Merge pull request #1463 from akto-api-security/feature/github-source…

…-code-analyser

Feature/GitHub source code analyser

.github/workflows/staging.yml

@@ -77,6 +77,8 @@ jobs:
           docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-internal:$IMAGE_TAG . --push
           cd ../api-threat-detection
           docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-protection:$IMAGE_TAG . --push
+          cd ../source-code-analyser
+          docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/source-code-analyser:$IMAGE_TAG . --push
 
       - name: Set up JDK 11
         uses: actions/setup-java@v1

apps/dashboard/src/main/java/com/akto/action/CodeAnalysisAction.java

@@ -15,6 +15,7 @@
 
 import com.akto.dao.*;
 import com.akto.dto.*;
+import org.bson.conversions.Bson;
 import org.bson.types.Code;
 import org.bson.types.ObjectId;
 import org.checkerframework.checker.units.qual.s;
@@ -44,7 +45,7 @@ public class CodeAnalysisAction extends UserAction {
     private String projectDir;
     private String apiCollectionName;
     private List<CodeAnalysisApi> codeAnalysisApisList;
-
+    private CodeAnalysisRepo.SourceCodeType sourceCodeType;
     public static final int MAX_BATCH_SIZE = 100;
 
     private static final LoggerMaker loggerMaker = new LoggerMaker(CodeAnalysisAction.class);
@@ -326,7 +327,8 @@ public String addCodeAnalysisRepo() {
             updates.add(new UpdateOneModel<>(
                 Filters.and(
                         Filters.eq(CodeAnalysisRepo.REPO_NAME, c.getRepoName()),
-                        Filters.eq(CodeAnalysisRepo.PROJECT_NAME, c.getProjectName())
+                        Filters.eq(CodeAnalysisRepo.PROJECT_NAME, c.getProjectName()),
+                        Filters.eq(CodeAnalysisRepo.SOURCE_CODE_TYPE, c.getSourceCodeType())
                 ),
                 Updates.combine(
                         Updates.setOnInsert(CodeAnalysisRepo.LAST_RUN, 0),
@@ -378,7 +380,20 @@ public String deleteCodeAnalysisRepo() {
 
     List<CodeAnalysisRepo> codeAnalysisRepos;
     public String fetchCodeAnalysisRepos() {
-        codeAnalysisRepos = CodeAnalysisRepoDao.instance.findAll(new BasicDBObject());
+        if (sourceCodeType == null) {
+            sourceCodeType = CodeAnalysisRepo.SourceCodeType.BITBUCKET;
+        }
+        Bson filters;
+        if (sourceCodeType == CodeAnalysisRepo.SourceCodeType.BITBUCKET) {
+            filters = Filters.or(
+                    Filters.eq(CodeAnalysisRepo.SOURCE_CODE_TYPE, sourceCodeType),
+                    Filters.exists(CodeAnalysisRepo.SOURCE_CODE_TYPE, false)
+
+            );
+        } else {
+            filters = Filters.eq(CodeAnalysisRepo.SOURCE_CODE_TYPE, sourceCodeType);
+        }
+        codeAnalysisRepos = CodeAnalysisRepoDao.instance.findAll(filters);
         return SUCCESS.toUpperCase();
     }
 
@@ -418,4 +433,12 @@ public List<CodeAnalysisRepo> getCodeAnalysisRepos() {
     public void setCodeAnalysisRepos(List<CodeAnalysisRepo> codeAnalysisRepos) {
         this.codeAnalysisRepos = codeAnalysisRepos;
     }
+
+    public CodeAnalysisRepo.SourceCodeType getSourceCodeType() {
+        return sourceCodeType;
+    }
+
+    public void setSourceCodeType(CodeAnalysisRepo.SourceCodeType sourceCodeType) {
+        this.sourceCodeType = sourceCodeType;
+    }
 }

