Пример #1
0
def do_login(org: Optional[str] = None,
             login_token: Optional[str] = None) -> Optional[str]:
    # ensure org
    if org is None:
        org = get_default_org()
        if org is None:
            org = PLATFORM_ANALYZER_PREFIX
    if not login_token:
        if click.confirm(
                "Opening web browser to get login token. Do you want to continue?",
                default=True,
        ):
            open_browser_login(org)
        else:
            url = get_authentication_url(org)
            print_msg(f"Visit {url} and enter the token below")
        # prompt for token
        for attempt in range(MAX_RETRIES):
            # validate token
            token = check_valid_token_with_logging(
                org, click.prompt("Please enter the API token",
                                  hide_input=True))
            if token:
                return token
        print_error_exit(
            "Max attempts exceeded. Please contact R2C support for help")
    else:
        return check_valid_token_with_logging(org, login_token)

    return None
Пример #2
0
def is_running_latest() -> bool:
    try:
        latest, force = fetch_latest_version()
        curent = get_version()
        if latest:
            latest_version = Version(latest, partial=True)
            current_version = Version(curent, partial=True)
            if current_version < latest_version:
                if force:
                    print_msg(UPGRADE_WARNING_OUTPUT)
                    print_error_exit(
                        "Something is wrong with your CLI version. You must upgrade to continue"
                    )
                return False
            else:
                return True
        else:
            # fail safe
            logger.info("Unable to get latest cli version from server")
            return True
    except Exception as e:
        # fail safe
        logger.info(
            f"Unexpected error comparing latest and current version: {e}")
        return True
Пример #3
0
def find_and_open_analyzer_manifest(path: str,
                                    ctx: Any = None
                                    ) -> Tuple[AnalyzerManifest, str]:
    """Returns the parsed AnalyzerManifest object and the parent dir of the manifest for the manifest discovered by starting at `path` and ascending up

    """
    try:
        manifest_path, manifest_parent_dir = _find_analyzer_manifest_path(
            path,
            parent_limit=get_manifest_traversal_limit(ctx)
            if ctx else DEFAULT_MANIFEST_TRAVERSAL_LIMIT,
        )
    except ManifestNotFoundError as e:
        log_manifest_not_found()
        raise e

    logger.debug(f"Found analyzer.json at {manifest_path}")

    with open(manifest_path, encoding="utf-8") as f:
        try:
            raw_manifest = f.read()
            logger.debug(f"Contents of analyzer.json:\n{raw_manifest}")
            return (AnalyzerManifest.from_json_str(raw_manifest),
                    manifest_parent_dir)
        except MalformedManifestException as e:
            print_error_exit(
                f"The analyzer.json at {manifest_path} does not conform to the schema: {e}"
            )
            raise e
Пример #4
0
def init(ctx, analyzer_name, org, author_name, author_email, run_on, output_type):
    """
    Creates an example analyzer for analyzing JavaScript/TypeScript.

    You may use any language to write your analysis and run it from `src/analyze.sh`.

    Once you create your analyzer, you can navigate to your analyzer directory
    and run 'r2c' commands inside that directory.

    Type `r2c -—help` to see all of the commands available.
    """
    default_name, default_email = _get_git_author()
    if not analyzer_name:
        analyzer_name = click.prompt(
            "Analyzer name (can only contain lowercase letters, numbers or - and _)",
            default="example",
        )
        if not validate_analyzer_name(analyzer_name):
            analyzer_name = click.prompt(
                "Try again. Analyzer name (can only contain lowercase letters, numbers or - and _)",
                default="example",
            )
            if not validate_analyzer_name(analyzer_name):
                print_error_exit(
                    f"Analyzer name `{analyzer_name}` still does not match. Please rename your analyzer accordingly."
                )
    if not author_name:
        author_name = click.prompt("Author name", default=default_name)
    if not author_email:
        author_email = click.prompt("Author email", default=default_email)
    if not run_on:
        run_on = click.prompt(
            "Will your analyzer produce: \n"
            + "- output for a particular `git` repository\n"
            + "- output for a particular git `commit` in a repo\n"
            + "- the same `constant` output regardless of commit or repo?",
            default="commit",
            type=click.Choice(["git", "commit", "constant"]),
        )
    if not output_type:
        output_type = click.prompt(
            "Does your analyzer output \n"
            + "- a single schema-compliant JSON file \n"
            + "- a full filesystem output?",
            default="json",
            type=click.Choice(["json", "filesystem"]),
        )

