mrva/gh-mrva
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: mrva:master
Branches Tags
mrva:master mrva:main
mrva:v0.4.5
..
compare: mrva:main
Branches Tags
mrva:master mrva:main
mrva:v0.4.5

3 Commits
master ... main

Author SHA1 Message Date
Michael Hohn
93873df3c2 Merge branch 'v0.1' 2024-04-09 13:01:53 -07:00
Michael Hohn
1a6557312a PR adjustments, not tested yet 2024-02-06 10:48:47 -08:00
Michael Hohn
b2cb0f2b5a Update instructions and move them to USING.org 2024-02-05 11:58:10 -08:00
12 changed files with 301 additions and 217 deletions
Expand all files Collapse all files

1
.tool-versions
View File

@@ -1 +0,0 @@
golang 1.22.3

14
Fprintf.ql
View File

@@ -1,14 +0,0 @@
/**
* @name findPrintf
* @description Find calls to plain fprintf
* @kind problem
* @id cpp-fprintf-call
* @problem.severity warning
*/
import cpp
from FunctionCall fc
where
fc.getTarget().getName() = "fprintf"
select fc, "call of fprintf"

62
README.org
View File

@@ -104,7 +104,6 @@
cd ~/local/gh-mrva
# Build it
go mod edit -replace="github.com/GitHubSecurityLab/gh-mrva=/Users/hohn/local/gh-mrva"
go build .
# Install
@@ -128,17 +127,17 @@
# git checkout codeql-cli/v2.15.5
codeql_path: /Users/hohn/local/codeql-lib
controller: hohn/mirva-controller
list_file: /Users/hohn/work-gh/mrva/gh-mrva/mirva-list-databases.json
list_file: /Users/hohn/local/gh-mrva/mirva-list-databases.json
eof
#+END_SRC
3. Submit the mrva job
#+BEGIN_SRC sh
cd ~/work-gh/mrva/gh-mrva/
./gh-mrva submit --language cpp --session mirva-session-200 \
cd ~/local/gh-mrva
./gh-mrva submit --language cpp --session mirva-session-73 \
--list mirva-list \
--query ~/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql
--query /Users/hohn/local/gh-mrva/FlatBuffersFunc.ql
#+END_SRC
4. Check the status and download the sarif files
@@ -158,7 +157,6 @@
--output-dir mirva-session-73
#+END_SRC
** curl checks for mrva server
* Miscellaneous Notes
** Action logs on Controller Repository
The action logs are on the controller repository at
@@ -191,68 +189,62 @@
https://github.com/github/codeql-variant-analysis-action/blob/main/variant-analysis-workflow.yml
** Compacted Edit-Run-Debug Cycle
With a full [[*Using MRVA][Using MRVA]] cycle done, only these steps are needed in a
edit-run-debug cycle. Note that paths must be updated for your system.
edit-run-debug cycle.
#+BEGIN_SRC sh
# Build the client
cd ~/work-gh/mrva/gh-mrva
cd ~/local/gh-mrva
# Build it
go clean
