Skip to content

support to load swaggers from an extension #639

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Mar 6, 2025
Merged

support to load swaggers from an extension #639

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f6fa6eb
feat: support to download differnt kinds of ext
LinuxSuRen Mar 5, 2025
91ae93a
support to load swaggers from an extension
LinuxSuRen Mar 5, 2025
0d30d5e
docs(extension): add swagger data extension and update documentation
LinuxSuRen Mar 5, 2025
46722dd
Potential fix for code scanning alert no. 69: Arbitrary file access d…
LinuxSuRen Mar 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions cmd/extension.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ type extensionOption struct {
ociDownloader downloader.PlatformAwareOCIDownloader
output string
registry string
kind string
tag string
os string
arch string
Expand All @@ -53,6 +54,7 @@ func createExtensionCommand(ociDownloader downloader.PlatformAwareOCIDownloader)
flags.StringVarP(&opt.output, "output", "", ".", "The target directory")
flags.StringVarP(&opt.tag, "tag", "", "", "The extension image tag, try to find the latest one if this is empty")
flags.StringVarP(&opt.registry, "registry", "", "", "The target extension image registry, supported: docker.io, ghcr.io")
flags.StringVarP(&opt.kind, "kind", "", "store", "The extension kind")
flags.StringVarP(&opt.os, "os", "", runtime.GOOS, "The OS")
flags.StringVarP(&opt.arch, "arch", "", runtime.GOARCH, "The architecture")
flags.DurationVarP(&opt.timeout, "timeout", "", time.Minute, "The timeout of downloading")
Expand All @@ -66,6 +68,7 @@ func (o *extensionOption) runE(cmd *cobra.Command, args []string) (err error) {
o.ociDownloader.WithRegistry(o.registry)
o.ociDownloader.WithImagePrefix(o.imagePrefix)
o.ociDownloader.WithTimeout(o.timeout)
o.ociDownloader.WithKind(o.kind)
o.ociDownloader.WithContext(cmd.Context())

for _, arg := range args {
Expand Down
11 changes: 11 additions & 0 deletions cmd/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"context"
"errors"
"fmt"
"github.com/linuxsuren/api-testing/pkg/apispec"
"net"
"net/http"
"os"
Expand Down Expand Up @@ -302,6 +303,15 @@ func (o *serverOption) runE(cmd *cobra.Command, args []string) (err error) {
_ = o.httpServer.Shutdown(ctx)
}()

go func() {
err := apispec.DownloadSwaggerData("", extDownloader)
if err != nil {
fmt.Println("failed to download swagger data", err)
} else {
fmt.Println("success to download swagger data")
}
}()

mux := runtime.NewServeMux(runtime.WithMetadata(server.MetadataStoreFunc),
runtime.WithMarshalerOption("application/json+pretty", &runtime.JSONPb{
MarshalOptions: protojson.MarshalOptions{
Expand Down Expand Up @@ -342,6 +352,7 @@ func (o *serverOption) runE(cmd *cobra.Command, args []string) (err error) {
mux.HandlePath(http.MethodGet, "/get", o.getAtestBinary)
mux.HandlePath(http.MethodPost, "/runner/{suite}/{case}", service.WebRunnerHandler)
mux.HandlePath(http.MethodGet, "/api/v1/sbom", service.SBomHandler)
mux.HandlePath(http.MethodGet, "/api/v1/swaggers", apispec.SwaggersHandler)

postRequestProxyFunc := postRequestProxy(o.skyWalking)
mux.HandlePath(http.MethodPost, "/browser/{app}", postRequestProxyFunc)
Expand Down
8 changes: 6 additions & 2 deletions console/atest-ui/src/views/TestSuite.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import { reactive, ref, watch } from 'vue'
import { Edit, CopyDocument, Delete } from '@element-plus/icons-vue'
import type { FormInstance, FormRules } from 'element-plus'
import type { Suite, TestCase, Pair } from './types'
import { NewSuggestedAPIsQuery, GetHTTPMethods } from './types'
import { NewSuggestedAPIsQuery, GetHTTPMethods, SwaggerSuggestion } from './types'
import EditButton from '../components/EditButton.vue'
import { Cache } from './cache'
import { useI18n } from 'vue-i18n'
Expand All @@ -20,6 +20,7 @@ const props = defineProps({
})
const emit = defineEmits(['updated'])
let querySuggestedAPIs = NewSuggestedAPIsQuery(Cache.GetCurrentStore().name, props.name!)
const querySwaggers = SwaggerSuggestion()

