mirror of
https://github.com/coder/coder.git
synced 2025-07-10 23:53:15 +00:00
chore!: remove JFrog integration (#17353)
- Removes displaying XRay scan results in the dashboard. I'm not sure anyone was even using this integration so it's just debt for us to maintain. We can open up a separate issue to get rid of the db tables once we know for sure that we haven't broken anyone.
This commit is contained in:
Jon Ayers
GitHub
@ -470,16 +470,6 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
|
||||
r.Get("/", api.userQuietHoursSchedule)
|
||||
r.Put("/", api.putUserQuietHoursSchedule)
|
||||
})
|
||||
r.Route("/integrations", func(r chi.Router) {
|
||||
r.Use(
|
||||
apiKeyMiddleware,
|
||||
api.jfrogEnabledMW,
|
||||
)
|
||||
|
||||
r.Post("/jfrog/xray-scan", api.postJFrogXrayScan)
|
||||
r.Get("/jfrog/xray-scan", api.jFrogXrayScan)
|
||||
})
|
||||
|
||||
// The /notifications base route is mounted by the AGPL router, so we can't group it here.
|
||||
// Additionally, because we have a static route for /notifications/templates/system which conflicts
|
||||
// with the below route, we need to register this route without any mounts or groups to make both work.
|
||||
|
||||
@ -1,120 +0,0 @@
|
||||
package coderd
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/google/uuid"
|
||||
|
||||
"github.com/coder/coder/v2/coderd/database"
|
||||
"github.com/coder/coder/v2/coderd/httpapi"
|
||||
"github.com/coder/coder/v2/codersdk"
|
||||
)
|
||||
|
||||
// Post workspace agent results for a JFrog XRay scan.
|
||||
//
|
||||
// @Summary Post JFrog XRay scan by workspace agent ID.
|
||||
// @ID post-jfrog-xray-scan-by-workspace-agent-id
|
||||
// @Security CoderSessionToken
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Tags Enterprise
|
||||
// @Param request body codersdk.JFrogXrayScan true "Post JFrog XRay scan request"
|
||||
// @Success 200 {object} codersdk.Response
|
||||
// @Router /integrations/jfrog/xray-scan [post]
|
||||
func (api *API) postJFrogXrayScan(rw http.ResponseWriter, r *http.Request) {
|
||||
ctx := r.Context()
|
||||
|
||||
var req codersdk.JFrogXrayScan
|
||||
if !httpapi.Read(ctx, rw, r, &req) {
|
||||
return
|
||||
}
|
||||
|
||||
err := api.Database.UpsertJFrogXrayScanByWorkspaceAndAgentID(ctx, database.UpsertJFrogXrayScanByWorkspaceAndAgentIDParams{
|
||||
WorkspaceID: req.WorkspaceID,
|
||||
AgentID: req.AgentID,
|
||||
// #nosec G115 - Vulnerability counts are small and fit in int32
|
||||
Critical: int32(req.Critical),
|
||||
// #nosec G115 - Vulnerability counts are small and fit in int32
|
||||
High: int32(req.High),
|
||||
// #nosec G115 - Vulnerability counts are small and fit in int32
|
||||
Medium: int32(req.Medium),
|
||||
ResultsUrl: req.ResultsURL,
|
||||
})
|
||||
if httpapi.Is404Error(err) {
|
||||
httpapi.ResourceNotFound(rw)
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
httpapi.InternalServerError(rw, err)
|
||||
return
|
||||
}
|
||||
|
||||
httpapi.Write(ctx, rw, http.StatusCreated, codersdk.Response{
|
||||
Message: "Successfully inserted JFrog XRay scan!",
|
||||
})
|
||||
}
|
||||
|
||||
// Get workspace agent results for a JFrog XRay scan.
|
||||
//
|
||||
// @Summary Get JFrog XRay scan by workspace agent ID.