go build . # go build -gcflags="all=-N -l" .
./gh-mrva -h
# Set up the configuration -- check your paths
cat > ~/.config/gh-mrva/config.yml <<eof
# The following options are supported
# codeql_path: Path to CodeQL distribution (checkout of codeql repo)
# controller: NWO of the MRVA controller to use
# list_file: Path to the JSON file containing the target repos
# In log-submit-the-mrva-job.log after edit
SN=106
./gh-mrva submit --language cpp --session mirva-session-$SN \
--list mirva-list \
--query /Users/hohn/local/gh-mrva/FlatBuffersFunc.ql >& log-submit-$SN.log &
sleep 1 && em log-submit-$SN.log
# git checkout codeql-cli/v2.15.5
codeql_path: /Users/hohn/local/codeql-lib
controller: hohn/mirva-controller
list_file: /Users/hohn/work-gh/mrva/gh-mrva/mirva-list-databases.json
eof
# Define utility functions
submit (){
SN=$1
cd ~/work-gh/mrva/gh-mrva
cd ~/local/gh-mrva
./gh-mrva submit --language cpp --session mirva-session-$SN \
--list mirva-list \
--query /Users/hohn/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql >& log-submit-$SN.log &
sleep 1 && em log-submit-$SN.log
--query /Users/hohn/local/gh-mrva/FlatBuffersFunc.ql >& log-submit-$SN.log &
# sleep 1 && em log-submit-$SN.log
}
# submit 173
# Check the status
sessstatus (){
SN=$1
cd ~/work-gh/mrva/gh-mrva
cd ~/local/gh-mrva
./gh-mrva status --session mirva-session-$SN >& log-$SN-status.log &
sleep 1 && em log-$SN-status.log
}
# sessstatus 191
# Download the sarif files and CodeQL dbs when finished
dl (){
SN=$1
cd ~/work-gh/mrva/gh-mrva
cd ~/local/gh-mrva
./gh-mrva download --session mirva-session-$SN \
--download-dbs \
--output-dir mirva-session-$SN-sarif \
>& log-download-$SN.log &
sleep 1 && em log-download-$SN.log
}
# Just download sarif / bqrs zip file
dl (){
SN=$1
cd ~/work-gh/mrva/gh-mrva
cd ~/local/gh-mrva
./gh-mrva download --session mirva-session-$SN \
--output-dir mirva-session-$SN-sarif \
>& log-download-$SN.log &
sleep 1 && em log-download-$SN.log
}
# dl 191
submit 211
sessstatus 211
@@ -272,16 +264,10 @@
# Type 'help' for list of commands.
# (dlv) c
# dlv debug builds, so the above build may be redundant
dlv debug -- download --session mirva-session-$SN \
--download-dbs \
--output-dir mirva-session-$SN-sarif
--output-dir mirva-session-$SN-sarif \
# dlv may say 'no sources', but this works anyay
b main.main
l
# This inline use of dlv may fail; attaching to a process is more reliable
#+END_SRC
** VS Code Debugger Configuration
*** launch.json for download

