refactor(#9): move gitlab logic to specific repository package

A first step to adding github is to isolate gitlab

Author: sacha-c

internal/cli/patrol.go

@@ -6,12 +6,13 @@ import (
 	"os/exec"
 	"sheriff/internal/config"
 	"sheriff/internal/git"
-	"sheriff/internal/gitlab"
 	"sheriff/internal/patrol"
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"sheriff/internal/slack"
 	"strings"
 
+	"github.com/rs/zerolog/log"
 	"github.com/urfave/cli/v2"
 )
 
@@ -124,7 +125,7 @@ func PatrolAction(cCtx *cli.Context) error {
 	slackToken := cCtx.String(slackTokenFlag)
 
 	// Create services
-	gitlabService, err := gitlab.New(gitlabToken)
+	gitlabService, err := repo.NewGitlabService(gitlabToken)
 	if err != nil {
 		return errors.Join(errors.New("failed to create GitLab service"), err)
 	}
@@ -149,7 +150,8 @@ func PatrolAction(cCtx *cli.Context) error {
 	if warn, err := patrolService.Patrol(config); err != nil {
 		return errors.Join(errors.New("failed to scan"), err)
 	} else if warn != nil {
-		return cli.Exit("Patrol was partially successful, some errors occurred. Check the logs for more information.", 1)
+		log.Err(warn).Msg("Patrol was partially successful, some errors occurred.")
+		return cli.Exit("Exiting patrol with partial success", 1)
 	}
 
 	return nil

internal/patrol/patrol.go

@@ -8,15 +8,14 @@ import (
 	"os"
 	"sheriff/internal/config"
 	"sheriff/internal/git"
-	"sheriff/internal/gitlab"
 	"sheriff/internal/publish"
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"sheriff/internal/slack"
 	"sync"
 
 	"github.com/elliotchance/pie/v2"
 	"github.com/rs/zerolog/log"
-	gogitlab "github.com/xanzy/go-gitlab"
 	"golang.org/x/exp/slices"
 )
 
@@ -30,7 +29,7 @@ type securityPatroller interface {
 
 // sheriffService is the implementation of the SecurityPatroller interface.
 type sheriffService struct {
-	gitlabService gitlab.IService
+	gitlabService repo.IService
 	slackService  slack.IService
 	gitService    git.IService
 	osvService    scanner.VulnScanner[scanner.OsvReport]
@@ -39,7 +38,7 @@ type sheriffService struct {
 // New creates a new securityPatroller service.
 // It contains the main "loop" logic of this tool.
 // A "patrol" is defined as scanning GitLab groups for vulnerabilities and publishing reports where needed.
-func New(gitlabService gitlab.IService, slackService slack.IService, gitService git.IService, osvService scanner.VulnScanner[scanner.OsvReport]) securityPatroller {
+func New(gitlabService repo.IService, slackService slack.IService, gitService git.IService, osvService scanner.VulnScanner[scanner.OsvReport]) securityPatroller {
 	return &sheriffService{
 		gitlabService: gitlabService,
 		slackService:  slackService,
@@ -127,10 +126,10 @@ func (s *sheriffService) scanAndGetReports(locations []config.ProjectLocation) (
 		wg.Add(1)
 		go func(reportsChan chan<- scanner.Report) {
 			defer wg.Done()
-			log.Info().Str("project", project.Name).Msg("Scanning project")
+			log.Info().Str("project", project.Path).Msg("Scanning project")
 			if report, err := s.scanProject(project); err != nil {
-				log.Error().Err(err).Str("project", project.Name).Msg("Failed to scan project, skipping.")
-				err = errors.Join(fmt.Errorf("failed to scan project %v", project.Name), err)
+				log.Error().Err(err).Str("project", project.Path).Msg("Failed to scan project, skipping.")
+				err = errors.Join(fmt.Errorf("failed to scan project %v", project.Path), err)
 				warn = errors.Join(err, warn)
 				reportsChan <- scanner.Report{Project: project, Error: true}
 			} else {
@@ -154,31 +153,31 @@ func (s *sheriffService) scanAndGetReports(locations []config.ProjectLocation) (
 }
 
 // scanProject scans a project for vulnerabilities using the osv scanner.
-func (s *sheriffService) scanProject(project gogitlab.Project) (report *scanner.Report, err error) {
+func (s *sheriffService) scanProject(project repo.Project) (report *scanner.Report, err error) {
 	dir, err := os.MkdirTemp(tempScanDir, fmt.Sprintf("%v-", project.Name))
 	if err != nil {
 		return nil, errors.Join(errors.New("failed to create project temporary directory"), err)
 	}
 	defer os.RemoveAll(dir)
 
 	// Clone the project
-	log.Info().Str("project", project.Name).Str("dir", dir).Msg("Cloning project")
-	if err = s.gitService.Clone(dir, project.HTTPURLToRepo); err != nil {
+	log.Info().Str("project", project.Path).Str("dir", dir).Msg("Cloning project")
+	if err = s.gitService.Clone(dir, project.RepoUrl); err != nil {
 		return nil, errors.Join(errors.New("failed to clone project"), err)
 	}
 
-	config := config.GetProjectConfiguration(project.NameWithNamespace, dir)
+	config := config.GetProjectConfiguration(project.Path, dir)
 