    create_template_analyzer(
        org, analyzer_name, author_name, author_email, run_on, output_type
    )
    print_success(f"Done! Your analyzer can be found in the {analyzer_name} directory")
Пример #5
0
def check_docker_is_running() -> Optional[Dict[str, Any]]:
    """Calls `docker info` and throws if it fails. If not, return info as dict"""
    try:
        client = docker.from_env()
        return client.info()
    except APIError:
        # when docker server fails
        print_error_exit(
            "`docker info` failed. Please confirm docker daemon is running in user mode."
        )
        return None
    except Exception:
        # Other stuff this might throw like, permission error
        print_error_exit(
            "`docker info` failed. Please confirm docker is installed and its daemon is running in user mode."
        )
        return None
Пример #6
0
def upload_inputset(ctx, input_set_file, verbose, debug):
    """
    Uploads INPUT_SET_FILE to the r2c analysis platform as a custom input set.
    See http://docs.r2c.dev for how to properly format INPUT_SET_FILE.
    """
    if verbose is True:  # allow passing --verbose to run as well as globally
        set_verbose_flag(ctx, True)
    if debug is True:
        set_debug_flag(ctx, True)
    print_msg(f"Uploading input set defined in `{input_set_file}`...")
    with open(input_set_file) as f:
        try:
            input_set = json.load(f)
        except Exception:
            print_error_exit(
                "Could not parse input set. Make sure it's a proper json file!"
            )
    r = auth_post(f"{get_base_url()}/api/v1/inputs/", input_set)
    handle_request_with_error_message(r)
    print_success("Uploaded new input set successfully")
Пример #7
0
def logout(org=None):
    """Log out of the R2C analysis platform.

    Logging out will remove all authentication tokens.
    If --org is specified, you will only log out of that org.
    """
    try:
        success = True
        success = delete_creds(org) and success
        # remove default org
        if org is None or get_default_org() == org:
            success = delete_default_org() and success
        if success:
            if org:
                print_success(f"logged out of {org}")
            else:
                print_success("logged out of all orgs")
        else:
            print_error_exit("Unexpected error. Please contact us")
    except Exception as e:
        get_logger().exception(e)
        print_error_exit("Unexpected error. Please contact us")
Пример #8
0
def run(
    ctx,
    analyzer_directory,
    analyzer_input,
    output_path,
    quiet,
    analyzer_quiet,
    no_login,
    debug,
    interactive,
    interactive_name,
    reset_cache,
    verbose,
    parameters,
    env_args_string,
):
    """
    Run the analyzer in the current directory over a code directory.

    You may have to log in if your analyzer depends on privately
    published analyzers.
    """

    if verbose is True:  # allow passing --verbose to run as well as globally
        set_verbose_flag(ctx, True)
    if debug is True:
        set_debug_flag(ctx, True)
    print_msg(f"🏃 Starting to run analyzer...")

    interactive_index = -1 if interactive else None
    env_args_dict = parse_remaining(env_args_string)

    parameter_obj = load_params(parameters)

    manifest, analyzer_directory = find_and_open_analyzer_manifest(
        analyzer_directory, ctx)

    registry_data = get_registry_data()

    dependencies = manifest.dependencies
    print_msg("Resolving dependencies")
    logger.debug(f"Parsing and resolving dependencies: {dependencies}")
    if dependencies:
        for analyzer_dep in dependencies:
            dep_name = analyzer_dep.name
            dep_semver_version = analyzer_dep.wildcard_version
            dep_version = registry_data._resolve(
                AnalyzerName(analyzer_dep.name), dep_semver_version)
            if not dep_version:
                if not analyzer_dep.path:
                    print_error_exit(
                        f"Error resolving dependency {dep_name} at version {dep_semver_version}. Check that you're using the right version of this dependency and try again."
                    )
            logger.debug(
                f"Resolved dependency {dep_name}:{dep_semver_version}")

        if not no_login:
            # we need at least one dep and its version to get credentials when the user isn't logged in
            dep_name = dependencies[0].name
            dep_semver_version = dependencies[0].wildcard_version
            dep_version = registry_data._resolve(AnalyzerName(dep_name),
                                                 dep_semver_version)

            artifact_link = (
                f"{get_base_url()}/api/v1/artifacts/{dep_name}/{dep_version}")
            logger.debug(f"Getting credential from {artifact_link}")