232
USING.md Normal file
View File

@@ -0,0 +1,232 @@
- [Using MRVA](#org1f1a57e)
- [Set up controller repo](#org72c4bcf)
- [Use the codeql extension to run MRVA](#org5edd48e)
- [Use custom list with target repos in VS Code](#org93ceb2d)
- [Run MRVA from command line](#org18c5e86)
- [Miscellaneous Notes](#org1d0d4b5)
- [Action logs on Controller Repository](#orge8b438e)
<a id="org1f1a57e"></a>
# Using MRVA
Following are notes to illustrate a full MRVA workflow.
<a id="org72c4bcf"></a>
## Set up controller repo
Following [the instructions](https://codeql.github.com/docs/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva/#controller-repository), start with manually creating the controller repository
```sh
gh repo create mirva-controller --public -d 'Controller for MRVA'
```
This avoids
```text
An error occurred while setting up the controller repository: Controller
repository "hohn/mirva-controller" not found.
```
Populate the controller repository
```sh
mkdir -p ~/local/mirva-controller && cd ~/local/mirva-controller
echo "* mirva-controller" >> README.org
git init
git add README.org
git commit -m "first commit"
git branch -M master
git remote add origin git@github.com:hohn/mirva-controller.git
git push -u origin master
```
This avoids
```text
Variant analysis failed because the controller repository hohn/mirva-controller
does not have a branch 'master'. Please create a 'master' branch by clicking here
and re-run the variant analysis query.
```
<a id="org5edd48e"></a>
## Use the codeql extension to run MRVA
Following the [instructions](https://codeql.github.com/docs/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva/#controller-repository) and running `./FlatBuffersFunc.ql`, the entry `google/flatbuffers` has one [result](https://github.com/google/flatbuffers/blob/dbce69c63b0f3cee8f6d9521479fd3b087338314/src/binary_annotator.cpp#L25C21-L25C37). Others have none.
<a id="org93ceb2d"></a>
## Use custom list with target repos in VS Code
The json file is in your VS Code workspace. In my case, here:
/Users/hohn/Library/Application Support/Code/User/workspaceStorage/bced2e4aa1a5f78ca07cf9e09151b1af/GitHub.vscode-codeql/databases.json
It can be edited in VS Code using the `{}` button.
It's saved in the workspace, but not in the current git repository.
Here are two snapshots for reference:
```javascript
{
"version": 1,
"databases": {
"variantAnalysis": {
"repositoryLists": [
{
"name": "mirva-list",
"repositories": [
"google/flatbuffers"
]
}
],
"owners": [],
"repositories": []
}
},
"selected": {
"kind": "variantAnalysisSystemDefinedList",
"listName": "top_10"
}
}
```
or
```javascript
{
"version": 1,
"databases": {
"variantAnalysis": {
"repositoryLists": [
{
"name": "mirva-list",
"repositories": [
"google/flatbuffers"
]
}
],
"owners": [],
"repositories": []
}
},
"selected": {
"kind": "variantAnalysisUserDefinedList",
"listName": "mirva-list"
}
}
```
<a id="org18c5e86"></a>
## Run MRVA from command line
1. Install mrva cli
```sh
cd ~/local/gh-mrva
# Build it
go mod edit -replace="github.com/GitHubSecurityLab/gh-mrva=/Users/hohn/local/gh-mrva"
go build
# Install
gh extension install .
# Sanity check
gh mrva -h
```
2. Set up the configuration
```sh
cd ~/local/gh-mrva
cat > ~/.config/gh-mrva/config.yml <<eof
# The following options are supported
# codeql_path: Path to CodeQL distribution (checkout of codeql repo)
# controller: NWO of the MRVA controller to use
# list_file: Path to the JSON file containing the target repos
# git checkout codeql-cli/v2.15.5
codeql_path: /Users/hohn/local/codeql-lib
controller: hohn/mirva-controller
list_file: /Users/hohn/local/gh-mrva/databases.json
eof
```
3. Submit the mrva job
```sh
gh mrva submit --help
gh mrva submit --language cpp --session mirva-session-1 \
--list mirva-list \
--query /Users/hohn/local/gh-mrva/FlatBuffersFunc.ql
```
4. Check the status and download the sarif files
```sh
cd ~/local/gh-mrva
# Check the status
gh mrva status --session mirva-session-1
# Download the sarif files when finished
gh mrva download --session mirva-session-1 \
--output-dir mirva-session-1-sarif
# Or download the sarif files and CodeQL dbs when finished
gh mrva download --session mirva-session-1 \
--download-dbs \
--output-dir mirva-session-1-sarif
```
<a id="org1d0d4b5"></a>
# Miscellaneous Notes
<a id="orge8b438e"></a>
## Action logs on Controller Repository
The action logs are on the controller repository at <https://github.com/hohn/mirva-controller/actions>.
The `action>google flatbuffers` log references
github/codeql-variant-analysis-action
```yaml
Run actions/checkout@v4
with:
repository: github/codeql-variant-analysis-action
ref: main
token: ***
ssh-strict: true
persist-credentials: true
clean: true
sparse-checkout-cone-mode: true
fetch-depth: 1
fetch-tags: false
show-progress: true
lfs: false
submodules: false
set-safe-directory: true
env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
```
This is <https://github.com/github/codeql-variant-analysis-action>
The workflow producing the logs: <https://github.com/github/codeql-variant-analysis-action/blob/main/variant-analysis-workflow.yml>

9
gh-mrva-selection.json
View File

@@ -1,9 +0,0 @@
{
"mirva-list": [
"Serial-Studio/Serial-Studio",
"UEFITool/UEFITool",
"aircrack-ng/aircrack-ng",
"bulk-builder/bulk-builder",
"tesseract/tesseract"
]
}

