CLI | Add Vorpal Engine Logic (AST-38523) (#767)

* add vorpal engine logic

* add vorpal engine logic

* fix linter errors and integration test compilation

* fix linter errors and integration test compilation

* fix integration test compilation

* fix linter

* fix unit tests and added mock vorpal wrapper

* fix integration tests compilation

* fix integration tests compilation

* fix integration tests compilation

* fix unit test

* fix unit test

* fix unit test

* change vorpalWrapper initialization logic to handle edge cases

* change vorpalWrapper initialization logic to handle edge cases

* change vorpalWrapper initialization logic to handle edge cases

* added different process configuration to mac-linux and windows

* added unit tests

* add testify to depguard

* fix unit tests

* added integration tests

* extract method of vorpal installation logic

* added integration tests

* added integration tests

* fix unit tests

* fix unit tests

* fix tests and move ConfigureIndependentProcess functionality to osinstaller

* fix tests and move and resolve conversations

* added packageEnforcementEnabled FF check in IsAllowedEngine func

* added packageEnforcementEnabled FF check in IsAllowedEngine func

* chenge jwtMock

* resolve conversations

* resolve conversations

* resolve linter

* resolve linter

* resolve linter

* resolve linter

* resolve conversation

* add integration test license check

* add test

* add test

* fix test

* increase time initializing vorpal service

* fix vorpal installation condition

* add integration test

* increase timeout for waiting for server to 5 seconds

* Added serving field to avoid unnecessary health check calls

* resolve conversations

* add imports

* resolve conversations

* resolve conversations

* revert omitempty in scanDetails

* revert omitempty in scanDetails

* update osinstaller

---------

Co-authored-by: AlvoBen <alvo@post.bgu.ac.il>

.golangci.yml

@@ -13,6 +13,8 @@ linters-settings:
           - github.com/pkg/errors
           - github.com/google
           - github.com/MakeNowJust/heredoc
+          - github.com/jsumners/go-getport
+          - github.com/stretchr/testify/assert
   dupl:
     threshold: 500
   funlen:

go.mod

@@ -10,6 +10,7 @@ require (
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/google/uuid v1.6.0
 	github.com/gookit/color v1.5.4
+	github.com/jsumners/go-getport v1.0.0
 	github.com/mssola/user_agent v0.6.0
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.8.0

go.sum

@@ -27,6 +27,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/jsumners/go-getport v1.0.0 h1:d11eDaP25dKKoJRAFeBrchCayceft735pDSTFCEdkb4=
+github.com/jsumners/go-getport v1.0.0/go.mod h1:KpeJgwNSkpuXuoGhJ2Hgl5QJqWbLG1m0jY2rQsYUTIE=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=

internal/commands/scan.go

@@ -21,6 +21,7 @@ import (
 	"github.com/checkmarx/ast-cli/internal/commands/scarealtime"
 	"github.com/checkmarx/ast-cli/internal/commands/util"
 	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
+	"github.com/checkmarx/ast-cli/internal/commands/vorpal"
 	"github.com/checkmarx/ast-cli/internal/constants"
 	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
 	exitCodes "github.com/checkmarx/ast-cli/internal/constants/exit-codes"
@@ -176,7 +177,7 @@ func NewScanCommand(
 
 	showScanCmd := scanShowSubCommand(scansWrapper)
 
-	scanVorpalCmd := scanVorpalSubCommand()
+	scanVorpalCmd := scanVorpalSubCommand(jwtWrapper, featureFlagsWrapper)
 
 	workflowScanCmd := scanWorkflowSubCommand(scansWrapper)
 
@@ -389,7 +390,7 @@ func scanShowSubCommand(scansWrapper wrappers.ScansWrapper) *cobra.Command {
 	return showScanCmd
 }
 
-func scanVorpalSubCommand() *cobra.Command {
+func scanVorpalSubCommand(jwtWrapper wrappers.JWTWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper) *cobra.Command {
 	scanVorpalCmd := &cobra.Command{
 		Hidden: true,
 		Use:    "vorpal",
@@ -407,7 +408,7 @@ func scanVorpalSubCommand() *cobra.Command {
 			`,
 			),
 		},
-		RunE: runScanVorpalCommand(),
+		RunE: vorpal.RunScanVorpalCommand(jwtWrapper, featureFlagsWrapper),
 	}
 
