codewhisperer: golang support (#4037)

* feat(codewhisperer): security scans for golang

* fix styling issue

* add changelog

* address comments

* address comments

Author: ctlai95

.changes/next-release/feature-81157d0b-9a89-44f1-9fd3-467605f0c538.json

@@ -0,0 +1,4 @@
+{
+  "type" : "feature",
+  "description" : "CodeWhisperer security scans now support Go files."
+}

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/CodeScanSessionConfig.kt

@@ -223,6 +223,7 @@ sealed class CodeScanSessionConfig(
                 CodewhispererLanguage.Json -> CloudFormationJsonCodeScanSessionConfig(file, project)
                 CodewhispererLanguage.Tf,
                 CodewhispererLanguage.Hcl -> TerraformCodeScanSessionConfig(file, project)
+                CodewhispererLanguage.Go -> GoCodeScanSessionConfig(file, project)
                 CodewhispererLanguage.Ruby -> RubyCodeScanSessionConfig(file, project)
                 else -> fileFormatNotSupported(file.extension ?: "")
             }

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/GoCodeScanSessionConfig.kt

@@ -0,0 +1,114 @@
+// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.services.codewhisperer.codescan.sessionconfig
+
+import com.intellij.openapi.project.Project
+import com.intellij.openapi.roots.ProjectRootManager
+import com.intellij.openapi.vfs.VirtualFile
+import com.intellij.util.containers.addIfNotNull
+import software.aws.toolkits.core.utils.exists
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererConstants
+import software.aws.toolkits.resources.message
+import java.io.IOException
+import java.nio.file.Path
+import java.util.stream.Collectors
+import kotlin.io.path.isDirectory
+import kotlin.io.path.listDirectoryEntries
+
+internal class GoCodeScanSessionConfig(
+    private val selectedFile: VirtualFile,
+    private val project: Project
+) : CodeScanSessionConfig(selectedFile, project) {
+    private val importRegex = Regex("^\\s*import\\s+([^(]+?\$|\\([^)]+\\))", RegexOption.MULTILINE)
+    private val moduleRegex = Regex("\"[^\"\\r\\n]+\"", RegexOption.MULTILINE)
+
+    private val projectContentRoots = ProjectRootManager.getInstance(project).contentRoots
+
+    override val sourceExt: List<String> = listOf(".go")
+
+    override fun overallJobTimeoutInSeconds(): Long = CodeWhispererConstants.GO_CODE_SCAN_TIMEOUT_IN_SECONDS
+
+    override fun getPayloadLimitInBytes(): Int = CodeWhispererConstants.GO_PAYLOAD_LIMIT_IN_BYTES
+
+    private fun extractModulePaths(importGroup: String): Set<String> {
+        val modulePaths = mutableSetOf<String>()
+        val moduleMatcher = moduleRegex.toPattern().matcher(importGroup)
+        while (moduleMatcher.find()) {
+            val match = moduleMatcher.group()
+            modulePaths.add(match.substring(1, match.length - 1))
+        }
+        return modulePaths.toSet()
+    }
+
+    fun parseImports(file: VirtualFile): List<String> {
+        val imports = mutableSetOf<String>()
+        try {
+            file.inputStream.use {
+                val lines = it.bufferedReader().lines().collect(Collectors.joining("\n"))
+                val importMatcher = importRegex.toPattern().matcher(lines)
+                while (importMatcher.find()) {
+                    val goalImports = extractModulePaths(importMatcher.group())
+                    imports.addAll(goalImports)
+                }
+            }
+        } catch (e: IOException) {
+            error(message("codewhisperer.codescan.cannot_read_file", file.path))
+        }
+        return imports.toList()
+    }
+
+    private fun generateSourceFilePath(modulePath: String, dirPath: String): Path? {
+        if (modulePath.isEmpty()) {
+            return null
+        }
+        val packageDir = getPath(dirPath, modulePath)
+        val slashPos = modulePath.indexOf("/")
+        val newModulePath = if (slashPos != -1) modulePath.substring(slashPos + 1) else ""
+        return if (packageDir?.exists() == true) packageDir else generateSourceFilePath(newModulePath, dirPath)
+    }
+
+    private fun getImportedPackages(file: VirtualFile): List<Path> {
+        val importedPackages = mutableListOf<Path>()
+        val imports = parseImports(file)
+        projectContentRoots.forEach { root ->
+            imports.forEach { importPath ->
+                val importedFilePath = generateSourceFilePath(importPath, root.path)
+                importedPackages.addIfNotNull(importedFilePath)
+            }
+        }
+        return importedPackages
+    }
+
+    private fun getSiblingFiles(file: VirtualFile): List<Path> = listGoFilesInDir(file.parent.toNioPath()).filter {
+        it.fileName.toString() != file.name
+    }
+
+    private fun listGoFilesInDir(path: Path): List<Path> = path.listDirectoryEntries().filter {
+        !it.isDirectory() && it.fileName.toString().endsWith(sourceExt[0])
+    }
+
+    override fun getImportedFiles(file: VirtualFile, includedSourceFiles: Set<String>): List<String> {
+        val importedFiles = mutableListOf<String>()
+        val importedFilePaths = mutableListOf<String>()
+
+        val siblingFiles = getSiblingFiles(file)
+        siblingFiles.forEach { sibling ->
+            importedFilePaths.addIfNotNull(sibling.toFile().toVirtualFile()?.path)
+        }
+
+        val importedPackages = getImportedPackages(file)
+        importedPackages.forEach { pkg ->
+            val files = listGoFilesInDir(pkg)
+                .mapNotNull { it.toFile().toVirtualFile()?.path }
+            importedFilePaths.addAll(files)
+        }
+
+        val validSourceFiles = importedFilePaths.filter { !includedSourceFiles.contains(it) }
+        validSourceFiles.forEach { validFile ->
+            importedFiles.add(validFile)
+        }
+
+        return importedFiles
+    }
+}

