Merge pull request #54 from JupiterOne/sonarqube-filter-params-sdk-13.x

Sonarqube filter params sdk 13.x
JupiterOne-Archives · Aug 7, 2024 · 192c035 · 192c035
2 parents 29be46f + 69938aa
commit 192c035
Show file tree

Hide file tree

Showing 26 changed files with 5,132 additions and 3,748 deletions.
diff --git a/.env.example b/.env.example
@@ -1,3 +1,24 @@
 BASE_URL=
 API_TOKEN=
-ENABLE_FINDINGS_INGESTION=
+ENABLE_FINDINGS_INGESTION=true
+# [Optional]
+# INFO, MINOR -> LOW in API Version 2
+# MAJOR -> MEDIUM in API Version 2
+# CRITICAL BLOCKERS -> HIGH in API Version 2
+FINDING_SEVERITIES=INFO,MINOR,MAJOR,CRITICAL,BLOCKER
+# [Optional]
+# OPEN -> OPEN in API Version 2
+# CONFIRMED -> CONFIRMED' in API Version 2
+# REOPENED ->  FALSE_POSITIVE' in API Version 2
+# RESOLVED -> ACCEPTED' in API Version 2
+# CLOSED -> FIXED in API Version 2
+FINDING_STATUS=OPEN,CONFIRMED,REOPENED,RESOLVED,CLOSED 
+# [Optional]
+# To retrieve issues created during a time span before the current time (exclusive).
+# Example value: any number -> 30 60 90 ...
+FINDINGS_INGEST_SINCE_DAYS=
+# [Optional]
+# CODE_SMELL -> MAINTAINABILITY in API Version 2 
+# BUG -> RELIABILITY in API Version 2
+# VULNERABILITY: SECURITY in API Version 2
+FINDING_TYPES=CODE_SMELL,BUG,VULNERABILITY
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,24 +1,22 @@
 name: Build
-on: [push, pull_request]
+on:
+  pull_request:
+  push:
+    branches:
+      - main
 
 jobs:
   test:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      fail-fast: false
-      matrix:
-        node-version: [14.x]
-        os: [ubuntu-latest]
-
+    runs-on: ubuntu-latest
     steps:
+      - name: Check out code repository source code
+        uses: actions/checkout@v3
+
       - id: setup-node
         name: Setup Node
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
-          node-version: ${{ matrix.node-version }}
-
-      - name: Check out code repository source code
-        uses: actions/checkout@v2
+          node-version: 18.x
 
       - name: Install dependencies
         run: yarn
@@ -35,22 +33,17 @@ jobs:
     needs: test
     runs-on: ubuntu-latest
     if: github.ref == 'refs/heads/main'
-    strategy:
-      fail-fast: false
-      matrix:
-        node: [14]
-
     steps:
-      - name: Setup Node
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14.x
-
       - name: Check out repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 2
 
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18.x
+
       # Fetch tags and describe the commit before the merge commit
       # to see if it's a version publish
       - name: Fetch tags
@@ -60,6 +53,7 @@ jobs:
           then
             echo "Found version commit tag. Publishing."
             echo "publish=true" >> $GITHUB_ENV
+            echo "VERSION_NUM=`echo $(git describe --tags --abbrev=0 | sed -e "s/v//gI")`" >> $GITHUB_ENV
           else
             echo "Version commit tag not found. Not publishing."
           fi
@@ -71,4 +65,29 @@ jobs:
         run: |
           echo "//registry.npmjs.org/:_authToken=${NPM_AUTH_TOKEN}" > .npmrc
           yarn
-          npm publish
+          yarn build
+          npm publish ./dist
+
+      - name: Get Version Changelog Entry
+        if: env.publish == 'true'
+        id: changelog_reader
+        uses: mindsers/changelog-reader-action@v2
+        with:
+          version: ${{ env.VERSION_NUM }}
+          path: ./CHANGELOG.md
+        continue-on-error: true
+
+      - name: Create Release
+        if: env.publish == 'true'
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ steps.changelog_reader.outputs.version }}
+          release_name: Release ${{ steps.changelog_reader.outputs.version }}
+          body: ${{ steps.changelog_reader.outputs.changes }}
+          prerelease:
+            ${{ steps.changelog_reader.outputs.status == 'prereleased' }}
+          draft: ${{ steps.changelog_reader.outputs.status == 'unreleased' }}
+        continue-on-error: true
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:14-alpine
+FROM node:18-alpine
 