3
go.mod
View File

@@ -5,13 +5,13 @@ go 1.19
require (
github.com/cli/go-gh v1.2.1
github.com/motemen/go-loghttp v0.0.0-20231107055348-29ae44b293f4
github.com/motemen/go-nuts v0.0.0-20220604134737-2658d0104f31
github.com/spf13/cobra v1.7.0
)
require (
github.com/aymanbagabas/go-osc52 v1.2.1 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/motemen/go-nuts v0.0.0-20220604134737-2658d0104f31 // indirect
github.com/spf13/pflag v1.0.5 // indirect
)
@@ -33,4 +33,3 @@ require (
gopkg.in/yaml.v3 v3.0.1 // direct
)
replace github.com/GitHubSecurityLab/gh-mrva => /Users/hohn/work-gh/mrva/gh-mrva

92
main.go
View File

@@ -28,12 +28,9 @@ import (
"compress/gzip"
"encoding/base64"
"encoding/json"
"flag"
"io"
"log"
"log/slog"
"net/http"
"os"
"time"
"github.com/GitHubSecurityLab/gh-mrva/cmd"
@@ -43,44 +40,6 @@ import (
)
func main() {
helpFlag := flag.Bool("help", false, "Display help message")
logLevel := flag.String("loglevel", "info", "Set log level: debug, info, warn, error")
// Custom usage function for the help flag
flag.Usage = func() {
log.Printf("Usage of %s:\n", os.Args[0])
flag.PrintDefaults()
log.Println("\nExamples:")
log.Println("go run main.go -loglevel=debug ")
}
// Parse the flags
flag.Parse()
// Handle the help flag
if *helpFlag {
flag.Usage()
return
}
// Apply 'loglevel' flag
switch *logLevel {
case "debug":
slog.SetLogLoggerLevel(slog.LevelDebug)
case "info":
slog.SetLogLoggerLevel(slog.LevelInfo)
case "warn":
slog.SetLogLoggerLevel(slog.LevelWarn)
case "error":
slog.SetLogLoggerLevel(slog.LevelError)
default:
log.Printf("Invalid logging verbosity level: %s", *logLevel)
os.Exit(1)
}
log.Printf("logging verbosity level: %s", *logLevel)
var transport = &loghttp.Transport{
Transport: http.DefaultTransport,
LogRequest: LogRequestDump,
@@ -119,7 +78,7 @@ func IsBase64Gzip(val []byte) bool {
}
func LogRequestDump(req *http.Request) {
slog.Debug(">> %s %s", req.Method, req.URL)
log.Printf(">> %s %s", req.Method, req.URL)
req.Body = LogBody(req.Body, "request")
}
@@ -170,7 +129,7 @@ func LogBody(body io.ReadCloser, from string) io.ReadCloser {
buf, err := io.ReadAll(body)
if err != nil {
var w http.ResponseWriter
slog.Error("Error reading %s body: %v", from, err.Error())
log.Fatalf("Error reading %s body: %v", from, err.Error())
http.Error(w, err.Error(), http.StatusInternalServerError)
return nil
}
@@ -185,36 +144,36 @@ func LogBody(body io.ReadCloser, from string) io.ReadCloser {
// Unknown message, try pretty-printing json
pjson, err := PPJson(string(buf))
if err != nil {
slog.Debug(">> %s body: %v", from, string(buf))
log.Printf(">> %s body: %v", from, string(buf))
} else {
slog.Debug(">> %s body: {\n%v\n}", from, pjson)
log.Printf(">> %s body: {\n%v\n}", from, pjson)
}
goto BodyDone
}
// Print index for encoded query packs in the json <value>:
// {..."query_pack": <value>,...}
slog.Debug(">> body: {\n", "from", from)
slog.Debug(" \n", "action_repo_ref", m.ActionRepoRef)
slog.Debug(" \n", "language", m.Language)
log.Printf(">> %s body: {\n", from)