const suite = ref({
name: '',
Expand Down Expand Up @@ -325,7 +326,10 @@ const renameTestSuite = (name: string) => {
</el-select>
</td>
<td>
<el-input class="mx-1" v-model="suite.spec.url" placeholder="API Spec URL"></el-input>
<el-autocomplete
v-model="suite.spec.url"
:fetch-suggestions="querySwaggers"
/>
</td>
</tr>
</table>
Expand Down
8 changes: 7 additions & 1 deletion console/atest-ui/src/views/net.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -620,6 +620,12 @@ function GetSuggestedAPIs(name: string,
.then(callback)
}

function GetSwaggers(callback: (d: any) => void) {
fetch(`/api/v1/swaggers`, {})
.then(DefaultResponseProcess)
.then(callback)
}

function ReloadMockServer(config: any) {
const requestOptions = {
method: 'POST',
Expand Down Expand Up @@ -812,7 +818,7 @@ export const API = {
CreateOrUpdateStore, GetStores, DeleteStore, VerifyStore,
FunctionsQuery,
GetSecrets, DeleteSecret, CreateOrUpdateSecret,
GetSuggestedAPIs,
GetSuggestedAPIs, GetSwaggers,
ReloadMockServer, GetMockConfig, SBOM, DataQuery,
getToken
}
22 changes: 22 additions & 0 deletions console/atest-ui/src/views/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,28 @@
})
}
}

interface SwaggerItem {
value: string
}

export function SwaggerSuggestion() {
return function (queryString: string, cb: (arg: any) => void) {
API.GetSwaggers((e) => {
var swaggers = [] as SwaggerItem[]

Check warning on line 113 in console/atest-ui/src/views/types.ts

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

console/atest-ui/src/views/types.ts#L113 

Unexpected var, use let or const instead.
e.forEach((item: string) => {
swaggers.push({
"value": `atest://${item}`
})
})

const results = queryString ? swaggers.filter((item: SwaggerItem) => {
return item.value.toLowerCase().indexOf(queryString.toLowerCase()) != -1
}) : swaggers
cb(results.slice(0, 10))
})
}
}
export function CreateFilter(queryString: string) {
return (v: Pair) => {
return v.value.toLowerCase().indexOf(queryString.toLowerCase()) !== -1
Expand Down
6 changes: 6 additions & 0 deletions docs/site/content/zh/latest/tasks/extension.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,9 @@ atest extension orm
```shell
atest extension orm --registry ghcr.io --timeout 2ms
```

想要下载其他类型的插件的话,可以使用下面的命令:

```shell
atest extension --kind data swagger
```
1 change: 1 addition & 0 deletions extensions/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ Ports in extensions:
| Monitor | [docker-monitor](https://github.com/LinuxSuRen/atest-ext-monitor-docker) | |
| Agent | [collector](https://github.com/LinuxSuRen/atest-ext-collector) | |
| Secret | [Vault](https://github.com/LinuxSuRen/api-testing-vault-extension) | |
| Data | [Swagger](https://github.com/LinuxSuRen/atest-ext-data-swagger) | |

## Contribute a new extension

Expand Down
127 changes: 127 additions & 0 deletions pkg/apispec/remote_swagger.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,127 @@
/*
Copyright 2025 API Testing Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package apispec

import (
"archive/tar"
"compress/gzip"
"encoding/json"
"fmt"
"github.com/linuxsuren/api-testing/pkg/downloader"
"github.com/linuxsuren/api-testing/pkg/util/home"
"io"
"net/http"
"os"
"path/filepath"
)

func DownloadSwaggerData(output string, dw downloader.PlatformAwareOCIDownloader) (err error) {
dw.WithKind("data")
dw.WithOS("")

var reader io.Reader
if reader, err = dw.Download("swagger", "", ""); err != nil {
return
}

extFile := dw.GetTargetFile()

if output == "" {
output = home.GetUserDataDir()
}
if err = os.MkdirAll(filepath.Dir(output), 0755); err != nil {
return
}

targetFile := filepath.Base(extFile)
fmt.Println("start to save", filepath.Join(output, targetFile))

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High

Sensitive data returned by an access to passwdParts
Loading
flows to a logging call.

Copilot Autofix

AI 8 months ago

To fix the problem, we should avoid logging the full path that includes potentially sensitive information. Instead, we can log only the filename or a sanitized version of the path. This way, we maintain the functionality of logging progress without exposing sensitive data.

