11384223641

Committed 17 Oct 2024 11:42AM UTC coverage: 54.724%. First build

Build # 11384223641

Build Type

Pull #4773

github

Committed by

web-flow

Commit Message

Merge 254333563 into 1d818b17d

Pull Request Pull Request #4773: Change defaults for pull request rules

Run Details

6 of 18 new or added lines in 2 files covered. (33.33%)

14921 of 27266 relevant lines covered (54.72%)

41.4 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.47

/internal/engine/eval/trusty/config.go

// SPDX-FileCopyrightText: Copyright 2023 The Minder Authors
// SPDX-License-Identifier: Apache-2.0

// Package trusty provides an evaluator that uses the trusty API
package trusty

import (
        "fmt"
        "strings"

        "github.com/go-playground/validator/v10"
        "github.com/go-viper/mapstructure/v2"

        "github.com/mindersec/minder/internal/engine/eval/pr_actions"
        pbinternal "github.com/mindersec/minder/internal/proto"
)

var (
        // SummaryScore is the score to use for the summary score
        SummaryScore = "score"
        // DefaultScore is the default score to use
        DefaultScore           = ""
        defaultAction          = pr_actions.ActionReviewPr
        defaultEcosystemConfig = []ecosystemConfig{
                {
                        Name:            "npm",
                        Score:           5.0,
                        Provenance:      5.0,
                        Activity:        5.0,
                        AllowMalicious:  false,
                        AllowDeprecated: false,
                },
                {
                        Name:            "pypi",
                        Score:           5.0,
                        Provenance:      5.0,
                        Activity:        5.0,
                        AllowDeprecated: false,
                },
                {
                        Name:            "go",
                        Score:           5.0,
                        Provenance:      5.0,
                        Activity:        5.0,
                        AllowDeprecated: false,
                },
        }
)

type ecosystemConfig struct {
        Name string `json:"name" mapstructure:"name" validate:"required"`

        // Score is the score to use for the ecosystem. The actual score
        // evaluated depends on the `evaluate_score` field.
        Score float64 `json:"score" mapstructure:"score" validate:"required"`

        // The provenance field contains the minimal provenance score
        // to consider the origin of the package as trusted.
        Provenance float64 `json:"provenance" mapstructure:"provenance"`

        // Activity is the minimal activity score that minder needs to find to
        // consider the package as trustworthy.
        Activity float64 `json:"activity" mapstructure:"activity"`

        // AllowMalicious disables blocking PRs introducing malicious dependencies
        AllowMalicious bool `json:"allow_malicious" mapstructure:"allow_malicious"`

        // AllowDeprecated disables blocking pull requests introducing deprecated packages
        AllowDeprecated bool `json:"allow_deprecated" mapstructure:"allow_deprecated"`
}

// config is the configuration for the trusty evaluator
type config struct {
        Action          pr_actions.Action `json:"action" mapstructure:"action" validate:"required"`
        EcosystemConfig []ecosystemConfig `json:"ecosystem_config" mapstructure:"ecosystem_config" validate:"required"`
}

func populateDefaultsIfEmpty(ruleCfg map[string]any) {
        if ruleCfg["ecosystem_config"] == nil {
                ruleCfg["ecosystem_config"] = defaultEcosystemConfig
        } else if ecoCfg, ok := ruleCfg["ecosystem_config"].([]interface{}); ok && len(ecoCfg) == 0 {
                ruleCfg["ecosystem_config"] = defaultEcosystemConfig
        }
        if ruleCfg["action"] == nil {
                ruleCfg["action"] = defaultAction
        }
}

func parseConfig(ruleCfg map[string]any) (*config, error) {
        populateDefaultsIfEmpty(ruleCfg)

        var conf config
        validate := validator.New(validator.WithRequiredStructEnabled())

        if err := mapstructure.Decode(ruleCfg, &conf); err != nil {
                return nil, fmt.Errorf("could not parse config: %w", err)
        }

        if err := validate.Struct(&conf); err != nil {
                return nil, fmt.Errorf("config failed validation: %w", err)
        }

        return &conf, nil
}

func (c *config) getEcosystemConfig(ecosystem pbinternal.DepEcosystem) *ecosystemConfig {
        sEco := ecosystem.AsString()
        if sEco == "" {
                return nil
        }
        sEco = strings.ToLower(sEco)

        for _, eco := range c.EcosystemConfig {
                if strings.ToLower(eco.Name) == sEco {
                        return &eco
                }
        }

