Merge branch 'main' into PLUTO-1399-run-tools-for-supported-languages

Author: andrzej-janczak

.codacy/codacy.yaml

@@ -8,3 +8,4 @@ tools:
     - [email protected]
     - [email protected]
     - [email protected]
+    - [email protected]

.gitignore

@@ -33,4 +33,4 @@ codacy-cli
 .cursor/rules/codacy.mdc
 
 #Macos
-.DS_Store
+.DS_Store

cmd/analyze.go

@@ -352,6 +352,15 @@ func runDartAnalyzer(workDirectory string, pathsToCheck []string, outputFile str
 	return tools.RunDartAnalyzer(workDirectory, dartanalyzer.InstallDir, dartanalyzer.Binaries["dart"], pathsToCheck, outputFile, outputFormat)
 }
 
+func runSemgrepAnalysis(workDirectory string, pathsToCheck []string, outputFile string, outputFormat string) error {
+	semgrep := config.Config.Tools()["semgrep"]
+	if semgrep == nil {
+		log.Fatal("Semgrep tool configuration not found")
+	}
+
+	return tools.RunSemgrep(workDirectory, semgrep, pathsToCheck, outputFile, outputFormat)
+}
+
 var analyzeCmd = &cobra.Command{
 	Use:   "analyze",
 	Short: "Runs all configured linters.",
@@ -450,6 +459,8 @@ func runTool(workDirectory string, toolName string, args []string, outputFile st
 		return runPmdAnalysis(workDirectory, args, outputFile, outputFormat)
 	case "pylint":
 		return runPylintAnalysis(workDirectory, args, outputFile, outputFormat)
+	case "semgrep":
+		return runSemgrepAnalysis(workDirectory, args, outputFile, outputFormat)
 	case "dartanalyzer":
 		return runDartAnalyzer(workDirectory, args, outputFile, outputFormat)
 	default:

cmd/init.go

@@ -146,6 +146,7 @@ func configFileTemplate(tools []tools.Tool) string {
 		PyLint:       "3.3.6",
 		PMD:          "6.55.0",
 		DartAnalyzer: "3.7.2",
+		Semgrep:      "1.78.0",
 	}
 
 	// Build map of enabled tools with their versions
@@ -200,6 +201,7 @@ func configFileTemplate(tools []tools.Tool) string {
 			PyLint:       "pylint",
 			PMD:          "pmd",
 			DartAnalyzer: "dartanalyzer",
+			Semgrep:      "semgrep",
 		}
 
 		for uuid, name := range uuidToName {
@@ -214,6 +216,7 @@ func configFileTemplate(tools []tools.Tool) string {
 		sb.WriteString(fmt.Sprintf("    - pylint@%s\n", defaultVersions[PyLint]))
 		sb.WriteString(fmt.Sprintf("    - pmd@%s\n", defaultVersions[PMD]))
 		sb.WriteString(fmt.Sprintf("    - dartanalyzer@%s\n", defaultVersions[DartAnalyzer]))
+		sb.WriteString(fmt.Sprintf("    - semgrep@%s\n", defaultVersions[Semgrep]))
 	}
 
 	return sb.String()
@@ -280,7 +283,8 @@ func buildRepositoryConfigurationFiles(token string) error {
 
 	// Only generate config files for tools not using their own config file
 	for _, tool := range configuredToolsWithUI {
-		url := fmt.Sprintf("%s/api/v3/analysis/organizations/%s/%s/repositories/%s/tools/%s/patterns?enabled=true",
+
+		url := fmt.Sprintf("%s/api/v3/analysis/organizations/%s/%s/repositories/%s/tools/%s/patterns?enabled=true&limit=1000",
 			CodacyApiBase,
 			initFlags.provider,
 			initFlags.organization,
@@ -356,7 +360,7 @@ func createToolFileConfigurations(tool tools.Tool, patternConfiguration []domain
 			if err != nil {
 				return fmt.Errorf("failed to write eslint config: %v", err)
 			}
-			fmt.Println("ESLint configuration created based on Codacy settings")
+			fmt.Println("ESLint configuration created based on Codacy settings. Ignoring plugin rules. ESLint plugins are not supported yet.")
 		} else {
 			err := createDefaultEslintConfigFile(toolsConfigDir)
 			if err != nil {
@@ -410,6 +414,13 @@ func createToolFileConfigurations(tool tools.Tool, patternConfiguration []domain
 				return fmt.Errorf("failed to create Dart Analyzer config: %v", err)
 			}
 		}
+	case Semgrep:
+		if len(patternConfiguration) > 0 {
+			err := createSemgrepConfigFile(patternConfiguration, toolsConfigDir)
+			if err != nil {
+				return fmt.Errorf("failed to create Semgrep config: %v", err)
+			}
+		}
 	}
 	return nil
 }
@@ -470,6 +481,24 @@ func createDefaultEslintConfigFile(toolsConfigDir string) error {
 	return os.WriteFile(filepath.Join(toolsConfigDir, "eslint.config.mjs"), []byte(content), utils.DefaultFilePerms)
 }
 
