CodeWhisperer security scans support for Ruby files. (#4033)

* CodeWhisperer security scans support for Ruby files along with Test Cases.

* CW: Code Refactoring

* CW: Updates in Ruby Test Cases in Security scans

* CW: Text changes

---------

Co-authored-by: Laxman Reddy <[email protected]>

Author: laileni-aws

.changes/next-release/feature-6a101625-f0e1-4ed9-939e-57e2f90cb253.json

@@ -0,0 +1,4 @@
+{
+  "type" : "feature",
+  "description" : "CodeWhisperer security scans support ruby files."
+}

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/CodeScanSessionConfig.kt

@@ -223,6 +223,7 @@ sealed class CodeScanSessionConfig(
                 CodewhispererLanguage.Json -> CloudFormationJsonCodeScanSessionConfig(file, project)
                 CodewhispererLanguage.Tf,
                 CodewhispererLanguage.Hcl -> TerraformCodeScanSessionConfig(file, project)
+                CodewhispererLanguage.Ruby -> RubyCodeScanSessionConfig(file, project)
                 else -> fileFormatNotSupported(file.extension ?: "")
             }
     }

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/RubyCodeScanSessionConfig.kt

@@ -0,0 +1,132 @@
+// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.services.codewhisperer.codescan.sessionconfig
+
+import com.intellij.openapi.project.Project
+import com.intellij.openapi.roots.ProjectRootManager
+import com.intellij.openapi.vfs.VirtualFile
+import com.intellij.util.containers.addIfNotNull
+import software.aws.toolkits.core.utils.exists
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererConstants
+import software.aws.toolkits.resources.message
+import java.io.IOException
+
+internal class RubyCodeScanSessionConfig(
+    private val selectedFile: VirtualFile,
+    private val project: Project
+) : CodeScanSessionConfig(selectedFile, project) {
+
+    private val importRegex = Regex("^(require|require_relative|load|include|extend)\\s+('[^']+'|\"[^\"]+\"|\\w+)(\\s+as\\s+(\\w+))?")
+    private val projectContentRoots = ProjectRootManager.getInstance(project).contentRoots
+    override val sourceExt: List<String> = listOf(".rb")
+
+    override fun overallJobTimeoutInSeconds(): Long = CodeWhispererConstants.RUBY_CODE_SCAN_TIMEOUT_IN_SECONDS
+    override fun getPayloadLimitInBytes(): Int = CodeWhispererConstants.RUBY_PAYLOAD_LIMIT_IN_BYTES
+
+    private fun generateModulePaths(inputPath: String): MutableSet<String> {
+        val positionOfExt = inputPath.indexOf(sourceExt[0])
+        val inputPathString = if (positionOfExt != -1) {
+            inputPath.substring(0, positionOfExt).trim()
+        } else {
+            inputPath
+        }
+        val inputPaths = inputPathString.split('/')
+        val outputPaths = mutableSetOf<String>()
+        for (i in inputPaths.indices) {
+            val outputPath = inputPaths.subList(0, i + 1).joinToString(FILE_SEPARATOR.toString())
+            outputPaths.add(outputPath)
+        }
+        return outputPaths
+    }
+
+    private fun getModulePath(modulePathStr: String): MutableSet<String> {
+        val pos = modulePathStr.indexOf(" ${CodeWhispererConstants.AS} ")
+        val modifiedModulePathStr = if (pos != -1) {
+            modulePathStr.substring(0, pos)
+        } else {
+            modulePathStr
+        }
+
+        return generateModulePaths(modifiedModulePathStr.replace(Regex("[\",'\\s()]"), "").trim())
+    }
+
+    private fun extractModulePaths(importStr: String): Set<String> {
+        val modulePaths = mutableSetOf<String>()
+        val requireKeyword = CodeWhispererConstants.REQUIRE
+        val requireRelativeKeyword = CodeWhispererConstants.REQUIRE_RELATIVE
+        val includeKeyword = CodeWhispererConstants.INCLUDE
+        val extendKeyword = CodeWhispererConstants.EXTEND
+        val loadKeyword = CodeWhispererConstants.LOAD
+
+        var keyword: String? = null
+
+        when {
+            importStr.startsWith(requireRelativeKeyword) -> {
+                keyword = requireRelativeKeyword
+            }
+            importStr.startsWith(requireKeyword) -> {
+                keyword = requireKeyword
+            }
+            importStr.startsWith(includeKeyword) -> {
+                keyword = includeKeyword
+            }
+            importStr.startsWith(extendKeyword) -> {
+                keyword = extendKeyword
+            }
+            importStr.startsWith(loadKeyword) -> {
+                keyword = loadKeyword
+            }
+        }
+
+        if (keyword != null) {
+            val modulePathStr = importStr
+                .substring(keyword.length)
+                .trim()
+                .replace(Regex("\\s+"), "")
+            modulePaths.addAll(getModulePath(modulePathStr))
+        }
+
+        return modulePaths
+    }
+
+    fun parseImports(file: VirtualFile): List<String> {
+        val imports = mutableSetOf<String>()
+        try {
+            file.inputStream.use {
+                it.bufferedReader().lines().forEach { line ->
+                    val importMatcher = importRegex.toPattern().matcher(line)
+                    if (importMatcher.find()) {
+                        val modulePathLine = line.replace(";", "")
+                        val goalImports = extractModulePaths(modulePathLine)
+                        imports.addAll(goalImports)
+                    }
+                }
+            }
+        } catch (e: IOException) {
+            error(message("codewhisperer.codescan.cannot_read_file", file.path))
+        }
+        return imports.toList()
+    }
+
+    override fun getImportedFiles(file: VirtualFile, includedSourceFiles: Set<String>): List<String> {
+        val importedFiles = mutableListOf<String>()
+        val imports = parseImports(file)
+        val importedFilePaths = mutableListOf<String>()
+
+        projectContentRoots.forEach { root ->
+            imports.forEach { importPath ->
+                val importedFilePath = getPath(root.path, importPath + sourceExt[0])
+                if (importedFilePath?.exists() == true) {
+                    importedFilePaths.addIfNotNull(importedFilePath.toFile().toVirtualFile()?.path)
+                }
+            }
+        }
+
+        val validSourceFiles = importedFilePaths.filter { it !in includedSourceFiles }
+        validSourceFiles.forEach { validFile ->
+            importedFiles.add(validFile)
+        }
+        return importedFiles
+    }
+}

