From 86956f65b1bc2f035f11742b01433c8f67c97a9d Mon Sep 17 00:00:00 2001 From: Tom Petr Date: Wed, 15 May 2024 17:45:49 -0400 Subject: [PATCH] optionally load default configs from semgrep (#72) * optionally load default configs from semgrep * whoops --- cmd/dump.go | 2 +- cmd/relay.go | 2 +- cmd/root.go | 4 +++- pkg/config.go | 44 +++++++++++++++++++++++++++++++++++++++++++- pkg/config_test.go | 2 +- 5 files changed, 49 insertions(+), 5 deletions(-) diff --git a/cmd/dump.go b/cmd/dump.go index f76bcb0..3d6703f 100644 --- a/cmd/dump.go +++ b/cmd/dump.go @@ -13,7 +13,7 @@ var dumpCmd = &cobra.Command{ Use: "dump", Short: "Dump current config", Run: func(cmd *cobra.Command, args []string) { - config, err := pkg.LoadConfig(configFiles) + config, err := pkg.LoadConfig(configFiles, deploymentId) if err != nil { log.Panic(err) } diff --git a/cmd/relay.go b/cmd/relay.go index 1acab88..0820cd9 100644 --- a/cmd/relay.go +++ b/cmd/relay.go @@ -30,7 +30,7 @@ var relayCmd = &cobra.Command{ }() // load config(s) - config, err := pkg.LoadConfig(configFiles) + config, err := pkg.LoadConfig(configFiles, 0) if err != nil { log.Panic(err) } diff --git a/cmd/root.go b/cmd/root.go index 82b6b30..f49c8d7 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -17,6 +17,7 @@ import ( var configFiles []string var jsonLog bool +var deploymentId int var rootCmd = &cobra.Command{ Use: "semgrep-network-broker", @@ -38,7 +39,7 @@ var rootCmd = &cobra.Command{ }() // load config(s) - config, err := pkg.LoadConfig(configFiles) + config, err := pkg.LoadConfig(configFiles, deploymentId) if err != nil { log.Panic(err) } @@ -93,4 +94,5 @@ func Execute() { func init() { rootCmd.PersistentFlags().StringArrayVarP(&configFiles, "config", "c", nil, "config file(s)") rootCmd.PersistentFlags().BoolVarP(&jsonLog, "json-log", "j", false, "JSON log output") + rootCmd.PersistentFlags().IntVarP(&deploymentId, "deployment-id", "d", 0, "Semgrep deployment ID") } diff --git a/pkg/config.go b/pkg/config.go index eab806b..7c2f857 100644 --- a/pkg/config.go +++ b/pkg/config.go @@ -4,7 +4,10 @@ import ( "encoding/base64" "encoding/json" "fmt" + "io" + "net/http" "net/url" + "os" "reflect" "strings" @@ -251,8 +254,47 @@ type Config struct { Outbound OutboundProxyConfig `mapstructure:"outbound" json:"outbound"` } -func LoadConfig(configFiles []string) (*Config, error) { +func LoadConfig(configFiles []string, deploymentId int) (*Config, error) { config := new(Config) + + if deploymentId > 0 { + hostname := os.Getenv("SEMGREP_HOSTNAME") + if hostname == "" { + hostname = "semgrep.dev" + } + url := url.URL{ + Scheme: "https", + Host: hostname, + Path: fmt.Sprintf("/api/broker/%d/default-config", deploymentId), + } + + resp, err := http.Get(url.String()) + if err != nil { + return nil, fmt.Errorf("failed to request default broker config from %v: %v", hostname, err) + } + + if resp.StatusCode != 200 { + return nil, fmt.Errorf("failed to request default config from %s: HTTP %v", url.String(), resp.StatusCode) + } + + f, err := os.CreateTemp("", "default-config*.json") + if err != nil { + return nil, fmt.Errorf("failed to create temp file to store default config: %v", err) + } + defer func() { + f.Close() + os.Remove(f.Name()) + }() + + io.Copy(f, resp.Body) + defer resp.Body.Close() + + viper.SetConfigFile(f.Name()) + if err := viper.MergeInConfig(); err != nil { + return nil, fmt.Errorf("failed to merge config file '%s': %v", f.Name(), err) + } + } + for i := range configFiles { viper.SetConfigFile(configFiles[i]) if err := viper.MergeInConfig(); err != nil { diff --git a/pkg/config_test.go b/pkg/config_test.go index 29cd98c..b7fdded 100644 --- a/pkg/config_test.go +++ b/pkg/config_test.go @@ -11,7 +11,7 @@ import ( ) func TestEmptyConfigs(t *testing.T) { - config, err := LoadConfig(nil) + config, err := LoadConfig(nil, 0) if err != nil { t.Error(err) }