apps/dashboard/src/main/resources/struts.xml

@@ -6316,7 +6316,7 @@
             <interceptor-ref name="json"/>
             <interceptor-ref name="defaultStack" />
             <interceptor-ref name="usageInterceptor">
-                <param name="featureLabel">SOURCECODE_ANALYSIS</param>
+                <param name="featureLabel">CODE_ANALYSIS</param>
             </interceptor-ref>
             <interceptor-ref name="roleAccessInterceptor">
                 <param name="featureLabel">INTEGRATIONS</param>
@@ -6338,7 +6338,7 @@
             <interceptor-ref name="json"/>
             <interceptor-ref name="defaultStack" />
             <interceptor-ref name="usageInterceptor">
-                <param name="featureLabel">SOURCECODE_ANALYSIS</param>
+                <param name="featureLabel">CODE_ANALYSIS</param>
             </interceptor-ref>
             <interceptor-ref name="roleAccessInterceptor">
                 <param name="featureLabel">INTEGRATIONS</param>
@@ -6360,7 +6360,7 @@
             <interceptor-ref name="json"/>
             <interceptor-ref name="defaultStack" />
             <interceptor-ref name="usageInterceptor">
-                <param name="featureLabel">SOURCECODE_ANALYSIS</param>
+                <param name="featureLabel">CODE_ANALYSIS</param>
             </interceptor-ref>
             <interceptor-ref name="roleAccessInterceptor">
                 <param name="featureLabel">INTEGRATIONS</param>
@@ -6382,7 +6382,7 @@
             <interceptor-ref name="json"/>
             <interceptor-ref name="defaultStack" />
             <interceptor-ref name="usageInterceptor">
-                <param name="featureLabel">SOURCECODE_ANALYSIS</param>
+                <param name="featureLabel">CODE_ANALYSIS</param>
             </interceptor-ref>
             <interceptor-ref name="roleAccessInterceptor">
                 <param name="featureLabel">INTEGRATIONS</param>

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/quick_start/api.js

@@ -162,11 +162,11 @@ const api = {
         })
     },
 
-    fetchCodeAnalysisRepos() {
+    fetchCodeAnalysisRepos(sourceCodeType) {
         return request({
             url: '/api/fetchCodeAnalysisRepos',
             method: 'post',
-            data: {}
+            data: {sourceCodeType}
         })
     }
 }

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/quick_start/components/BitBucketSource.jsx

@@ -1,147 +1,13 @@
-import { HorizontalStack, LegacyCard, Text, TextField, VerticalStack } from "@shopify/polaris"
-import { useEffect, useState } from "react";
-import api from "../api";
-import func from "../../../../../util/func";
-import JsonComponent from './shared/JsonComponent'
+import SourceCodeRepos from "./shared/SourceCodeRepos";
 