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererConstants.kt

@@ -79,6 +79,8 @@ object CodeWhispererConstants {
     const val PYTHON_PAYLOAD_LIMIT_IN_BYTES = 1024 * 200 // 200KB
     const val JS_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60
     const val JS_PAYLOAD_LIMIT_IN_BYTES = 1024 * 200 // 200KB
+    const val GO_CODE_SCAN_TIMEOUT_IN_SECONDS: Long = 60
+    const val GO_PAYLOAD_LIMIT_IN_BYTES = 1024 * 1024 // 1MB
     const val CODE_SCAN_POLLING_INTERVAL_IN_SECONDS: Long = 5
     const val CODE_SCAN_CREATE_PAYLOAD_TIMEOUT_IN_SECONDS: Long = 10
     const val TOTAL_BYTES_IN_KB = 1024

jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererGoCodeScanTest.kt

@@ -0,0 +1,200 @@
+// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.services.codewhisperer.codescan
+
+import com.intellij.openapi.vfs.VirtualFile
+import org.assertj.core.api.Assertions.assertThat
+import org.junit.Before
+import org.junit.Test
+import org.junit.jupiter.api.assertThrows
+import org.mockito.kotlin.any
+import org.mockito.kotlin.spy
+import org.mockito.kotlin.stub
+import software.aws.toolkits.jetbrains.services.codewhisperer.codescan.sessionconfig.CodeScanSessionConfig
+import software.aws.toolkits.jetbrains.services.codewhisperer.codescan.sessionconfig.GoCodeScanSessionConfig
+import software.aws.toolkits.jetbrains.utils.rules.PythonCodeInsightTestFixtureRule
+import software.aws.toolkits.telemetry.CodewhispererLanguage
+import java.io.BufferedInputStream
+import java.util.zip.ZipInputStream
+import kotlin.io.path.relativeTo
+import kotlin.test.assertNotNull
+
+class CodeWhispererGoCodeScanTest : CodeWhispererCodeScanTestBase(PythonCodeInsightTestFixtureRule()) {
+    internal lateinit var mainGo: VirtualFile
+    internal lateinit var helpGo: VirtualFile
+    internal lateinit var numberGo: VirtualFile
+    internal lateinit var sessionConfigSpy: GoCodeScanSessionConfig
+
+    private var totalSize: Long = 0
+    private var totalLines: Long = 0
+
+    @Before
+    override fun setup() {
+        super.setup()
+        setupGoProject()
+        sessionConfigSpy = spy(CodeScanSessionConfig.create(mainGo, project) as GoCodeScanSessionConfig)
+        setupResponse(mainGo.toNioPath().relativeTo(sessionConfigSpy.projectRoot.toNioPath()))
+
+        mockClient.stub {
+            onGeneric { createUploadUrl(any()) }.thenReturn(fakeCreateUploadUrlResponse)
+            onGeneric { createCodeScan(any(), any()) }.thenReturn(fakeCreateCodeScanResponse)
+            onGeneric { getCodeScan(any(), any()) }.thenReturn(fakeGetCodeScanResponse)
+            onGeneric { listCodeScanFindings(any(), any()) }.thenReturn(fakeListCodeScanFindingsResponse)
+        }
+    }
+
+    @Test
+    fun `test createPayload`() {
+        val payload = sessionConfigSpy.createPayload()
+        assertNotNull(payload)
+        assertThat(payload.context.totalFiles).isEqualTo(3)
+
+        assertThat(payload.context.scannedFiles.size).isEqualTo(3)
+        assertThat(payload.context.scannedFiles).containsExactly(mainGo, helpGo, numberGo)
+
+        assertThat(payload.context.srcPayloadSize).isEqualTo(totalSize)
+        assertThat(payload.context.language).isEqualTo(CodewhispererLanguage.Go)
+        assertThat(payload.context.totalLines).isEqualTo(totalLines)
+        assertNotNull(payload.srcZip)
+
+        val bufferedInputStream = BufferedInputStream(payload.srcZip.inputStream())
+        val zis = ZipInputStream(bufferedInputStream)
+        var filesInZip = 0
+        while (zis.nextEntry != null) {
+            filesInZip += 1
+        }
+
+        assertThat(filesInZip).isEqualTo(3)
+    }
+
+    @Test
+    fun `test getSourceFilesUnderProjectRoot`() {
+        assertThat(sessionConfigSpy.getSourceFilesUnderProjectRoot(mainGo).size).isEqualTo(3)
+    }
+
+    @Test
+    fun `test parseImport()`() {
+        val mainGoImports = sessionConfigSpy.parseImports(mainGo)
+        assertThat(mainGoImports.size).isEqualTo(2)
+
+        val helpGoImports = sessionConfigSpy.parseImports(helpGo)