log.Printf(" \"%s\": \"%s\"\n", "action_repo_ref", m.ActionRepoRef)
log.Printf(" \"%s\": \"%s\"\n", "language", m.Language)
pjson, err := json.MarshalIndent(m.Repositories, "", " ")
if err != nil {
slog.Debug(" \n", "repositories", m.Repositories[:])
log.Printf(" \"%s\": \"%s\"\n", "repositories", m.Repositories[:])
} else {
slog.Debug(" \n", "repositories", pjson)
log.Printf(" \"%s\": %s\n", "repositories", pjson)
}
// Provide custom logging for encoded, compressed tar file
if IsBase64Gzip([]byte(m.QueryPack)) {
LogBase64GzippedTar(m)
} else {
slog.Debug(" \"%s\": \"%s\"\n", "query_pack", m.QueryPack)
log.Printf(" \"%s\": \"%s\"\n", "query_pack", m.QueryPack)
}
slog.Debug("\n}")
log.Printf("\n}")
} else {
slog.Debug(">> %s body: %v", from, string(buf))
log.Printf(">> %s body: %v", from, string(buf))
}
BodyDone:
@@ -242,17 +201,17 @@ func LogBase64GzippedTar(m SubmitMsg) {
// base64 decode the body
data, err := base64.StdEncoding.DecodeString(m.QueryPack)
if err != nil {
slog.Error("body decoding error", "err", err)
log.Fatalln("body decoding error:", err)
}
// gunzip the decoded body
gzb := bytes.NewBuffer(data)
gzr, err := gzip.NewReader(gzb)
if err != nil {
slog.Error("unzip error", "err", err)
log.Fatal(err)
}
// tar t the gunzipped body
slog.Debug(" \"query_pack\": \n")
slog.Debug(" base64 encoded gzipped tar file, contents:\n")
log.Printf(" \"%s\": \n", "query_pack")
log.Printf(" base64 encoded gzipped tar file, contents:\n")
tr := tar.NewReader(gzr)
for {
hdr, err := tr.Next()
@@ -260,10 +219,10 @@ func LogBase64GzippedTar(m SubmitMsg) {
break // End of archive
}
if err != nil {
slog.Error("Tar listing failure", "err", err)
log.Fatalln("Tar listing failure:", err)
}
// TODO: cli option to head / tail the listing
slog.Debug(" ", "", hdr.Name)
// TODO: head / tail the listing
log.Printf(" %s\n", hdr.Name)
}
}
@@ -277,11 +236,11 @@ func ShowZipIndex(buf []byte, from string) {
}
// Print the archive index
slog.Debug(">> body:\n", "from", from)
slog.Debug("zip file, contents:\n")
log.Printf(">> %s body:\n", from)
log.Printf("zip file, contents:\n")
for _, f := range r.File {
slog.Debug("\t", f.Name)
log.Printf("\t%s\n", f.Name)
}
}
@@ -294,11 +253,10 @@ var ContextKeyRequestStart = &contextKey{"RequestStart"}
func LogResponseDump(resp *http.Response) {
ctx := resp.Request.Context()
if start, ok := ctx.Value(ContextKeyRequestStart).(time.Time); ok {
slog.Debug("<< ", "status", resp.StatusCode,
"url", resp.Request.URL,
"duration", roundtime.Duration(time.Since(start), 2))
log.Printf("<< %d %s (%s)", resp.StatusCode, resp.Request.URL,
roundtime.Duration(time.Since(start), 2))
} else {
slog.Debug("<< ", "status", resp.StatusCode, "url", resp.Request.URL)
log.Printf("<< %d %s", resp.StatusCode, resp.Request.URL)
}
resp.Body = LogBody(resp.Body, "response")

2
FlatBuffersFunc.ql → samples/FlatBuffersFunc.ql
View File

@@ -1,6 +1,6 @@
/**
* @name pickfun
* @description Pick function from FlatBuffers
* @description pick function from FlatBuffers
* @kind problem
* @id cpp-flatbuffer-func
* @problem.severity warning

