optionally load default configs from semgrep (#72)

* optionally load default configs from semgrep * whoops
semgrep · May 15, 2024 · 86956f6 · 86956f6
1 parent cfab7b1
commit 86956f6
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 5 deletions.
diff --git a/cmd/dump.go b/cmd/dump.go
@@ -13,7 +13,7 @@ var dumpCmd = &cobra.Command{
 	Use:   "dump",
 	Short: "Dump current config",
 	Run: func(cmd *cobra.Command, args []string) {
-		config, err := pkg.LoadConfig(configFiles)
+		config, err := pkg.LoadConfig(configFiles, deploymentId)
 		if err != nil {
 			log.Panic(err)
 		}

diff --git a/cmd/relay.go b/cmd/relay.go
@@ -30,7 +30,7 @@ var relayCmd = &cobra.Command{
 		}()
 
 		// load config(s)
-		config, err := pkg.LoadConfig(configFiles)
+		config, err := pkg.LoadConfig(configFiles, 0)
 		if err != nil {
 			log.Panic(err)
 		}

diff --git a/cmd/root.go b/cmd/root.go
@@ -17,6 +17,7 @@ import (
 
 var configFiles []string
 var jsonLog bool
+var deploymentId int
 
 var rootCmd = &cobra.Command{
 	Use:     "semgrep-network-broker",
@@ -38,7 +39,7 @@ var rootCmd = &cobra.Command{
 		}()
 
 		// load config(s)
-		config, err := pkg.LoadConfig(configFiles)
+		config, err := pkg.LoadConfig(configFiles, deploymentId)
 		if err != nil {
 			log.Panic(err)
 		}
@@ -93,4 +94,5 @@ func Execute() {
 func init() {
 	rootCmd.PersistentFlags().StringArrayVarP(&configFiles, "config", "c", nil, "config file(s)")
 	rootCmd.PersistentFlags().BoolVarP(&jsonLog, "json-log", "j", false, "JSON log output")
+	rootCmd.PersistentFlags().IntVarP(&deploymentId, "deployment-id", "d", 0, "Semgrep deployment ID")
 }
diff --git a/pkg/config.go b/pkg/config.go
@@ -4,7 +4,10 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+	"io"
+	"net/http"
 	"net/url"
+	"os"
 	"reflect"
 	"strings"
 
@@ -251,8 +254,47 @@ type Config struct {
 	Outbound OutboundProxyConfig `mapstructure:"outbound" json:"outbound"`
 }
 
-func LoadConfig(configFiles []string) (*Config, error) {
+func LoadConfig(configFiles []string, deploymentId int) (*Config, error) {
 	config := new(Config)
+
+	if deploymentId > 0 {
+		hostname := os.Getenv("SEMGREP_HOSTNAME")
+		if hostname == "" {
+			hostname = "semgrep.dev"
+		}
+		url := url.URL{
+			Scheme: "https",
+			Host:   hostname,
+			Path:   fmt.Sprintf("/api/broker/%d/default-config", deploymentId),
+		}
+
+		resp, err := http.Get(url.String())
+		if err != nil {
+			return nil, fmt.Errorf("failed to request default broker config from %v: %v", hostname, err)
+		}
+
+		if resp.StatusCode != 200 {
+			return nil, fmt.Errorf("failed to request default config from %s: HTTP %v", url.String(), resp.StatusCode)
+		}
+
+		f, err := os.CreateTemp("", "default-config*.json")
+		if err != nil {
+			return nil, fmt.Errorf("failed to create temp file to store default config: %v", err)
+		}
+		defer func() {
+			f.Close()
+			os.Remove(f.Name())
+		}()
+
+		io.Copy(f, resp.Body)
+		defer resp.Body.Close()
+
+		viper.SetConfigFile(f.Name())
+		if err := viper.MergeInConfig(); err != nil {
+			return nil, fmt.Errorf("failed to merge config file '%s': %v", f.Name(), err)
+		}
+	}
+
 	for i := range configFiles {
 		viper.SetConfigFile(configFiles[i])
 		if err := viper.MergeInConfig(); err != nil {

diff --git a/pkg/config_test.go b/pkg/config_test.go
@@ -11,7 +11,7 @@ import (
 )
 
 func TestEmptyConfigs(t *testing.T) {
-	config, err := LoadConfig(nil)
+	config, err := LoadConfig(nil, 0)
 	if err != nil {
 		t.Error(err)
 	}