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererConstants.kt

@@ -39,6 +39,12 @@ object CodeWhispererConstants {
     const val USING: String = "using"
     const val GLOBAL_USING: String = "global using"
     const val STATIC: String = "static"
+    const val REQUIRE: String = "require"
+    const val REQUIRE_RELATIVE: String = "require_relative"
+    const val LOAD: String = "load"
+    const val INCLUDE: String = "include"
+    const val EXTEND: String = "extend"
+    const val AS: String = " as "
 
     // TODO: this is currently set to 2050 to account for the server side 0.5 TPS and and extra 50 ms buffer to
     // avoid ThrottlingException as much as possible.
@@ -63,6 +69,8 @@ object CodeWhispererConstants {
     const val JAVA_PAYLOAD_LIMIT_IN_BYTES = 1024 * 1024 // 1MB
     const val CSHARP_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60
     const val CSHARP_PAYLOAD_LIMIT_IN_BYTES = 1024 * 1024 // 1MB
+    const val RUBY_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60
+    const val RUBY_PAYLOAD_LIMIT_IN_BYTES = 1024 * 1024 // 1MB
     const val CLOUDFORMATION_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60
     const val CLOUDFORMATION_PAYLOAD_LIMIT_IN_BYTES = 1024 * 200 // 200KB
     const val TERRAFORM_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60