 ENV JUPITERONE_INTEGRATION_DIR=/opt/jupiterone/integration
 

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/graph-sonarqube",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "Sonarqube integration for JupiterOne",
   "repository": {
     "type": "git",
@@ -31,13 +31,14 @@
     "prepack": "yarn build"
   },
   "peerDependencies": {
-    "@jupiterone/integration-sdk-core": "^8.30.0"
+    "@jupiterone/integration-sdk-core": "^13.1.0"
   },
   "devDependencies": {
-    "@jupiterone/integration-sdk-core": "^8.30.0",
-    "@jupiterone/integration-sdk-dev-tools": "^8.30.0",
-    "@jupiterone/integration-sdk-testing": "^8.30.0",
-    "@types/node-fetch": "^2.5.10"
+    "@jupiterone/integration-sdk-core": "^13.1.0",
+    "@jupiterone/integration-sdk-dev-tools": "^13.1.0",
+    "@jupiterone/integration-sdk-testing": "^13.1.0",
+    "@types/node": "^22.0.2",
+    "@types/node-fetch": "^2.6.11"
   },
   "dependencies": {
     "node-fetch": "^2.6.1"

diff --git a/src/getStepStartStates.ts b/src/getStepStartStates.ts
@@ -10,8 +10,8 @@ export default function getStepStartStates(
 ): StepStartStates {
   context.logger.warn(
     {
-      enableFindingsIngestion: !!context.instance.config
-        .enableFindingsIngestion,
+      enableFindingsIngestion:
+        !!context.instance.config.enableFindingsIngestion,
     },
     'Findings ingestion flag',
   );

diff --git a/src/index.ts b/src/index.ts
@@ -5,10 +5,13 @@ import { integrationSteps } from './steps';
 import { SonarqubeIntegrationConfig } from './types';
 import validateInvocation from './validateInvocation';
 import getStepStartStates from './getStepStartStates';
+import { ingestionConfig } from './ingestionConfig';
 
-export const invocationConfig: IntegrationInvocationConfig<SonarqubeIntegrationConfig> = {
-  instanceConfigFields,
-  validateInvocation,
-  getStepStartStates,
-  integrationSteps,
-};
+export const invocationConfig: IntegrationInvocationConfig<SonarqubeIntegrationConfig> =
+  {
+    instanceConfigFields,
+    validateInvocation,
+    getStepStartStates,
+    integrationSteps,
+    ingestionConfig,
+  };
diff --git a/src/ingestionConfig.ts b/src/ingestionConfig.ts
@@ -0,0 +1,25 @@
+import { IntegrationIngestionConfigFieldMap } from '@jupiterone/integration-sdk-core';
+import { INGESTION_SOURCE_IDS } from './steps/constants';
+
+export const ingestionConfig: IntegrationIngestionConfigFieldMap = {
+  [INGESTION_SOURCE_IDS.FINDINGS]: {
+    title: 'Users',
+    description: 'SonarQube Issues',
+    defaultsToDisabled: false,
+  },
+  [INGESTION_SOURCE_IDS.USERS]: {
+    title: 'Users',
+    description: 'SonarQube Users',
+    defaultsToDisabled: false,
+  },
+  [INGESTION_SOURCE_IDS.PROJECT]: {
+    title: 'Projects',
+    description: 'SonarQube Projects',
+    defaultsToDisabled: false,
+  },
+  [INGESTION_SOURCE_IDS.USER_GROUPS]: {
+    title: 'User Groups',
+    description: 'SonarQube Groups',
+    defaultsToDisabled: false,
+  },
+};
diff --git a/src/instanceConfigFields.ts b/src/instanceConfigFields.ts
@@ -13,6 +13,26 @@ const instanceConfigFields: IntegrationInstanceConfigFieldMap = {
     mask: false,
     optional: true,
   },
+  findingSeverities: {
+    type: 'string',
+    mask: false,
+    optional: true,
+  },
+  findingStatus: {
+    type: 'string',
+    mask: false,
+    optional: true,
+  },
+  findingsIngestSinceDays: {
+    type: 'string',
+    mask: false,
+    optional: true,
+  },
+  findingTypes: {
+    type: 'string',
+    mask: false,
+    optional: true,
+  },
 };
 