 	scanVorpalCmd.PersistentFlags().Bool(commonParams.VorpalLatestVersion, false,

internal/commands/vorpal/vorpal-engine.go

@@ -0,0 +1,42 @@
+package vorpal
+
+import (
+	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
+	commonParams "github.com/checkmarx/ast-cli/internal/params"
+	"github.com/checkmarx/ast-cli/internal/services"
+	"github.com/checkmarx/ast-cli/internal/wrappers"
+	"github.com/checkmarx/ast-cli/internal/wrappers/grpcs"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+)
+
+func RunScanVorpalCommand(jwtWrapper wrappers.JWTWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper) func(cmd *cobra.Command, args []string) error {
+	return func(cmd *cobra.Command, args []string) error {
+		vorpalLatestVersion, _ := cmd.Flags().GetBool(commonParams.VorpalLatestVersion)
+		fileSourceFlag, _ := cmd.Flags().GetString(commonParams.SourcesFlag)
+		agent, _ := cmd.Flags().GetString(commonParams.AgentFlag)
+		var port = viper.GetInt(commonParams.VorpalPortKey)
+		vorpalWrapper := grpcs.NewVorpalGrpcWrapper(port)
+		vorpalParams := services.VorpalScanParams{
+			FilePath:            fileSourceFlag,
+			VorpalUpdateVersion: vorpalLatestVersion,
+			IsDefaultAgent:      agent == commonParams.DefaultAgent,
+		}
+		wrapperParams := services.VorpalWrappersParam{
+			JwtWrapper:          jwtWrapper,
+			FeatureFlagsWrapper: featureFlagsWrapper,
+			VorpalWrapper:       vorpalWrapper,
+		}
+		scanResult, err := services.CreateVorpalScanRequest(vorpalParams, wrapperParams)
+		if err != nil {
+			return err
+		}
+
+		err = printer.Print(cmd.OutOrStdout(), scanResult, printer.FormatJSON)
+		if err != nil {
+			return err
+		}
+
+		return nil
+	}
+}

internal/commands/vorpal-engine_test.go → internal/commands/vorpal/vorpal-engine_test.go

@@ -1,12 +1,14 @@
-package commands
+package vorpal
 
 import (
 	"reflect"
 	"testing"
 
 	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
-	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
 	commonParams "github.com/checkmarx/ast-cli/internal/params"
+	"github.com/checkmarx/ast-cli/internal/services"
+	"github.com/checkmarx/ast-cli/internal/wrappers/grpcs"
+	"github.com/checkmarx/ast-cli/internal/wrappers/mock"
 	"github.com/spf13/cobra"
 )
 