0
codeql-pack.lock.yml → samples/codeql-pack.lock.yml
View File

0
databases.json → samples/databases.json
View File

1
qlpack.yml → samples/qlpack.yml
View File

@@ -3,3 +3,4 @@ name: codeql-dataflow-ii-cpp
version: 0.0.1
dependencies:
codeql/cpp-all: 0.5.3

102
utils/utils.go
View File

@@ -9,8 +9,6 @@ import (
"fmt"
"io"
"log"
"log/slog"
"net/http"
"os"
"os/exec"
"path/filepath"
@@ -116,12 +114,7 @@ func GetRunDetails(controller string, runId int) (map[string]interface{}, error)
response := make(map[string]interface{})
// err = client.Get(fmt.Sprintf("repos/%s/code-scanning/codeql/variant-analyses/%d", controller, runId), &response)
url := os.Getenv("MRVA_SERVER_URL")
if url == "" {
return nil, fmt.Errorf("missing MRVA_SERVER_URL in environment")
}
err = client.Get(fmt.Sprintf("%s/repos/%s/code-scanning/codeql/variant-analyses/%d", url, controller, runId), &response)
err = client.Get(fmt.Sprintf("http://localhost:8080/repos/%s/code-scanning/codeql/variant-analyses/%d", controller, runId), &response)
if err != nil {
return nil, err
}
@@ -136,12 +129,7 @@ func GetRunRepositoryDetails(controller string, runId int, nwo string) (map[stri
}
response := make(map[string]interface{})
// err = client.Get(fmt.Sprintf("repos/%s/code-scanning/codeql/variant-analyses/%d/repos/%s", controller, runId, nwo), &response)
url := os.Getenv("MRVA_SERVER_URL")
if url == "" {
return nil, fmt.Errorf("missing MRVA_SERVER_URL in environment")
}
err = client.Get(fmt.Sprintf("%s/repos/%s/code-scanning/codeql/variant-analyses/%d/repos/%s", url, controller, runId, nwo), &response)
err = client.Get(fmt.Sprintf("http://localhost:8080/repos/%s/code-scanning/codeql/variant-analyses/%d/repos/%s", controller, runId, nwo), &response)
if err != nil {
return nil, err
}
@@ -208,12 +196,7 @@ func SubmitRun(controller string, language string, repoChunk []string, bundle st
}
response := make(map[string]interface{})
// err = client.Post(fmt.Sprintf("repos/%s/code-scanning/codeql/variant-analyses", controller), &buf, &response)
url := os.Getenv("MRVA_SERVER_URL")
if url == "" {
return 0, fmt.Errorf("missing MRVA_SERVER_URL in environment")
}
err = client.Post(fmt.Sprintf("%s/repos/%s/code-scanning/codeql/variant-analyses", url, controller), &buf, &response)
err = client.Post(fmt.Sprintf("http://localhost:8080/repos/%s/code-scanning/codeql/variant-analyses", controller), &buf, &response)
if err != nil {
return -1, err
}
@@ -550,116 +533,72 @@ func DownloadWorker(wg *sync.WaitGroup, taskChannel <-chan models.DownloadTask,
}
func downloadArtifact(url string, task models.DownloadTask) error {
slog.Info("downloadArtifact/start", "url", url, "task", task)
// client, err := gh.HTTPClient(nil)
client := &http.Client{}
// if err != nil {
// slog.Error("downloadArtifact/httpClient failed", "err", err)
// return err
// }
// Inspect the type
slog.Info("downloadArtifact/httpClient/type", "type", fmt.Sprintf("%T", client))
// Check if it has a custom Transport (e.g., for auth hooks)
if client.Transport != nil {
slog.Info("downloadArtifact/httpClient/transport", "transport_type", fmt.Sprintf("%T", client.Transport))
// If it's a round-tripper wrapper, you can often unwrap or type assert it
switch tr := client.Transport.(type) {
case *http.Transport:
slog.Info("downloadArtifact/httpClient/transport/http.Transport", "details", fmt.Sprintf("%+v", tr))
default:
slog.Info("downloadArtifact/httpClient/transport/unknown", "details", fmt.Sprintf("%#v", tr))
