Merge pull request #81 from aquasecurity/saas-25129-add-gitlab-jenkins

MorAlon1 · web-flow · commit fd065cc9bc57 · 2024-09-11T12:03:04.000+03:00
feat(saas-25129): add option to get values from outside
diff --git a/go.mod b/go.mod
@@ -5,6 +5,7 @@ go 1.18
 require (
 	github.com/argonsecurity/go-environments v0.1.44
 	github.com/google/go-github/v44 v44.1.0
+	github.com/rs/zerolog v1.33.0
 	github.com/samber/lo v1.37.0
 	github.com/urfave/cli/v2 v2.8.1
 	golang.org/x/oauth2 v0.1.0
@@ -14,13 +15,16 @@ require (
 	github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/thoas/go-funk v0.9.2 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
 	golang.org/x/exp v0.0.0-20220613132600-b0d781184e0d // indirect
 	golang.org/x/net v0.1.0 // indirect
+	golang.org/x/sys v0.12.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -1,9 +1,11 @@
 github.com/argonsecurity/go-environments v0.1.44 h1:iyQfMp6QS9qwjYsWr4N+ZMiwA5eKfSa/QHsM6pgG+2I=
 github.com/argonsecurity/go-environments v0.1.44/go.mod h1:gf8wUiuP2DU6NN5nvfBy3h48R2JaPB7HAMag/DC0JUo=
+github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
 github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU=
 github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
@@ -15,11 +17,19 @@ github.com/google/go-github/v44 v44.1.0 h1:shWPaufgdhr+Ad4eo/pZv9ORTxFpsxPEPEuuX
 github.com/google/go-github/v44 v44.1.0/go.mod h1:iWn00mWcP6PRWHhXm0zuFJ8wbEjE5AGO5D5HXYM4zgw=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
+github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/samber/lo v1.37.0 h1:XjVcB8g6tgUp8rsPsJ2CvhClfImrpL04YpQHXeHPhRw=
@@ -44,6 +54,10 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
 golang.org/x/oauth2 v0.1.0 h1:isLCZuhj4v+tYv7eskaN4v/TM+A1begWWgyVJDdl1+Y=
 golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
diff --git a/pkg/app/commenter.go b/pkg/app/commenter.go
@@ -28,7 +28,7 @@ func Action(ctx *cli.Context) (err error) {
 	case "gitlab":
 		token := os.Getenv("GITLAB_TOKEN")
 		r, err := gitlab.NewGitlab(
-			token)
+			token, "", "", "")
 		if err != nil {
 			return err
 		}
diff --git a/pkg/commenter/azure/azure.go b/pkg/commenter/azure/azure.go
@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"strconv"
@@ -141,7 +140,7 @@ func (c *Azure) WriteMultiLineComment(file, comment string, startLine, endLine i
 		return err
 	}
 	if resp.StatusCode != http.StatusOK {
-		b, _ := ioutil.ReadAll(resp.Body)
+		b, _ := io.ReadAll(resp.Body)
 		return fmt.Errorf("failed write azure line comment: %s", string(b))
 	}
 
diff --git a/pkg/commenter/bitbucket/bitbucket.go b/pkg/commenter/bitbucket/bitbucket.go
@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"strconv"
@@ -115,7 +114,7 @@ func (c *Bitbucket) WriteLineComment(file, comment string, line int) error {
 	}
 
 	if resp.StatusCode != http.StatusCreated {
-		b, _ := ioutil.ReadAll(resp.Body)
+		b, _ := io.ReadAll(resp.Body)
 		return fmt.Errorf("failed write bitbucket line comment: %s", string(b))
 	}
 
diff --git a/pkg/commenter/gitlab/gitlab.go b/pkg/commenter/gitlab/gitlab.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"os"
@@ -52,12 +51,12 @@ type Gitlab struct {
 
 var lockFiles = []string{"package.json", "yarn.lock"}
 
-func NewGitlab(token string) (b *Gitlab, err error) {
+func NewGitlab(token, apiUrl, repoName, mergeRequestID string) (b *Gitlab, err error) {
 	return &Gitlab{
-		ApiURL:   os.Getenv("CI_API_V4_URL"),
+		ApiURL:   lo.Ternary(apiUrl == "", os.Getenv("CI_API_V4_URL"), apiUrl),
 		Token:    token,
-		Repo:     os.Getenv("CI_PROJECT_ID"),
-		PrNumber: os.Getenv("CI_MERGE_REQUEST_IID"),
+		Repo:     lo.Ternary(repoName == "", os.Getenv("CI_PROJECT_ID"), repoName),
+		PrNumber: lo.Ternary(mergeRequestID == "", os.Getenv("CI_MERGE_REQUEST_IID"), mergeRequestID),
 	}, nil
 }
 