            # TODO (ulzii) use proper auth credential once its done
            creds = get_docker_creds(artifact_link)
            if creds is None:
                print_error_exit(
                    "Error getting dependency credentials. Please contact us with the following information: failed to get Docker credentials."
                )
            # docker login
            successful_login = docker_login(creds)
            if not successful_login:
                print_error_exit(
                    "Error validating dependency credentials. Please contact us with the following information: failed to log in to Docker."
                )
    else:
        print_warning(
            "No dependencies found; are dependencies intentionally omitted in analyzer.json? Most analyzers are expected to have 1 or more dependencies (e.g. for taking source code as input)."
        )
    print_msg("🔨 Building docker container")

    abort_on_build_failure(
        build_docker(
            manifest.analyzer_name,
            manifest.version,
            os.path.relpath(analyzer_directory, os.getcwd()),
            env_args_dict=env_args_dict,
            no_cache=reset_cache,
        ))
    try:
        if interactive_index:
            print_msg(
                f"🔎 Inspecting containers interactively by `docker exec` into last analyzer in execution."
            )
        elif interactive_name:
            print_msg(
                f"🔎 Inspecting containers interactively by `docker exec` into analyzer with name containing `{interactive_name}`."
            )
        else:
            print_msg(f"🔎 Running analysis on `{analyzer_input}`")

        logger.info(f"Reset cache: {reset_cache}")
        try:
            run_analyzer_on_local_code(
                registry_data=registry_data,
                manifest=manifest,
                workdir=None,
                analyzer_dir=analyzer_directory,
                code_dir=analyzer_input,
                output_path=output_path,
                show_output_on_stdout=not quiet,
                pass_analyzer_output=not analyzer_quiet,
                no_preserve_workdir=True,
                parameters=parameter_obj,
                env_args_dict=env_args_dict,
                interactive_index=interactive_index,
                interactive_name=interactive_name,
                reset_cache=reset_cache,
            )
        except AnalyzerOutputNotFound as fne:
            print_error_exit(str(fne), err=False)
        except AnalyzerNonZeroExitError as ae:
            print_exception_exit("Analyzer non-zero exit", ae, err=False)
        if output_path:
            path_msg = f"Analysis results in `{output_path}`."
        else:
            path_msg = f"Analysis results printed to `stdout`. unless suppressed explicitly with `-q`"
        print_success(f"Finished analyzing `{analyzer_input}`. {path_msg}")

    except SymlinkNeedsElevationError as sym:
        print_error_exit(
            f"Error setting up local analysis. {sym}. Try again as an admin.")
Пример #9
0
def test(ctx, analyzer_directory, which, cache, env_args_string):
    """
    Locally run tests for the current analyzer.

    You can add integration test files to the `examples/` directory.
    For more information, refer to the integration test section of the README.

    For unittests, you can define how to run your unit tests in `src/unittest.sh`.

    You may have to login if your analyzer depends on privately
    published analyzers.
    """

    verbose = ctx.obj["VERBOSE"]
    env_args_dict = parse_remaining(env_args_string)
    print_msg(
        f"Running integration tests for analyzer {'with debug mode' if ctx.obj['DEBUG'] else ''}"
    )

    manifest, analyzer_directory = find_and_open_analyzer_manifest(
        analyzer_directory, ctx
    )
    check_docker_is_running()
    print_msg("🔨 Building docker container")
    abort_on_build_failure(
        build_docker(
            manifest.analyzer_name,
            manifest.version,
            os.path.relpath(analyzer_directory, os.getcwd()),
            env_args_dict=env_args_dict,
        )
    )
    if which == "unit" or which == "all":
        image_id = VersionedAnalyzer(manifest.analyzer_name, manifest.version).image_id
        status = run_docker_unittest(
            analyzer_directory=analyzer_directory,
            analyzer_name=manifest.analyzer_name,
            docker_image=image_id,
            verbose=verbose,
            env_args_dict=env_args_dict,
        )
        if status == 0:
            print_success(f"Unit tests passed")
        else:
            print_error(f"Unit tests failed with status {status}")
    if which == "integration" or which == "all":
        try:
            passed_all = integration_test(
                manifest=manifest,
                analyzer_directory=analyzer_directory,
                workdir=None,
                verbose=verbose,
                env_args_dict=env_args_dict,
                registry_data=get_registry_data(),
                use_cache=cache,
            )
            if passed_all:
                print_success(f"All integration tests passed")
            else:
                print_error_exit(f"Some integration tests failed", status_code=-1)

        except SymlinkNeedsElevationError as sym:
            print_error(
                f"Error setting up integration tests. {sym}. Try again as an admin"
            )
Пример #10
0
def push(ctx, analyzer_directory, force, squash, env_args_string):
    """
    Push the analyzer in the current directory to the R2C platform.