|
||||
// @ID get-jfrog-xray-scan-by-workspace-agent-id
|
||||
// @Security CoderSessionToken
|
||||
// @Produce json
|
||||
// @Tags Enterprise
|
||||
// @Param workspace_id query string true "Workspace ID"
|
||||
// @Param agent_id query string true "Agent ID"
|
||||
// @Success 200 {object} codersdk.JFrogXrayScan
|
||||
// @Router /integrations/jfrog/xray-scan [get]
|
||||
func (api *API) jFrogXrayScan(rw http.ResponseWriter, r *http.Request) {
|
||||
var (
|
||||
ctx = r.Context()
|
||||
vals = r.URL.Query()
|
||||
p = httpapi.NewQueryParamParser()
|
||||
wsID = p.RequiredNotEmpty("workspace_id").UUID(vals, uuid.UUID{}, "workspace_id")
|
||||
agentID = p.RequiredNotEmpty("agent_id").UUID(vals, uuid.UUID{}, "agent_id")
|
||||
)
|
||||
|
||||
if len(p.Errors) > 0 {
|
||||
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
|
||||
Message: "Invalid query params.",
|
||||
Validations: p.Errors,
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
scan, err := api.Database.GetJFrogXrayScanByWorkspaceAndAgentID(ctx, database.GetJFrogXrayScanByWorkspaceAndAgentIDParams{
|
||||
WorkspaceID: wsID,
|
||||
AgentID: agentID,
|
||||
})
|
||||
if httpapi.Is404Error(err) {
|
||||
httpapi.ResourceNotFound(rw)
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
httpapi.InternalServerError(rw, err)
|
||||
return
|
||||
}
|
||||
|
||||
httpapi.Write(ctx, rw, http.StatusOK, codersdk.JFrogXrayScan{
|
||||
WorkspaceID: scan.WorkspaceID,
|
||||
AgentID: scan.AgentID,
|
||||
Critical: int(scan.Critical),
|
||||
High: int(scan.High),
|
||||
Medium: int(scan.Medium),
|
||||
ResultsURL: scan.ResultsUrl,
|
||||
})
|
||||
}
|
||||
|
||||
func (api *API) jfrogEnabledMW(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
||||
// This doesn't actually use the external auth feature but we want
|
||||
// to lock this behind an enterprise license and it's somewhat
|
||||
// related to external auth (in that it is JFrog integration).
|
||||
if !api.Entitlements.Enabled(codersdk.FeatureMultipleExternalAuth) {
|
||||
httpapi.RouteNotFound(rw)
|
||||
return
|
||||
}
|
||||
|
||||
next.ServeHTTP(rw, r)
|
||||
})
|
||||
}
|
||||
@ -1,122 +0,0 @@
|
||||
package coderd_test
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/coder/coder/v2/coderd/coderdtest"
|
||||
"github.com/coder/coder/v2/coderd/database"
|
||||
"github.com/coder/coder/v2/coderd/database/dbfake"
|
||||
"github.com/coder/coder/v2/coderd/rbac"
|
||||
"github.com/coder/coder/v2/codersdk"
|
||||
"github.com/coder/coder/v2/enterprise/coderd/coderdenttest"
|
||||
"github.com/coder/coder/v2/enterprise/coderd/license"
|
||||
"github.com/coder/coder/v2/testutil"
|
||||
)
|
||||
|
||||
func TestJFrogXrayScan(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
t.Run("Post/Get", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
ownerClient, db, owner := coderdenttest.NewWithDatabase(t, &coderdenttest.Options{
|
||||
LicenseOptions: &coderdenttest.LicenseOptions{
|
||||
Features: license.Features{codersdk.FeatureMultipleExternalAuth: 1},
|
||||
},
|
||||
})
|
||||
|
||||
tac, ta := coderdtest.CreateAnotherUser(t, ownerClient, owner.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
wsResp := dbfake.WorkspaceBuild(t, db, database.WorkspaceTable{
|
||||
OrganizationID: owner.OrganizationID,
|
||||
OwnerID: ta.ID,
|
||||
}).WithAgent().Do()
|
||||
|
||||
ws := coderdtest.MustWorkspace(t, tac, wsResp.Workspace.ID)
|
||||
require.Len(t, ws.LatestBuild.Resources, 1)
|
||||
require.Len(t, ws.LatestBuild.Resources[0].Agents, 1)
|
||||
|
||||
agentID := ws.LatestBuild.Resources[0].Agents[0].ID
|
||||
expectedPayload := codersdk.JFrogXrayScan{
|
||||
WorkspaceID: ws.ID,
|
||||
AgentID: agentID,
|
||||
Critical: 19,
|
||||
High: 5,
|
||||
Medium: 3,
|
||||
ResultsURL: "https://hello-world",
|
||||
}
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitMedium)
|
||||
err := tac.PostJFrogXrayScan(ctx, expectedPayload)
|
||||
require.NoError(t, err)
|
||||
|
||||
resp1, err := tac.JFrogXRayScan(ctx, ws.ID, agentID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, expectedPayload, resp1)
|
||||
|
||||
// Can update again without error.