 export default instanceConfigFields;
diff --git a/src/provider/SonarqubeClient.ts b/src/provider/SonarqubeClient.ts
@@ -55,9 +55,9 @@ export class SonarqubeClient {
   }
 
   async fetchSystemInfo() {
-    return this.makeSingularRequest('/system/info') as Promise<
-      SonarqubeSystemInfo
-    >;
+    return this.makeSingularRequest(
+      '/system/info',
+    ) as Promise<SonarqubeSystemInfo>;
   }
 
   async iterateProjects(
@@ -161,9 +161,9 @@ export class SonarqubeClient {
   }
 
   async fetchAuthenticationValidate(): Promise<ValidationResponse> {
-    return this.makeSingularRequest('/authentication/validate') as Promise<
-      ValidationResponse
-    >;
+    return this.makeSingularRequest(
+      '/authentication/validate',
+    ) as Promise<ValidationResponse>;
   }
 
   private async makeRequest(
@@ -242,10 +242,22 @@ export class SonarqubeClient {
 
       const paginationQueryParms = PaginationQueryParams[endpointVersion];
 
+      const sanitizedParams: Record<string, string> = {};
+      if (params) {
+        Object.keys(params).forEach((key) => {
+          const value = params[key];
+          if (value !== undefined) {
+            sanitizedParams[key] = Array.isArray(value)
+              ? value.join(',')
+              : value;
+          }
+        });
+      }
+
       const searchParams = new URLSearchParams({
         [paginationQueryParms.pageIndex]: String(page),
         [paginationQueryParms.pageSize]: String(ITEMS_PER_PAGE),
-        ...params,
+        ...sanitizedParams,
       });
 
       const parametizedEndpoint = `${endpoint}?${searchParams.toString()}`;

diff --git a/src/provider/types/common.ts b/src/provider/types/common.ts
@@ -27,7 +27,6 @@ export interface Pagination {
 
 export type PaginatedResponse<T extends string, U> = {
   [Key in 'paging' | 'page']: Pagination;
-} &
-  {
-    [K in T]: U[];
-  };
+} & {
+  [K in T]: U[];
+};
diff --git a/src/steps/account/converter.ts b/src/steps/account/converter.ts
@@ -26,6 +26,7 @@ export function createAccountEntity(
         _class: Entities.ACCOUNT._class,
         id,
         name,
+        vendor: 'SonarSource',
       },
     },
   });

diff --git a/src/steps/constants.ts b/src/steps/constants.ts
@@ -2,6 +2,44 @@ import { RelationshipClass } from '@jupiterone/integration-sdk-core';
 
 export const ACCOUNT_ENTITY_KEY = 'sonarqube:account';
 
+export const FINDINGS_SEVERITIES = {
+  INFO: 'LOW',
+  MINOR: 'LOW',
+  MAJOR: 'MEDIUM',
+  CRITICAL: 'HIGH',
+  BLOCKER: 'HIGH',
+};
+
+export const V1_SEVERITIES_VALUES = [
+  'INFO',
+  'MINOR',
+  'MAJOR',
+  'CRITICAL',
+  'BLOCKER',
+];
+export const V2_SEVERITIES_VALUES = ['LOW', 'MEDIUM', 'HIGH'];
+
+export const FINDING_STATUSES = {
+  OPEN: 'OPEN',
+  CONFIRMED: 'CONFIRMED',
+  REOPENED: 'FALSE_POSITIVE',
+  RESOLVED: 'ACCEPTED',
+  CLOSED: 'FIXED',
+};
+
+export const FINDING_TYPES = {
+  CODE_SMELL: 'MAINTAINABILITY',
+  BUG: 'RELIABILITY',
+  VULNERABILITY: 'SECURITY',
+};
+
+export const INGESTION_SOURCE_IDS = {
+  PROJECT: 'projects',
+  USERS: 'users',
+  USER_GROUPS: 'user-groups',
+  FINDINGS: 'findings',
+};
+
 export const Steps = {
   ACCOUNT: 'fetch-account',
   PROJECTS: 'fetch-projects',
-Original file line number
+Diff line change
@@ Expand Up / @@ -26,6 +26,7 @@ export function createAccountEntity( @@
             _class: Entities.ACCOUNT._class,
             id,
             name,
+            vendor: 'SonarSource',
           },
         },
       });
@@ Expand Down @@