+        assertThat(helpGoImports.size).isEqualTo(1)
+
+        val numberGoImports = sessionConfigSpy.parseImports(numberGo)
+        assertThat(numberGoImports.size).isEqualTo(1)
+    }
+
+    @Test
+    fun `test getImportedFiles()`() {
+        val files = sessionConfigSpy.getImportedFiles(mainGo, setOf())
+        assertNotNull(files)
+        assertThat(files).hasSize(2)
+        assertThat(files).contains(helpGo.path)
+        assertThat(files).contains(numberGo.path)
+    }
+
+    @Test
+    fun `test includeDependencies()`() {
+        val payloadMetadata = sessionConfigSpy.includeDependencies()
+        assertNotNull(payloadMetadata)
+        assertThat(sessionConfigSpy.isProjectTruncated()).isFalse
+        assertThat(payloadMetadata.sourceFiles.size).isEqualTo(3)
+        assertThat(payloadMetadata.payloadSize).isEqualTo(totalSize)
+        assertThat(payloadMetadata.linesScanned).isEqualTo(totalLines)
+        assertThat(payloadMetadata.buildPaths).hasSize(0)
+    }
+
+    @Test
+    fun `selected file larger than payload limit throws exception`() {
+        sessionConfigSpy.stub {
+            onGeneric { getPayloadLimitInBytes() }.thenReturn(100)
+        }
+        assertThrows<CodeWhispererCodeScanException> {
+            sessionConfigSpy.createPayload()
+        }
+    }
+
+    @Test
+    fun `test createPayload with custom payload limit`() {
+        sessionConfigSpy.stub {
+            onGeneric { getPayloadLimitInBytes() }.thenReturn(300)
+        }
+        val payload = sessionConfigSpy.createPayload()
+        assertNotNull(payload)
+        assertThat(sessionConfigSpy.isProjectTruncated()).isTrue
+        assertThat(payload.context.totalFiles).isEqualTo(2)
+
+        assertThat(payload.context.scannedFiles.size).isEqualTo(2)
+        assertThat(payload.context.scannedFiles).containsExactly(mainGo, helpGo)
+
+        assertThat(payload.context.srcPayloadSize).isEqualTo(220)
+        assertThat(payload.context.language).isEqualTo(CodewhispererLanguage.Go)
+        assertThat(payload.context.totalLines).isEqualTo(17)
+        assertNotNull(payload.srcZip)
+
+        val bufferedInputStream = BufferedInputStream(payload.srcZip.inputStream())
+        val zis = ZipInputStream(bufferedInputStream)
+        var filesInZip = 0
+        while (zis.nextEntry != null) {
+            filesInZip += 1
+        }
+
+        assertThat(filesInZip).isEqualTo(2)
+    }
+
+    @Test
+    fun `test e2e with session run() function`() {
+        assertE2ERunsSuccessfully(sessionConfigSpy, projectRule.project, totalLines, 3, totalSize, 2)
+    }
+
+    private fun setupGoProject() {
+        mainGo = projectRule.fixture.addFileToProject(
+            "/main.go",
+            """
+                package main
+                
+                import (
+                        "example/random-number/util"
+                        "fmt"
+                )
+                
+                func main() {
+                        fmt.Printf("Number: %d\n", util.RandomNumber())
+                }
+            """.trimIndent()
+        ).virtualFile
+        totalSize += mainGo.length
+        totalLines += mainGo.toNioPath().toFile().readLines().size
+
+        helpGo = projectRule.fixture.addFileToProject(
+            "/help.go",
+            """
+                package main
+
+                import "fmt"
+
+                func Help() {
+                        fmt.Printf("./main")
+                }
+            """.trimIndent()
+        ).virtualFile
+        totalSize += helpGo.length
+        totalLines += helpGo.toNioPath().toFile().readLines().size
+
+        numberGo = projectRule.fixture.addFileToProject(
+            "/util/number.go",
+            """
+                package util
+
+                import "math/rand"
+
+                func RandomNumber() int {
+                        return rand.Intn(100)
+                }
+            """.trimIndent()
+        ).virtualFile
+        totalSize += numberGo.length
+        totalLines += numberGo.toNioPath().toFile().readLines().size
+    }
+}