Active Scanning and Replacing (AWS) Tokens (#1265)

Author: Vitalie D

Gemfile.lock

@@ -325,7 +325,7 @@ GEM
     rb-fsevent (0.9.8)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rbtrace (0.4.12)
+    rbtrace (0.4.14)
       ffi (>= 1.0.6)
       msgpack (>= 0.4.3)
       optimist (>= 3.0.0)

lib/travis/api/v3/models/scan_result.rb

@@ -0,0 +1,30 @@
+
+module Travis::API::V3
+  class Models::ScanResult
+    attr_reader :id, :log_id, :job_id, :owner_id, :owner_type, :created_at, :formatted_content, :issues_found, :archived, :purged_at, :token, :token_created_at,
+      :job_number, :build_id, :build_number, :job_finished_at, :commit_sha, :commit_compare_url, :commit_branch, :repository_id
+
+    def initialize(attributes = {})
+      @id = attributes.fetch('id')
+      @log_id = attributes.fetch('log_id')
+      @job_id = attributes.fetch('job_id')
+      @owner_id = attributes.fetch('owner_id')
+      @owner_type = attributes.fetch('owner_type')
+      @created_at = attributes.fetch('created_at')
+      @formatted_content = attributes.fetch('formatted_content')
+      @issues_found = attributes.fetch('issues_found')
+      @archived = attributes.fetch('archived')
+      @purged_at = attributes.fetch('purged_at')
+      @token = attributes.fetch('token')
+      @token_created_at = attributes.fetch('token_created_at')
+      @job_number = attributes.fetch('job_number')
+      @build_id = attributes.fetch('build_id')
+      @build_number = attributes.fetch('build_number')
+      @job_finished_at = attributes.fetch('job_finished_at')
+      @commit_sha = attributes.fetch('commit_sha')
+      @commit_compare_url = attributes.fetch('commit_compare_url')
+      @commit_branch = attributes.fetch('commit_branch')
+      @repository_id = attributes.fetch('repository_id')
+    end
+  end
+end

lib/travis/api/v3/models/scanner_collection.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Travis::API::V3
+  class Models::ScannerCollection
+    def initialize(collection, total_count)
+      @collection = collection
+      @total_count = total_count
+    end
+
+    def count(*)
+      @total_count
+    end
+
+    def limit(*)
+      self
+    end
+
+    def offset(*)
+      self
+    end
+
+    def map
+      return @collection.map unless block_given?
+
+      @collection.map { |x| yield x }
+    end
+
+    def to_sql
+      "scanner_query:#{Time.now.to_i}"
+    end
+  end
+end

lib/travis/api/v3/permissions/repository.rb

@@ -42,6 +42,10 @@ def create_request?
       write?
     end
 
+    def check_scan_results?
+      write?
+    end
+
     def admin?
       access_control.adminable? object
     end

lib/travis/api/v3/queries/scan_result.rb

@@ -0,0 +1,15 @@
+module Travis::API::V3
+  class Queries::ScanResult < RemoteQuery
+    params :id
+
+    def find
+      scanner_client.get_scan_result(id)
+    end
+
+    private
+
+    def scanner_client
+      @_scanner_client ||= ScannerClient.new(nil)
+    end
+  end
+end

lib/travis/api/v3/queries/scan_results.rb

@@ -0,0 +1,22 @@
+module Travis::API::V3
+  class Queries::ScanResults < Query
+    params :repository_id, :offset, :limit
+
+    def all
+      # Reset the scan status on viewing the reports
+      Repository.find(repository_id).update!(scan_failed_at: nil)
+
+      page = (offset.to_i / limit.to_i) + 1
+      scanner_client(repository_id).scan_results(
+        page.to_s,
+        limit
+      )
+    end
+
+    private
+
+    def scanner_client(repository_id)
+      @_scanner_client ||= ScannerClient.new(repository_id)
+    end
+  end
+end

lib/travis/api/v3/renderer/repository.rb

@@ -1,9 +1,9 @@
 module Travis::API::V3
   class Renderer::Repository < ModelRenderer
     representation(:minimal,  :id, :name, :slug)
-    representation(:standard, :id, :name, :slug, :description, :github_id, :vcs_id, :vcs_type, :github_language, :active, :private, :owner, :owner_name, :vcs_name, :default_branch, :starred, :managed_by_installation, :active_on_org, :migration_status, :history_migration_status, :shared, :config_validation, :server_type)
-    representation(:experimental, :id, :name, :slug, :description, :vcs_id, :vcs_type, :github_id, :github_language, :active, :private, :owner, :default_branch, :starred, :current_build, :last_started_build, :next_build_number, :server_type)
-    representation(:internal, :id, :name, :slug, :github_id, :vcs_id, :vcs_type, :active, :private, :owner, :default_branch, :private_key, :token, :user_settings, :server_type)
+    representation(:standard, :id, :name, :slug, :description, :github_id, :vcs_id, :vcs_type, :github_language, :active, :private, :owner, :owner_name, :vcs_name, :default_branch, :starred, :managed_by_installation, :active_on_org, :migration_status, :history_migration_status, :shared, :config_validation, :server_type, :scan_failed_at)
+    representation(:experimental, :id, :name, :slug, :description, :vcs_id, :vcs_type, :github_id, :github_language, :active, :private, :owner, :default_branch, :starred, :current_build, :last_started_build, :next_build_number, :server_type, :scan_failed_at)
+    representation(:internal, :id, :name, :slug, :github_id, :vcs_id, :vcs_type, :active, :private, :owner, :default_branch, :private_key, :token, :user_settings, :server_type, :scan_failed_at)
     representation(:additional, :allow_migration)
 
     hidden_representations(:experimental, :internal)

lib/travis/api/v3/renderer/scan_result.rb

@@ -0,0 +1,27 @@
+module Travis::API::V3
+  class Renderer::ScanResult < ModelRenderer
+    representation(:minimal, :id, :created_at, :formatted_content, :issues_found, :job_id, :build_id, :job_number, :build_number, :job_finished_at,
+                             :commit_sha, :commit_compare_url, :commit_branch, :build_created_by)
+    representation(:standard, *representations[:minimal])
+
+    def build_created_by
+      job = Travis::API::V3::Models::Job.find(model.job_id)
+      build = Travis::API::V3::Models::Build.find(job.source_id)
+      return nil unless creator = build.sender
+      {
+        '@type' => build.sender_type.downcase,
+        '@href' => created_by_href(creator),
+        '@representation' => 'minimal'.freeze,
+        'id' => creator.id,
+        'login' => creator.login
+      }
+    end
+
+    private def created_by_href(creator)
+      case creator
+      when V3::Models::Organization then Renderer.href(:organization, script_name: script_name, id: creator.id)
+      when V3::Models::User         then Renderer.href(:user, script_name: script_name, id: creator.id)
+      end
+    end
+  end
+end

lib/travis/api/v3/renderer/scan_results.rb

@@ -0,0 +1,6 @@
+module Travis::API::V3
+  class Renderer::ScanResults < CollectionRenderer
+    type           :scan_results
+    collection_key :scan_results
+  end
+end

lib/travis/api/v3/routes.rb

@@ -283,6 +283,16 @@ module Routes
       end
     end
 
+    resource :scan_results do
+      route '/scan_results'
+      get :all
+    end
+
+    resource :scan_result do
+      route '/scan_result/{scan_result.id}'
+      get :find
+    end
+
     resource :user do
       capture id: :digit
       route '/user/{user.id}'