|
||||
expectedPayload = codersdk.JFrogXrayScan{
|
||||
WorkspaceID: ws.ID,
|
||||
AgentID: agentID,
|
||||
Critical: 20,
|
||||
High: 22,
|
||||
Medium: 8,
|
||||
ResultsURL: "https://goodbye-world",
|
||||
}
|
||||
err = tac.PostJFrogXrayScan(ctx, expectedPayload)
|
||||
require.NoError(t, err)
|
||||
|
||||
resp2, err := tac.JFrogXRayScan(ctx, ws.ID, agentID)
|
||||
require.NoError(t, err)
|
||||
require.NotEqual(t, expectedPayload, resp1)
|
||||
require.Equal(t, expectedPayload, resp2)
|
||||
})
|
||||
|
||||
t.Run("MemberPostUnauthorized", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
ownerClient, db, owner := coderdenttest.NewWithDatabase(t, &coderdenttest.Options{
|
||||
LicenseOptions: &coderdenttest.LicenseOptions{
|
||||
Features: license.Features{codersdk.FeatureMultipleExternalAuth: 1},
|
||||
},
|
||||
})
|
||||
|
||||
memberClient, member := coderdtest.CreateAnotherUser(t, ownerClient, owner.OrganizationID)
|
||||
|
||||
wsResp := dbfake.WorkspaceBuild(t, db, database.WorkspaceTable{
|
||||
OrganizationID: owner.OrganizationID,
|
||||
OwnerID: member.ID,
|
||||
}).WithAgent().Do()
|
||||
|
||||
ws := coderdtest.MustWorkspace(t, memberClient, wsResp.Workspace.ID)
|
||||
require.Len(t, ws.LatestBuild.Resources, 1)
|
||||
require.Len(t, ws.LatestBuild.Resources[0].Agents, 1)
|
||||
|
||||
agentID := ws.LatestBuild.Resources[0].Agents[0].ID
|
||||
expectedPayload := codersdk.JFrogXrayScan{
|
||||
WorkspaceID: ws.ID,
|
||||
AgentID: agentID,
|
||||
Critical: 19,
|
||||
High: 5,
|
||||
Medium: 3,
|
||||
ResultsURL: "https://hello-world",
|
||||
}
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitMedium)
|
||||
err := memberClient.PostJFrogXrayScan(ctx, expectedPayload)
|
||||
require.Error(t, err)
|
||||
cerr, ok := codersdk.AsError(err)
|
||||
require.True(t, ok)
|
||||
require.Equal(t, http.StatusNotFound, cerr.StatusCode())
|
||||
|
||||
err = ownerClient.PostJFrogXrayScan(ctx, expectedPayload)
|
||||
require.NoError(t, err)
|
||||
|
||||
// We should still be able to fetch.
|
||||
resp1, err := memberClient.JFrogXRayScan(ctx, ws.ID, agentID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, expectedPayload, resp1)
|
||||
})
|
||||
}
|
||||
Reference in New Issue
Block a user