mrva/mrva-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated ** Use gh-mrva container to send request via cli

Browse Source
This commit is contained in:
Michael Hohn
2025-01-15 11:56:46 -08:00
committed by =Michael Hohn
parent b3563331c2
commit 8d5973067a
1 changed files with 40 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
README.org
View File

@@ -3,14 +3,17 @@
1. Start the containers
#+BEGIN_SRC sh
cd ~/work-gh/mrva/mrva-docker/
docker-compose down
docker-compose -f docker-compose-demo.yml down
docker ps
docker-compose -f docker-compose-demo.yml up -d
#+END_SRC
2. View all logs
: docker-compose logs
3. Follow all logs if started with =-d=
: docker-compose logs -f
#+BEGIN_SRC sh
docker-compose logs -f
#+END_SRC
4. Follow single container, =server=, logging via
#+BEGIN_SRC sh
cd ~/work-gh/mrva/mrvacommander
@@ -26,28 +29,31 @@
** Use gh-mrva container to send request via cli
#+BEGIN_SRC sh
# %% Start container and check gh-mrva tool
# Start an interactive bash shell inside the running Docker container
docker exec -it mrva-docker-client-ghmrva-1 bash
# Sanity check
# Check if the gh-mrva tool is installed and accessible
gh-mrva -h
# 2. Set up the configuration
# %% Set up gh-mrva configuration
# Create configuration directory and generate config file for gh-mrva
mkdir -p ~/.config/gh-mrva
cat > ~/.config/gh-mrva/config.yml <<eof
# The following options are supported
# codeql_path: Path to CodeQL distribution (checkout of codeql repo)
# controller: NWO of the MRVA controller to use. Not used here.
# list_file: Path to the JSON file containing the target repos
# Configuration file for the gh-mrva tool
# codeql_path: Path to the CodeQL distribution (not used in this setup)
# controller: Placeholder for a controller NWO (not relevant in this setup)
# list_file: Path to the repository selection JSON file
codeql_path: not-used/codeql-path
controller: not-used/mirva-controller
list_file: $HOME/work-gh/mrva/gh-mrva/gh-mrva-selection.json
eof
# Set up repository selection
# %% Create repository selection list
# Create a directory and generate the JSON file specifying repositories
mkdir -p ~/work-gh/mrva/gh-mrva
cat > ~/work-gh/mrva/gh-mrva/gh-mrva-selection.json <<eof
cat > ~/work-gh/mrva/gh-mrva/gh-mrva-selection.json <<eof
{
"mirva-list": [
"Mbed-TLS/mbedtlsctsj17ef85",
@@ -65,11 +71,12 @@
}
eof
# Create the query
# %% Create and submit the first query (FlatBuffersFunc.ql)
# Generate a sample CodeQL query for functions of interest
cat > ~/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql <<eof
/**
,* @name pickfun
,* @description pick function from FlatBuffers
,* @description Pick function from FlatBuffers
,* @kind problem
,* @id cpp-flatbuffer-func
,* @problem.severity warning
@@ -84,30 +91,27 @@
select f, "definition of MakeBinaryRegion"
eof
# Submit the mrva job
# Note: QLPack does not exist. Generating synthetic one for /root/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql
# Submit the MRVA job with the first query
cd ~/work-gh/mrva/gh-mrva/
gh-mrva submit --language cpp --session mirva-session-1160 \
--list mirva-list \
gh-mrva submit --language cpp --session mirva-session-1160 \
--list mirva-list \
--query ~/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql
# 4. Check the status
# %% Check status and download results for the first session
# Check the status of the submitted session
gh-mrva status --session mirva-session-1160
# 5. Download the sarif files and databases. For the current
# query / database combination there are zero result hence no downloads.
# Download SARIF files and databases if there are results. For the current
# query / database combination there are zero result hence no downloads
cd ~/work-gh/mrva/gh-mrva/
# Download the sarif files and CodeQL dbs
gh-mrva download --session mirva-session-1160 \
--download-dbs \
--output-dir mirva-session-1160
# Run a query with results
# create the qlpack
# %% Next, run a query with results
# %% Set up QLPack for the next query
# Create a qlpack.yml file required for the next query
cat > ~/work-gh/mrva/gh-mrva/qlpack.yml <<eof
library: false
name: codeql-dataflow-ii-cpp
@@ -116,11 +120,12 @@
codeql/cpp-all: 0.5.3
eof
# create the query
# %% Create and submit the second query (Fprintf.ql)
# Generate a CodeQL query to find calls to fprintf
cat > ~/work-gh/mrva/gh-mrva/Fprintf.ql <<eof
/**
,* @name findPrintf
,* @description find calls to plain fprintf
,* @description Find calls to plain fprintf
,* @kind problem
,* @id cpp-fprintf-call
,* @problem.severity warning
@@ -134,17 +139,17 @@
select fc, "call of fprintf"
eof
# Submit the next mrva job
# Submit a new MRVA job with the second query
cd ~/work-gh/mrva/gh-mrva/
gh-mrva submit --language cpp --session mirva-session-1260 \
--list mirva-list \
gh-mrva submit --language cpp --session mirva-session-1260 \
--list mirva-list \
--query ~/work-gh/mrva/gh-mrva/Fprintf.ql
# 4. Check the status
# %% Check status and download results for the second session
# Check the status of the second session
gh-mrva status --session mirva-session-1260
# 5. Download the sarif files and databases.
# Download SARIF files and databases for the second query
cd ~/work-gh/mrva/gh-mrva/
gh-mrva download --session mirva-session-1260 \
--download-dbs \