}
} else {
slog.Info("downloadArtifact/httpClient/transport", "transport", "nil")
client, err := gh.HTTPClient(nil)
if err != nil {
return err
}
// Log timeout, just in case
slog.Info("downloadArtifact/httpClient/timeout", "timeout", client.Timeout)
resp, err := client.Get(url)
if err != nil {
slog.Error("downloadArtifact/get", "url", url, "err", err)
return err
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
slog.Error("downloadArtifact/readBody", "err", err)
return err
log.Fatal(err)
}
zipReader, err := zip.NewReader(bytes.NewReader(body), int64(len(body)))
if err != nil {
slog.Error("downloadArtifact/newZipReader", "err", err)
return err
log.Fatal(err)
}
downloadedFiles := []string{}
for _, zf := range zipReader.File {
slog.Info("downloadArtifact/zipEntry", "name", zf.Name)
if zf.Name != "results.sarif" && zf.Name != "results.bqrs" {
continue
}
f, err := zf.Open()
if err != nil {
slog.Error("downloadArtifact/openZipFile", "name", zf.Name, "err", err)
return err
log.Fatal(err)
}
defer f.Close()
content, err := io.ReadAll(f)
if err != nil {
slog.Error("downloadArtifact/readZipContent", "name", zf.Name, "err", err)
return err
log.Fatal(err)
}
outputDir := task.OutputDir
outputFilename := task.OutputFilename
if zf.Name == "results.bqrs" {
outputFilename += ".bqrs"
outputFilename = outputFilename + ".bqrs"
} else if zf.Name == "results.sarif" {
outputFilename += ".sarif"
outputFilename = outputFilename + ".sarif"
}
// replace remote-query with real query id
content = bytes.Replace(content, []byte("remote-query"), []byte(task.QueryId), -1)
resultPath := filepath.Join(outputDir, outputFilename)
slog.Info("downloadArtifact/writeFile",
"outputFilename", outputFilename,
"resultPath", resultPath)
err = os.WriteFile(resultPath, content, os.ModePerm)
if err != nil {
slog.Error("downloadArtifact/writeFileError", "path", resultPath, "err", err)
return err
}
downloadedFiles = append(downloadedFiles, resultPath)
}
if len(downloadedFiles) == 0 {
err := errors.New("no results files found in artifact")
slog.Error("downloadArtifact/empty", "err", err)
return err
return errors.New("No results files found in artifact")
} else {
fmt.Println("Downloaded", downloadedFiles)
return nil
}
slog.Info("downloadArtifact/success", "files", downloadedFiles)
return nil
}
func DownloadResults(task models.DownloadTask) error {
// download artifact (BQRS or SARIF)
runRepositoryDetails, err := GetRunRepositoryDetails(task.Controller, task.RunId, task.Nwo)
slog.Info("DownloadResults", "runRepositoryDetails", runRepositoryDetails)
if err != nil {
return errors.New("Failed to get run repository details")
}
@@ -684,14 +623,7 @@ func DownloadDatabase(task models.DownloadTask) error {
return err
}
// resp, err := client.Get(fmt.Sprintf("https://api.github.com/repos/%s/code-scanning/codeql/databases/%s", task.Nwo, task.Language))
// resp, err := client.Get(fmt.Sprintf("http://localhost:8080/repos/%s/code-scanning/codeql/databases/%s", task.Nwo, task.Language))
url := os.Getenv("MRVA_SERVER_URL")
if url == "" {
return fmt.Errorf("missing MRVA_SERVER_URL in environment")
}
resp, err := client.Get(fmt.Sprintf("%s/repos/%s/code-scanning/codeql/databases/%s", url, task.Nwo, task.Language))
resp, err := client.Get(fmt.Sprintf("http://localhost:8080/repos/%s/code-scanning/codeql/databases/%s", task.Nwo, task.Language))
if err != nil {
return err
}