        return nil
}

1	// SPDX-FileCopyrightText: Copyright 2023 The Minder Authors
2	// SPDX-License-Identifier: Apache-2.0
3
4	// Package trusty provides an evaluator that uses the trusty API
5	package trusty
6
7	import (
8	"fmt"
9	"strings"
10
11	"github.com/go-playground/validator/v10"
12	"github.com/go-viper/mapstructure/v2"
13
14	"github.com/mindersec/minder/internal/engine/eval/pr_actions"
15	pbinternal "github.com/mindersec/minder/internal/proto"
16	)
17
18	var (
19	// SummaryScore is the score to use for the summary score
20	SummaryScore = "score"
21	// DefaultScore is the default score to use
22	DefaultScore = ""
23	defaultAction = pr_actions.ActionReviewPr
24	defaultEcosystemConfig = []ecosystemConfig{
25	{
26	Name: "npm",
27	Score: 5.0,
28	Provenance: 5.0,
29	Activity: 5.0,
30	AllowMalicious: false,
31	AllowDeprecated: false,
32	},
33	{
34	Name: "pypi",
35	Score: 5.0,
36	Provenance: 5.0,
37	Activity: 5.0,
38	AllowDeprecated: false,
39	},
40	{
41	Name: "go",
42	Score: 5.0,
43	Provenance: 5.0,
44	Activity: 5.0,
45	AllowDeprecated: false,
46	},
47	}
48	)
49
50	type ecosystemConfig struct {
51	Name string `json:"name" mapstructure:"name" validate:"required"`
52
53	// Score is the score to use for the ecosystem. The actual score
54	// evaluated depends on the `evaluate_score` field.
55	Score float64 `json:"score" mapstructure:"score" validate:"required"`
56
57	// The provenance field contains the minimal provenance score
58	// to consider the origin of the package as trusted.
59	Provenance float64 `json:"provenance" mapstructure:"provenance"`
60
61	// Activity is the minimal activity score that minder needs to find to
62	// consider the package as trustworthy.
63	Activity float64 `json:"activity" mapstructure:"activity"`
64
65	// AllowMalicious disables blocking PRs introducing malicious dependencies
66	AllowMalicious bool `json:"allow_malicious" mapstructure:"allow_malicious"`
67
68	// AllowDeprecated disables blocking pull requests introducing deprecated packages
69	AllowDeprecated bool `json:"allow_deprecated" mapstructure:"allow_deprecated"`
70	}
71
72	// config is the configuration for the trusty evaluator
73	type config struct {
74	Action pr_actions.Action `json:"action" mapstructure:"action" validate:"required"`
75	EcosystemConfig []ecosystemConfig `json:"ecosystem_config" mapstructure:"ecosystem_config" validate:"required"`
76	}
77
78	func populateDefaultsIfEmpty(ruleCfg map[string]any) {	3✔
79	if ruleCfg["ecosystem_config"] == nil {	3✔
NEW 80	ruleCfg["ecosystem_config"] = defaultEcosystemConfig	×
81	} else if ecoCfg, ok := ruleCfg["ecosystem_config"].([]interface{}); ok && len(ecoCfg) == 0 {	3✔
NEW 82	ruleCfg["ecosystem_config"] = defaultEcosystemConfig	×
NEW 83	}	×
84	if ruleCfg["action"] == nil {	4✔
85	ruleCfg["action"] = defaultAction	1✔
86	}	1✔
87	}
88
89	func parseConfig(ruleCfg map[string]any) (*config, error) {	3✔
90	populateDefaultsIfEmpty(ruleCfg)	3✔
91		3✔
92	var conf config	3✔
93	validate := validator.New(validator.WithRequiredStructEnabled())	3✔
94		3✔
95	if err := mapstructure.Decode(ruleCfg, &conf); err != nil {	4✔
96	return nil, fmt.Errorf("could not parse config: %w", err)	1✔
97	}	1✔
98
99	if err := validate.Struct(&conf); err != nil {	2✔
100	return nil, fmt.Errorf("config failed validation: %w", err)	×
101	}	×
102
103	return &conf, nil	2✔
104	}
105
106	func (c config) getEcosystemConfig(ecosystem pbinternal.DepEcosystem) ecosystemConfig {	6✔
107	sEco := ecosystem.AsString()	6✔
108	if sEco == "" {	6✔
109	return nil	×
110	}	×
111	sEco = strings.ToLower(sEco)	6✔
112		6✔
113	for _, eco := range c.EcosystemConfig {	12✔
114	if strings.ToLower(eco.Name) == sEco {	12✔
115	return &eco	6✔
116	}	6✔
117	}
118
119	return nil	×
120	}

mindersec / minder / 11384223641

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous