codeclient

package module

v1.11.2 Latest Latest Go to latest Published: Dec 12, 2024 License: MIT Imports: 12 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/snyk/code-client-go

Links

Open Source Insights

README ¶

code-client-go

A library that exposes scanning capabilities for Snyk Code that can be used in the Snyk CLI as well as Snyk IDE plugins using the Snyk Language Server.

Installation

$ go get github.com/snyk/code-client-go

Usage

HTTP Client

Use the HTTP client to make HTTP requests with configured retriable codes and authorisation headers for Snyk Rest APIs.

You can either configure the client using the functional options pattern provided or by implementing the interfaces.

Provide a net/http.Client factory to customize the underlying HTTP protocol behavior (timeouts, etc).

import (
    "net/http"

    "github.com/rs/zerolog"
    codeClientHTTP "github.com/snyk/code-client-go/http"
    codeClientObservability  "github.com/snyk/code-client-go/observability"
)

logger := zerlog.NewLogger(...)
instrumentor := codeClientObservability.NewInstrumentor()
errorReporter := codeClientObservability.NewErrorReporter()
httpClient := codeClientHTTP.NewHTTPClient(
    func() *http.Client {
        return &http.Client{
            Timeout: time.Duration(1) * time.Second,
        }
    },
    codeClientHTTP.WithRetryCount(1),
    codeClientHTTP.WithLogger(logger),
    codeClientHTTP.WithInstrumentor(instrumentor),
    codeClientHTTP.WithErrorReporter(errorReporter),
)

The HTTP client exposes a Do function.

Target

Use the target to record the target of a scan, which can be either a folder enhanced with repository metadata or a repository.

import (
    codeClientScan  "github.com/snyk/code-client-go/scan"
)

target, _ := codeClientScan.NewRepositoryTarget(path)

target, _ := codeClientScan.NewRepositoryTarget(path, codeClientScan.WithRepositoryUrl("https://github.com/snyk/code-client-go.git"))

Tracker Factory

Use the tracker factory to generate a tracker used to update the consumer of the client with frequent progress updates.

The tracker either exposes an interface with two Begin and End functions or an implementation that doesn't do anything.

import (
    codeClientScan  "github.com/snyk/code-client-go/scan"
)

trackerFactory := codeClientScan.NewNoopTrackerFactory()

tracker := trackerFactory.GenerateTracker()
tracker.Begin()
...
tracker.End()

Configuration

Implement the config.Config interface to configure the Snyk Code API client from applications.

Code Scanner

Use the Code Scanner to trigger a scan for a Snyk Code workspace using the Bundle Manager created above.

The Code Scanner exposes a UploadAndAnalyze function, which can be used like this:

import (
    codeClient  "github.com/snyk/code-client-go"
)

config := newConfigForMyApp()
codeScanner := codeClient.NewCodeScanner(
    httpClient,
    config,
	codeClient.WithTrackerFactory(trackerFactory),
    codeClientHTTP.WithLogger(logger),
    codeClientHTTP.WithInstrumentor(instrumentor),
    codeClientHTTP.WithErrorReporter(errorReporter),
)
codeScanner.UploadAndAnalyze(context.Background(), requestId, target, channelForWalkingFiles, changedFiles)

Observability

Under ./observability we have defined some observability interfaces which allows consumers of the library to inject their own observability implementations as long as they follow the defined interfaces.

Documentation ¶

Index ¶

func NewCodeScanner(config config.Config, httpClient codeClientHTTP.HTTPClient, ...) *codeScanner
type CodeScanner
type OptionFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewCodeScanner ¶ added in v0.4.0

func NewCodeScanner(
	config config.Config,
	httpClient codeClientHTTP.HTTPClient,
	options ...OptionFunc,
) *codeScanner

NewCodeScanner creates a Code Scanner which can be used to trigger Snyk Code on a folder.

Types ¶

type CodeScanner ¶ added in v0.4.0

type CodeScanner interface {
	UploadAndAnalyze(
		ctx context.Context,
		requestId string,
		target scan.Target,
		files <-chan string,
		changedFiles map[string]bool,
	) (*sarif.SarifResponse, string, error)
}

type OptionFunc ¶ added in v1.4.4

type OptionFunc func(*codeScanner)

func WithErrorReporter ¶ added in v1.4.4

func WithErrorReporter(errorReporter observability.ErrorReporter) OptionFunc

func WithFlow ¶ added in v1.7.0

func WithFlow(flow string) OptionFunc

func WithInstrumentor ¶ added in v1.4.4

func WithInstrumentor(instrumentor observability.Instrumentor) OptionFunc

func WithLogger ¶ added in v1.4.4

func WithLogger(logger *zerolog.Logger) OptionFunc

func WithTrackerFactory ¶ added in v1.6.0

func WithTrackerFactory(trackerFactory scan.TrackerFactory) OptionFunc

Source Files ¶

View all Source files

scan.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
config
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
http Package http defines the HTTP client used to interact with the Snyk Code API.	Package http defines the HTTP client used to interact with the Snyk Code API.
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
internal
analysis
analysis/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
bundle
bundle/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
deepcode * © 2024 Snyk Limited All rights reserved.	* © 2024 Snyk Limited All rights reserved.
deepcode/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
orchestration/2024-02-16 Package v20240216 provides primitives to interact with the openapi HTTP API.	Package v20240216 provides primitives to interact with the openapi HTTP API.
orchestration/2024-02-16/common Package v20240216 provides primitives to interact with the openapi HTTP API.	Package v20240216 provides primitives to interact with the openapi HTTP API.
orchestration/2024-02-16/parameters Package v20240216 provides primitives to interact with the openapi HTTP API.	Package v20240216 provides primitives to interact with the openapi HTTP API.
orchestration/2024-02-16/scans Package v20240216 provides primitives to interact with the openapi HTTP API.	Package v20240216 provides primitives to interact with the openapi HTTP API.
util
util/encoding
util/testutil * © 2024 Snyk Limited All rights reserved.	* © 2024 Snyk Limited All rights reserved.
workspace/2024-05-14 Package v20240514 provides primitives to interact with the openapi HTTP API.	Package v20240514 provides primitives to interact with the openapi HTTP API.
workspace/2024-05-14/common Package v20240514 provides primitives to interact with the openapi HTTP API.	Package v20240514 provides primitives to interact with the openapi HTTP API.
workspace/2024-05-14/links Package v20240514 provides primitives to interact with the openapi HTTP API.	Package v20240514 provides primitives to interact with the openapi HTTP API.
workspace/2024-05-14/mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
workspace/2024-05-14/parameters Package v20240514 provides primitives to interact with the openapi HTTP API.	Package v20240514 provides primitives to interact with the openapi HTTP API.
workspace/2024-05-14/workspaces Package v20240514 provides primitives to interact with the openapi HTTP API.	Package v20240514 provides primitives to interact with the openapi HTTP API.
observability
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
sarif
scan * © 2024 Snyk Limited All rights reserved.	* © 2024 Snyk Limited All rights reserved.
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.