@@ -138,7 +137,7 @@ func (c *Gitlab) WriteLineComment(file, comment string, line int) error {
 					return nil
 				}
 			}
-			b, _ := ioutil.ReadAll(resp.Body)
+			b, _ := io.ReadAll(resp.Body)
 			return fmt.Errorf("failed to write comment to file: %s, on line: %d, with gitlab error: %s", file, line, string(b))
 		}
 
@@ -184,7 +183,7 @@ func (c *Gitlab) getLatestVersion() (v Version, err error) {
 		return v, err
 	}
 	if resp.StatusCode != http.StatusOK {
-		b, _ := ioutil.ReadAll(resp.Body)
+		b, _ := io.ReadAll(resp.Body)
 		return v, fmt.Errorf("failed get gitlab PR version: %s", string(b))
 	}
 	defer func() { _ = resp.Body.Close() }()
diff --git a/pkg/commenter/jenkins/jenkins.go b/pkg/commenter/jenkins/jenkins.go
@@ -2,11 +2,14 @@ package jenkins
 
 import (
 	"fmt"
+	"net/url"
 	"os"
 	"strconv"
 	"strings"
 
 	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/github"
+	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/gitlab"
+
 	"github.com/argonsecurity/go-environments/enums"
 	"github.com/argonsecurity/go-environments/environments/jenkins"
 	env_utils "github.com/argonsecurity/go-environments/environments/utils"
@@ -66,6 +69,15 @@ func NewJenkins(baseRef string) (commenter.Repository, error) {
 			return github.NewGithubServer(scmApiUrl, token, org, repoName, prNumberInt)
 		}
 
+	} else if scmSource == enums.GitlabServer || scmSource == enums.Gitlab {
+		_, org, repoName, _, err := env_utils.ParseDataFromCloneUrl(cloneUrl, scmApiUrl, scmSource)
+		if err != nil {
+			return nil, fmt.Errorf("failed parsing url with error: %s", err.Error())
+		}
+		token := os.Getenv("GITLAB_TOKEN")
+		prNumber := os.Getenv("CHANGE_ID")
+
+		return gitlab.NewGitlab(token, scmApiUrl, url.PathEscape(fmt.Sprintf("%s/%s", org, repoName)), prNumber)
 	}
 	return nil, nil
 }

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ func Action(ctx *cli.Context) (err error) {`
`28`	`28`	`case "gitlab":`
`29`	`29`	`token := os.Getenv("GITLAB_TOKEN")`
`30`	`30`	`r, err := gitlab.NewGitlab(`
`31`		`- token)`
	`31`	`+ token, "", "", "")`
`32`	`32`	`if err != nil {`
`33`	`33`	`return err`
`34`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,6 @@ import (`
`5`	`5`	`"encoding/json"`
`6`	`6`	`"fmt"`
`7`	`7`	`"io"`
`8`		`- "io/ioutil"`
`9`	`8`	`"net/http"`
`10`	`9`	`"os"`
`11`	`10`	`"strconv"`
`@@ -115,7 +114,7 @@ func (c *Bitbucket) WriteLineComment(file, comment string, line int) error {`
`115`	`114`	`}`
`116`	`115`
`117`	`116`	`if resp.StatusCode != http.StatusCreated {`
`118`		`- b, _ := ioutil.ReadAll(resp.Body)`
	`117`	`+ b, _ := io.ReadAll(resp.Body)`
`119`	`118`	`return fmt.Errorf("failed write bitbucket line comment: %s", string(b))`
`120`	`119`	`}`
`121`	`120`