 function BitBucketSource() {
-
-    const [repoNames, setrepoNames] = useState('')
-    const [projectName, setProjectName] = useState('')
-    const [repoList, setRepoList] = useState([])
-    const [apiToken, setApiToken] = useState("");
-    const errorMessage = "This repository exists"
-    const fetchRuntimeHelmCommand = async() => {
-        await api.fetchRuntimeHelmCommand().then((resp) => {
-            if (!resp) return
-            setApiToken(resp?.apiToken)
-        })
-    }
-
-    const runtimeSvcCommand = "helm install source-code-analyser ~/akto_code/helm-charts/charts/source-code-analyser -n dev \
-    --set source_code_analyser.aktoApiSecurityCodeAnalyser.env.databaseAbstractorToken=\"" + apiToken + "\"";
-
-    const rcopyCommand = ()=>{func.copyToClipboard(runtimeSvcCommand, ref, null)}
-    useEffect(()=> {
-        let r = []
-        api.fetchCodeAnalysisRepos().then((resp) => {
-            resp["codeAnalysisRepos"].forEach((x) => {
-                r.push({"repo": x["repoName"], "project": x["projectName"], "lastRun": x["lastRun"], "scheduleTime": x["scheduleTime"]})
-            })
-            setRepoList(r)
-        } )
-        fetchRuntimeHelmCommand()
-    },[])
-
-    const handleDelete = (index) => {
-        const deleteRepo = repoList[index]
-
-        api.deleteCodeAnalysisRepo({
-            "projectName": deleteRepo["project"],
-            "repoName": deleteRepo["repo"]
-        })
-
-        const updatedRepoList = repoList.filter((_, i) => i !== index);
-        setRepoList(updatedRepoList);
-    };
-
-    const runRepo = (repo) => {
-        repo["scheduleTime"] = func.timeNow()
-        setRepoList([...repoList])
-        api.runCodeAnalysisRepo([{
-            "projectName": repo["project"],
-            "repoName": repo["repo"]
-        }])
-    }
-
-    console.log(repoList)
-
-    const primaryAction = () => {
-        const repoArray = repoNames.split(',').map(repo => repo.trim()).filter(Boolean);
-
-        const result = repoArray.map(repo => ({
-            project: projectName,
-            repo: repo
-        }));
-
-        let codeAnalysisRepos = []
-        repoArray.forEach((x) => {
-            codeAnalysisRepos.push({
-                "projectName": projectName,
-                "repoName": x
-            })
-        })
-        api.addCodeAnalysisRepo(codeAnalysisRepos)
-
-        setRepoList([...repoList, ...result])
-        setProjectName('')
-        setrepoNames('')
-    }
-
-    const isUniqueCombination = () => {
-        const repoArray = repoNames.split(',').map(repo => repo.trim()).filter(Boolean);
-        const existingCombinations = new Set(repoList.map(item => `${item.project}-${item.repo}`));
-
-        for (const repo of repoArray) {
-          const combination = `${projectName}-${repo}`;
-          if (existingCombinations.has(combination)) {
-            return false;
-          }
-        }
-        return true;
-      };
-
-    const enableButton = () => {
-        return projectName && repoNames && projectName.length > 0 && repoNames.length > 0 && isUniqueCombination();
-    }
-
     return (
-        <div className='card-items'>
-            <Text variant='bodyMd'>
-                Use BitBucket to import your APIs
-            </Text>
-
-            <span>1. Run the below command to setup Source-code-analyser service: </span>
-
-            <LegacyCard>
-                <LegacyCard.Section>
-                    <JsonComponent title="Source code analyser service command" toolTipContent="Copy command" onClickFunc={()=> rcopyCommand()} dataString={runtimeSvcCommand} language="text" minHeight="150px" />
-                </LegacyCard.Section>
-            </LegacyCard>
-
-            <LegacyCard
-                primaryFooterAction={{ content: 'Save', onAction: primaryAction, disabled: !enableButton() }}
+        <SourceCodeRepos 
+            type="BITBUCKET"
+            typeName="BitBucket"
+            orgName="Project"
             >
-                <LegacyCard.Section>
-                    <TextField onChange={(val) => setProjectName(val)} value={projectName} helpText="Name of your Project" label="Project Name" />
-                    <br />
-                    <TextField onChange={(val) => setrepoNames(val)} value={repoNames} label="Repo Name" helpText="This accepts comma separated values" />
-                    {!isUniqueCombination() && <Text color="critical" variant="bodySm" style={{ marginTop: '8px' }}>{errorMessage}</Text>}
-
-                </LegacyCard.Section>
-            </LegacyCard>
-
-
-            <VerticalStack gap="1">
-                {repoList.map((repo, index) => (
-                    <LegacyCard 
-                        key={index} 
-                        title={repo.repo} 
-                        actions={[
-                            { content: "Delete", onAction: () => { handleDelete(index) }, destructive: true },
-                            { content: "Run", onAction: () => { runRepo(repo) } },
-                        ]} sectioned={true}
-                    >
-                        <HorizontalStack align="space-between">
-                            <Text variant="bodyMd">{repo.project}</Text>
-                            <Text variant="bodyMd">
-                                {repo.lastRun >= repo.scheduleTime ? func.prettifyEpoch(repo.lastRun) : "scheduled"}
-                            </Text>
-                        </HorizontalStack>
-                    </LegacyCard>
-                ))}
-            </VerticalStack>
-        </div>
+        </SourceCodeRepos>
     )
 }
 

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/quick_start/components/GithubSource.jsx

@@ -0,0 +1,15 @@
+import SourceCodeRepos from "./shared/SourceCodeRepos";
+
+function GithubSource() {
+    return (
+        <SourceCodeRepos 
+            type="GITHUB"
+            typeName="Github"
+            orgName="Organisation"
+            >
+        </SourceCodeRepos>
+    )
+}
+
+
+export default GithubSource