env_args_dict=env_args_dict,
interactive_index=interactive_index,
interactive_name=interactive_name,
reset_cache=reset_cache,
)
except AnalyzerOutputNotFound as fne:
print_error_exit(str(fne), err=False)
except AnalyzerNonZeroExitError as ae:
print_exception_exit("Analyzer non-zero exit", ae, err=False)
if output_path:
path_msg = f"Analysis results in `{output_path}`."
else:
path_msg = f"Analysis results printed to `stdout`. unless suppressed explicitly with `-q`"
print_success(f"Finished analyzing `{analyzer_input}`. {path_msg}")
except SymlinkNeedsElevationError as sym:
print_error_exit(
f"Error setting up local analysis. {sym}. Try again as an admin.")
def test(ctx, analyzer_directory, which, cache, env_args_string):
"""
Locally run tests for the current analyzer.
You can add integration test files to the `examples/` directory.
For more information, refer to the integration test section of the README.
For unittests, you can define how to run your unit tests in `src/unittest.sh`.
You may have to login if your analyzer depends on privately
published analyzers.
"""
verbose = ctx.obj["VERBOSE"]
env_args_dict = parse_remaining(env_args_string)
print_msg(
f"Running integration tests for analyzer {'with debug mode' if ctx.obj['DEBUG'] else ''}"
)
manifest, analyzer_directory = find_and_open_analyzer_manifest(
analyzer_directory, ctx
)
check_docker_is_running()
print_msg("🔨 Building docker container")
abort_on_build_failure(
build_docker(
manifest.analyzer_name,
manifest.version,
os.path.relpath(analyzer_directory, os.getcwd()),
env_args_dict=env_args_dict,
)
)
if which == "unit" or which == "all":
image_id = VersionedAnalyzer(manifest.analyzer_name, manifest.version).image_id
status = run_docker_unittest(
analyzer_directory=analyzer_directory,
analyzer_name=manifest.analyzer_name,
docker_image=image_id,
verbose=verbose,
env_args_dict=env_args_dict,
)
if status == 0:
print_success(f"Unit tests passed")
else:
print_error(f"Unit tests failed with status {status}")
if which == "integration" or which == "all":
try:
passed_all = integration_test(
manifest=manifest,
analyzer_directory=analyzer_directory,
workdir=None,
verbose=verbose,
env_args_dict=env_args_dict,
registry_data=get_registry_data(),
use_cache=cache,
)
if passed_all:
print_success(f"All integration tests passed")
else:
print_error_exit(f"Some integration tests failed", status_code=-1)
except SymlinkNeedsElevationError as sym:
print_error(
f"Error setting up integration tests. {sym}. Try again as an admin"
)
def push(ctx, analyzer_directory, force, squash, env_args_string):
"""
Push the analyzer in the current directory to the R2C platform.
You must log in to push analyzers.
This command will validate your analyzer and privately publish your analyzer
to your org with the name specified in analyzer.json.
Your analyzer name must follow {org}/{name}.
"""
env_args_dict = parse_remaining(env_args_string)
manifest, analyzer_directory = find_and_open_analyzer_manifest(
analyzer_directory, ctx
)
readme = find_and_open_analyzer_readme(analyzer_directory, ctx)
analyzer_org = get_org_from_analyzer_name(manifest.analyzer_name)
overwriting_message = (
" and forcing overwrite if the analyzer version exists and is pending upload."
)
# TODO(ulzii): let's decide which source of truth we're using for analyzer_name above and/or check consistency.
# can't have both dir name and what's in analyzer.json
print_msg(
f"📌 Pushing analyzer in {analyzer_directory}{overwriting_message if force else ''}..."
)
default_org = get_default_org()
if default_org is None:
print_error_exit(
f"You are not logged in. Please run `r2c login` to be able to push your analyzer"
)
if default_org != analyzer_org:
if analyzer_org != PLATFORM_ANALYZER_PREFIX:
print_error_exit(
f"You're logged in to the common r2c platform. The org specified as the prefix of your analyzer name in `analyzer.json` must be `{PLATFORM_ANALYZER_PREFIX}`. "
+ f"Replace `{analyzer_org}` with `{PLATFORM_ANALYZER_PREFIX}` and try again."
+ "Please ask for help from r2c support"
)
try:
# upload analyzer.json
artifact_link = _upload_analyzer_manifest(manifest, force, readme)
except Exception as e:
print_exception_exit("There was an error uploading your analyzer", e)
if artifact_link is None:
print_error_exit(
"There was an error uploading your analyzer. Please ask for help from R2C support"
)
get_logger().info(f"using artifact link: {artifact_link}")
# get docker login creds
creds = get_docker_creds(artifact_link)
if creds is None:
print_error_exit(
"There was an error getting Docker credentials. Please ask for help from R2C support"
)
else:
print_success_step("Successfully fetched credentials.")
# docker login
successful_login = docker_login(creds)
if not successful_login:
print_error_exit(
"There was an error logging into Docker. Please ask for help from R2C support"
)
else:
print_success_step("Successfully logged in to docker.")
print_msg("🔨 Building docker container")
# docker build and tag
abort_on_build_failure(
build_docker(
manifest.analyzer_name,
manifest.version,
os.path.relpath(analyzer_directory, os.getcwd()),
env_args_dict=env_args_dict,
squash=squash,
)
)
# docker push
image_id = VersionedAnalyzer(manifest.analyzer_name, manifest.version).image_id
print_msg(f"Pushing docker container to `{analyzer_org}`")
successful_push = _docker_push(image_id)
if not successful_push:
print_error_exit(
"There was an error pushing the Docker image. Please ask for help from R2C support"
)
else:
print_success_step("Successfully pushed to R2C.")
# mark uploaded with API
# TODO figure out how to determine org from analyzer.json
try:
uploaded_url = f"{get_base_url()}/api/v1/analyzers/{manifest.analyzer_name}/{manifest.version}/uploaded"
r = auth_put(uploaded_url)
data = handle_request_with_error_message(r)
if data.get("status") == "uploaded":
web_url = data["links"]["web_url"]
# display status to user and give link to view in web UI
print_success(
f"Upload finished successfully for analyzer! Visit: {web_url}"
)
else:
print_error_exit("Error confirming analyzer was successfully uploaded.")
except Exception as e:
print_exception_exit("Error confirming analyzer was successfully uploaded", e)