  • Modify the logging statement to exclude the sensitive parts of the path.
  • Specifically, in the DownloadSwaggerData function, change the logging statement on line 52 to log only the targetFile instead of the full path.
  • No additional methods or imports are needed for this change.
Suggested changeset 1
pkg/apispec/remote_swagger.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/pkg/apispec/remote_swagger.go b/pkg/apispec/remote_swagger.go
--- a/pkg/apispec/remote_swagger.go
+++ b/pkg/apispec/remote_swagger.go
@@ -51,3 +51,3 @@
 	targetFile := filepath.Base(extFile)
-	fmt.Println("start to save", filepath.Join(output, targetFile))
+	fmt.Println("start to save", targetFile)
 	if err = downloader.WriteTo(reader, output, targetFile); err == nil {
EOF
@@ -51,3 +51,3 @@
targetFile := filepath.Base(extFile)
fmt.Println("start to save", filepath.Join(output, targetFile))
fmt.Println("start to save", targetFile)
if err = downloader.WriteTo(reader, output, targetFile); err == nil {
Copilot is powered by AI and may make mistakes. Always verify output.
if err = downloader.WriteTo(reader, output, targetFile); err == nil {
err = decompressData(filepath.Join(output, targetFile))
}
return
}

func SwaggersHandler(w http.ResponseWriter, _ *http.Request,
_ map[string]string) {
swaggers := GetSwaggerList()
if data, err := json.Marshal(swaggers); err == nil {
_, _ = w.Write(data)
} else {
w.WriteHeader(http.StatusInternalServerError)
}
}

func GetSwaggerList() (swaggers []string) {
dataDir := home.GetUserDataDir()
_ = filepath.WalkDir(dataDir, func(path string, d os.DirEntry, err error) error {
if err != nil {
return err
}

if !d.IsDir() && filepath.Ext(path) == ".json" {
swaggers = append(swaggers, filepath.Base(path))
}
return nil
})
return
}

func decompressData(dataFile string) (err error) {
var file *os.File
file, err = os.Open(dataFile)
if err != nil {
return
}
defer file.Close()

var gzipReader *gzip.Reader
gzipReader, err = gzip.NewReader(file)
if err != nil {
return
}
defer gzipReader.Close()

tarReader := tar.NewReader(gzipReader)

for {
header, err := tarReader.Next()
if err == io.EOF {
break // 退出循环
}
if err != nil {
panic(err)
}

destPath := filepath.Join(filepath.Dir(dataFile), filepath.Base(header.Name))

switch header.Typeflag {
case tar.TypeReg:
destFile, err := os.OpenFile(destPath, os.O_CREATE|os.O_WRONLY, os.FileMode(header.Mode))
if err != nil {
panic(err)
}
defer destFile.Close()

if _, err := io.Copy(destFile, tarReader); err != nil {
panic(err)
}
default:
fmt.Printf("Skipping entry type %c: %s\n", header.Typeflag, header.Name)
}
}
return
}
17 changes: 17 additions & 0 deletions pkg/apispec/swagger.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,11 @@ package apispec

import (
"github.com/go-openapi/spec"
"github.com/linuxsuren/api-testing/pkg/util/home"
"io"
"net/http"
"os"
"path/filepath"
"regexp"
"strings"
)
Expand Down Expand Up @@ -123,13 +126,27 @@ func ParseToSwagger(data []byte) (swagger *spec.Swagger, err error) {
}

func ParseURLToSwagger(swaggerURL string) (swagger *spec.Swagger, err error) {
if strings.HasPrefix(swaggerURL, "atest://") {
swaggerURL = strings.ReplaceAll(swaggerURL, "atest://", "")
swagger, err = ParseFileToSwagger(filepath.Join(home.GetUserDataDir(), swaggerURL))
return
}

var resp *http.Response
if resp, err = http.Get(swaggerURL); err == nil && resp != nil && resp.StatusCode == http.StatusOK {
swagger, err = ParseStreamToSwagger(resp.Body)
}
return
}

func ParseFileToSwagger(dataFile string) (swagger *spec.Swagger, err error) {
var data []byte
if data, err = os.ReadFile(dataFile); err == nil {
swagger, err = ParseToSwagger(data)
}
return
}

func ParseStreamToSwagger(stream io.Reader) (swagger *spec.Swagger, err error) {
var data []byte
if data, err = io.ReadAll(stream); err == nil {
Expand Down
Loading
Loading