@@ -18,7 +20,7 @@ func Test_ExecuteVorpalScan(t *testing.T) {
 	tests := []struct {
 		name       string
 		args       args
-		want       *ScanResult
+		want       *grpcs.ScanResult
 		wantErr    bool
 		wantErrMsg string
 	}{
@@ -28,54 +30,53 @@ func Test_ExecuteVorpalScan(t *testing.T) {
 				fileSourceFlag:      "",
 				vorpalUpdateVersion: true,
 			},
-			want:    nil,
-			wantErr: false,
-		},
-		{
-			name: "Test path to file without extension",
-			args: args{
-				fileSourceFlag:      "data/python-vul-file",
-				vorpalUpdateVersion: false,
+			want: &grpcs.ScanResult{
+				Message: services.FilePathNotProvided,
 			},
-			want:       nil,
-			wantErr:    true,
-			wantErrMsg: errorConstants.FileExtensionIsRequired,
+			wantErr: false,
 		},
 		{
 			name: "Test with valid flags. vorpalUpdateVersion set to true",
 			args: args{
-				fileSourceFlag:      "data/python-vul-file.py",
+				fileSourceFlag:      "../data/python-vul-file.py",
 				vorpalUpdateVersion: true,
 			},
-			//TODO: update mocks when there's a real engine
-			want:    ReturnSuccessfulResponseMock(),
+			want:    mock.ReturnSuccessfulResponseMock(),
 			wantErr: false,
 		},
 		{
 			name: "Test with valid flags. vorpalUpdateVersion set to false",
 			args: args{
-				fileSourceFlag:      "data/python-vul-file.py",
+				fileSourceFlag:      "../data/python-vul-file.py",
 				vorpalUpdateVersion: false,
 			},
-			//TODO: update mocks when there's a real engine
-			want:    ReturnFailureResponseMock(),
+			want:    mock.ReturnSuccessfulResponseMock(),
 			wantErr: false,
 		},
 		{
-			name: "Test with valid flags and no vulnerabilities in file",
+			name: "Test with valid flags. vorpal scan failed",
 			args: args{
-				fileSourceFlag:      "data/csharp-no-vul.cs",
+				fileSourceFlag:      "../data/csharp-no-vul.cs",
 				vorpalUpdateVersion: false,
 			},
-			//TODO: update mocks when there's a real engine
-			want:    ReturnFailureResponseMock(),
+			want:    mock.ReturnFailureResponseMock(),
 			wantErr: false,
 		},
 	}
 	for _, tt := range tests {
 		ttt := tt
 		t.Run(ttt.name, func(t *testing.T) {
-			got, err := ExecuteVorpalScan(ttt.args.fileSourceFlag, ttt.args.vorpalUpdateVersion)
+			vorpalParams := services.VorpalScanParams{
+				FilePath:            ttt.args.fileSourceFlag,
+				VorpalUpdateVersion: ttt.args.vorpalUpdateVersion,
+				IsDefaultAgent:      true,
+			}
+			wrapperParams := services.VorpalWrappersParam{
+				JwtWrapper:          &mock.JWTMockWrapper{},
+				FeatureFlagsWrapper: &mock.FeatureFlagsMockWrapper{},
+				VorpalWrapper:       &mock.VorpalMockWrapper{},
+			}
+			got, err := services.CreateVorpalScanRequest(vorpalParams, wrapperParams)
 			if (err != nil) != ttt.wantErr {
 				t.Errorf("executeVorpalScan() error = %v, wantErr %v", err, ttt.wantErr)
 				return
@@ -96,7 +97,7 @@ func Test_runScanVorpalCommand(t *testing.T) {
 		sourceFlag string
 		engineFlag bool
 		wantErr    bool
-		want       *ScanResult
+		want       *grpcs.ScanResult
 		wantErrMsg string
 	}{
 		{
@@ -106,13 +107,6 @@ func Test_runScanVorpalCommand(t *testing.T) {
 			wantErr:    false,
 			want:       nil,
 		},
-		{
-			name:       "Test with file without extension",
-			sourceFlag: "data/python-vul-file",
-			engineFlag: true,
-			wantErr:    true,
-			wantErrMsg: errorConstants.FileExtensionIsRequired,
-		},
 		{
 			name:       "Test with valid fileSource Flag and vorpalUpdateVersion flag set false ",
 			sourceFlag: "data/python-vul-file.py",
@@ -135,14 +129,14 @@ func Test_runScanVorpalCommand(t *testing.T) {
 			cmd.Flags().String(commonParams.SourcesFlag, ttt.sourceFlag, "")
 			cmd.Flags().Bool(commonParams.VorpalLatestVersion, ttt.engineFlag, "")
 			cmd.Flags().String(commonParams.FormatFlag, printer.FormatJSON, "")
-			runFunc := runScanVorpalCommand()
+			runFunc := RunScanVorpalCommand(&mock.JWTMockWrapper{}, &mock.FeatureFlagsMockWrapper{})
 			err := runFunc(cmd, []string{})
 			if (err != nil) != ttt.wantErr {
-				t.Errorf("runScanVorpalCommand() error = %v, wantErr %v", err, ttt.wantErr)
+				t.Errorf("RunScanVorpalCommand() error = %v, wantErr %v", err, ttt.wantErr)
 				return
 			}
 			if ttt.wantErr && err.Error() != ttt.wantErrMsg {
-				t.Errorf("runScanVorpalCommand() error message = %v, wantErrMsg %v", err.Error(), ttt.wantErrMsg)
+				t.Errorf("RunScanVorpalCommand() error message = %v, wantErrMsg %v", err.Error(), ttt.wantErrMsg)
 			}
 		})
 	}

internal/commands/vorpal/vorpal_test.go

@@ -1,4 +1,4 @@
-package scarealtime
+package vorpal
 
 import (
 	"os"

internal/constants/errors/errors.go

@@ -19,6 +19,7 @@ const (
 	SarifInvalidFileExtension              = "Invalid file extension. Supported extensions are .sarif and .zip containing sarif files."
 	ImportSarifFileError                   = "There was a problem importing the SARIF file. Please contact support for further details."
 	ImportSarifFileErrorMessageWithMessage = "There was a problem importing the SARIF file. Please contact support for further details with the following error code: %d %s"
+	NoVorpalLicense                        = "User doesn't have \"AI Protection\" license"
 
 	// Vorpal Engine
 	FileExtensionIsRequired = "file must have an extension"

internal/params/binds.go

@@ -63,4 +63,5 @@ var EnvVarsBinds = []struct {
 	{PolicyEvaluationPathKey, PolicyEvaluationPathEnv, "api/policy_management_service_uri/evaluation"},
 	{AccessManagementPathKey, AccessManagementPathEnv, "api/access-management"},
 	{ByorPathKey, ByorPathEnv, "api/byor"},
+	{VorpalPortKey, VorpalPortEnv, ""},
 }

internal/params/envs.go

@@ -62,4 +62,5 @@ const (
 	AccessManagementPathEnv             = "CX_ACCESS_MANAGEMENT_PATH"
 	ByorPathEnv                         = "CX_BYOR_PATH"
 	IgnoreProxyEnv                      = "CX_IGNORE_PROXY"
+	VorpalPortEnv                       = "CX_VORPAL_PORT"
 )