+// SemgrepRulesFile represents the structure of the rules.yaml file
+type SemgrepRulesFile struct {
+	Rules []map[string]interface{} `yaml:"rules"`
+}
+
+// createSemgrepConfigFile creates a semgrep.yaml configuration file based on the API configuration
+func createSemgrepConfigFile(config []domain.PatternConfiguration, toolsConfigDir string) error {
+	// Use the refactored function from tools package
+	configData, err := tools.GetSemgrepConfig(config)
+
+	if err != nil {
+		return fmt.Errorf("failed to create Semgrep config: %v", err)
+	}
+
+	// Write to file
+	return os.WriteFile(filepath.Join(toolsConfigDir, "semgrep.yaml"), configData, utils.DefaultFilePerms)
+}
+
 // cleanConfigDirectory removes all previous configuration files in the tools-configs directory
 func cleanConfigDirectory(toolsConfigDir string) error {
 	// Check if directory exists
@@ -503,4 +532,5 @@ const (
 	PMD          string = "9ed24812-b6ee-4a58-9004-0ed183c45b8f"
 	PyLint       string = "31677b6d-4ae0-4f56-8041-606a8d7a8e61"
 	DartAnalyzer string = "d203d615-6cf1-41f9-be5f-e2f660f7850f"
+	Semgrep      string = "6792c561-236d-41b7-ba5e-9d6bee0d548b"
 )

cmd/upload.go

@@ -97,7 +97,7 @@ func processSarif(sarif Sarif) [][]map[string]interface{} {
 				codacyIssues = append(codacyIssues, map[string]interface{}{
 					"source":   location.PhysicalLocation.ArtifactLocation.URI,
 					"line":     location.PhysicalLocation.Region.StartLine,
-					"type":     modifiedType,
+					"type":     pattern.ID,
 					"message":  result.Message.Text,
 					"level":    pattern.Level,
 					"category": pattern.Category,
@@ -208,7 +208,7 @@ func resultsFinalWithAPIToken(commitUUID string, apiToken string, provider strin
 
 func getPatternByID(patterns []Pattern, patternID string) *Pattern {
 	for _, p := range patterns {
-		if p.ID == patternID {
+		if strings.EqualFold(p.ID, patternID) {
 			return &p
 		}
 	}

config/config.go

@@ -110,7 +110,15 @@ func NewConfigType(repositoryDirectory string, repositoryCache string, globalCac
 	c.toolsDirectory = filepath.Join(c.globalCacheDirectory, "tools")
 	c.toolsConfigDirectory = filepath.Join(c.localCodacyDirectory, "tools-configs")
 
-	c.projectConfigFile = filepath.Join(c.localCodacyDirectory, "codacy.yaml")
+	// If codacy.yml exists, we should rely on it
+	ymlPath := filepath.Join(c.localCodacyDirectory, "codacy.yml")
+	if _, err := os.Stat(ymlPath); err == nil {
+		c.projectConfigFile = ymlPath
+	} else {
+		// Otherwise default to codacy.yaml
+		c.projectConfigFile = filepath.Join(c.localCodacyDirectory, "codacy.yaml")
+	}
+
 	c.cliConfigFile = filepath.Join(c.localCodacyDirectory, "cli-config.yaml")
 
 	c.runtimes = make(map[string]*plugins.RuntimeInfo)

domain/patternConfiguration.go

@@ -6,12 +6,22 @@ type ParameterConfiguration struct {
 }
 
 type PatternDefinition struct {
-	Id       string `json:"id"`
-	Category string `json:"category"`
-	Level    string `json:"level"`
+	Id            string                   `json:"id"`
+	Category      string                   `json:"category"`
+	Level         string                   `json:"level"`
+	SeverityLevel string                   `json:"severityLevel"`
+	Enabled       bool                     `json:"enabled"`
+	Parameters    []ParameterConfiguration `json:"parameters"`
+	Title         string                   `json:"title"`
+	Description   string                   `json:"description"`
+	Explanation   string                   `json:"explanation"`
+	Languages     []string                 `json:"languages"`
+	TimeToFix     int                      `json:"timeToFix"`
 }
 
 type PatternConfiguration struct {
 	PatternDefinition PatternDefinition `json:"patternDefinition"`
 	Parameters        []ParameterConfiguration
+	Enabled           bool `json:"enabled"`
+	IsCustom          bool `json:"isCustom"`
 }

plugins/tool-utils_test.go

@@ -167,6 +167,7 @@ func TestGetSupportedTools(t *testing.T) {
 				"pylint",
 				"trivy",
 				"dartanalyzer",
+				"semgrep",
 			},
 			expectedError: false,
 		},

plugins/tools/semgrep/plugin.yaml

@@ -0,0 +1,16 @@
+name: semgrep
+description: Static Analysis Security Testing (SAST) tool
+runtime: python
+runtime_binaries:
+  package_manager: python3
+  execution: python3
+binaries:
+  - name: python
+    path: "venv/bin/python3"
+formatters:
+  - name: json
+    flag: "--json"
+output_options:
+  file_flag: "--output"
+analysis_options:
+  default_path: "."