    You must log in to push analyzers.

    This command will validate your analyzer and privately publish your analyzer
    to your org with the name specified in analyzer.json.

    Your analyzer name must follow {org}/{name}.
    """
    env_args_dict = parse_remaining(env_args_string)

    manifest, analyzer_directory = find_and_open_analyzer_manifest(
        analyzer_directory, ctx
    )
    readme = find_and_open_analyzer_readme(analyzer_directory, ctx)
    analyzer_org = get_org_from_analyzer_name(manifest.analyzer_name)

    overwriting_message = (
        " and forcing overwrite if the analyzer version exists and is pending upload."
    )
    # TODO(ulzii): let's decide which source of truth we're using for analyzer_name above and/or check consistency.
    # can't have both dir name and what's in analyzer.json
    print_msg(
        f"📌 Pushing analyzer in {analyzer_directory}{overwriting_message if force else ''}..."
    )

    default_org = get_default_org()
    if default_org is None:
        print_error_exit(
            f"You are not logged in. Please run `r2c login` to be able to push your analyzer"
        )

    if default_org != analyzer_org:
        if analyzer_org != PLATFORM_ANALYZER_PREFIX:
            print_error_exit(
                f"You're logged in to the common r2c platform. The org specified as the prefix of your analyzer name in `analyzer.json` must be `{PLATFORM_ANALYZER_PREFIX}`. "
                + f"Replace `{analyzer_org}` with `{PLATFORM_ANALYZER_PREFIX}` and try again."
                + "Please ask for help from r2c support"
            )
    try:
        # upload analyzer.json
        artifact_link = _upload_analyzer_manifest(manifest, force, readme)
    except Exception as e:
        print_exception_exit("There was an error uploading your analyzer", e)
    if artifact_link is None:
        print_error_exit(
            "There was an error uploading your analyzer. Please ask for help from R2C support"
        )
    get_logger().info(f"using artifact link: {artifact_link}")
    # get docker login creds
    creds = get_docker_creds(artifact_link)
    if creds is None:
        print_error_exit(
            "There was an error getting Docker credentials. Please ask for help from R2C support"
        )
    else:
        print_success_step("Successfully fetched credentials.")

    # docker login
    successful_login = docker_login(creds)
    if not successful_login:
        print_error_exit(
            "There was an error logging into Docker. Please ask for help from R2C support"
        )
    else:
        print_success_step("Successfully logged in to docker.")

    print_msg("🔨 Building docker container")
    # docker build and tag
    abort_on_build_failure(
        build_docker(
            manifest.analyzer_name,
            manifest.version,
            os.path.relpath(analyzer_directory, os.getcwd()),
            env_args_dict=env_args_dict,
            squash=squash,
        )
    )
    # docker push
    image_id = VersionedAnalyzer(manifest.analyzer_name, manifest.version).image_id
    print_msg(f"Pushing docker container to `{analyzer_org}`")
    successful_push = _docker_push(image_id)
    if not successful_push:
        print_error_exit(
            "There was an error pushing the Docker image. Please ask for help from R2C support"
        )
    else:
        print_success_step("Successfully pushed to R2C.")
    # mark uploaded with API
    # TODO figure out how to determine org from analyzer.json
    try:
        uploaded_url = f"{get_base_url()}/api/v1/analyzers/{manifest.analyzer_name}/{manifest.version}/uploaded"
        r = auth_put(uploaded_url)
        data = handle_request_with_error_message(r)
        if data.get("status") == "uploaded":
            web_url = data["links"]["web_url"]
            # display status to user and give link to view in web UI
            print_success(
                f"Upload finished successfully for analyzer! Visit: {web_url}"
            )
        else:
            print_error_exit("Error confirming analyzer was successfully uploaded.")
    except Exception as e:
        print_exception_exit("Error confirming analyzer was successfully uploaded", e)