 	// Scan the project
-	log.Info().Str("project", project.Name).Msg("Running osv-scanner")
+	log.Info().Str("project", project.Path).Msg("Running osv-scanner")
 	osvReport, err := s.osvService.Scan(dir)
 	if err != nil {
-		log.Error().Err(err).Str("project", project.Name).Msg("Failed to run osv-scanner")
+		log.Error().Err(err).Str("project", project.Path).Msg("Failed to run osv-scanner")
 		return nil, errors.Join(errors.New("failed to run osv-scanner"), err)
 	}
 
 	r := s.osvService.GenerateReport(project, osvReport)
-	log.Info().Str("project", project.Name).Msg("Finished scanning with osv-scanner")
+	log.Info().Str("project", project.Path).Msg("Finished scanning with osv-scanner")
 
 	r.ProjectConfig = config
 

internal/patrol/patrol_test.go

@@ -2,13 +2,13 @@ package patrol
 
 import (
 	"sheriff/internal/config"
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"testing"
 
 	"github.com/slack-go/slack"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
-	"github.com/xanzy/go-gitlab"
 )
 
 func TestNewService(t *testing.T) {
@@ -19,7 +19,7 @@ func TestNewService(t *testing.T) {
 
 func TestScanNoProjects(t *testing.T) {
 	mockGitlabService := &mockGitlabService{}
-	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]gitlab.Project{}, nil)
+	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]repo.Project{}, nil)
 
 	mockSlackService := &mockSlackService{}
 
@@ -49,7 +49,7 @@ func TestScanNoProjects(t *testing.T) {
 
 func TestScanNonVulnerableProject(t *testing.T) {
 	mockGitlabService := &mockGitlabService{}
-	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]gitlab.Project{{Name: "Hello World", HTTPURLToRepo: "https://gitlab.com/group/to/scan.git"}}, nil)
+	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]repo.Project{{Name: "Hello World", RepoUrl: "https://gitlab.com/group/to/scan.git"}}, nil)
 	mockGitlabService.On("CloseVulnerabilityIssue", mock.Anything).Return(nil)
 
 	mockSlackService := &mockSlackService{}
@@ -82,8 +82,8 @@ func TestScanNonVulnerableProject(t *testing.T) {
 
 func TestScanVulnerableProject(t *testing.T) {
 	mockGitlabService := &mockGitlabService{}
-	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]gitlab.Project{{Name: "Hello World", HTTPURLToRepo: "https://gitlab.com/group/to/scan.git"}}, nil)
-	mockGitlabService.On("OpenVulnerabilityIssue", mock.Anything, mock.Anything).Return(&gitlab.Issue{}, nil)
+	mockGitlabService.On("GetProjectList", []string{"group/to/scan"}).Return([]repo.Project{{Name: "Hello World", RepoUrl: "https://gitlab.com/group/to/scan.git"}}, nil)
+	mockGitlabService.On("OpenVulnerabilityIssue", mock.Anything, mock.Anything).Return(&repo.Issue{}, nil)
 
 	mockSlackService := &mockSlackService{}
 	mockSlackService.On("PostMessage", "channel", mock.Anything).Return("", nil)
@@ -190,19 +190,19 @@ type mockGitlabService struct {
 	mock.Mock
 }
 
-func (c *mockGitlabService) GetProjectList(paths []string) ([]gitlab.Project, error) {
+func (c *mockGitlabService) GetProjectList(paths []string) ([]repo.Project, error) {
 	args := c.Called(paths)
-	return args.Get(0).([]gitlab.Project), args.Error(1)
+	return args.Get(0).([]repo.Project), args.Error(1)
 }
 
-func (c *mockGitlabService) CloseVulnerabilityIssue(project gitlab.Project) error {
+func (c *mockGitlabService) CloseVulnerabilityIssue(project repo.Project) error {
 	args := c.Called(project)
 	return args.Error(0)
 }
 
-func (c *mockGitlabService) OpenVulnerabilityIssue(project gitlab.Project, report string) (*gitlab.Issue, error) {
+func (c *mockGitlabService) OpenVulnerabilityIssue(project repo.Project, report string) (*repo.Issue, error) {
 	args := c.Called(project, report)
-	return args.Get(0).(*gitlab.Issue), args.Error(1)
+	return args.Get(0).(*repo.Issue), args.Error(1)
 }
 
 type mockSlackService struct {
@@ -232,7 +232,7 @@ func (c *mockOSVService) Scan(dir string) (*scanner.OsvReport, error) {
 	return args.Get(0).(*scanner.OsvReport), args.Error(1)
 }
 
-func (c *mockOSVService) GenerateReport(p gitlab.Project, r *scanner.OsvReport) scanner.Report {
+func (c *mockOSVService) GenerateReport(p repo.Project, r *scanner.OsvReport) scanner.Report {
 	args := c.Called(p, r)
 	return args.Get(0).(scanner.Report)
 }

internal/publish/to_console.go

@@ -32,7 +32,7 @@ func formatReportsMessageForConsole(scanReports []scanner.Report) string {
 	r.WriteString(fmt.Sprintf("Total number of projects scanned: %v\n", len(scanReports)))
 	for _, report := range scanReports {
 		r.WriteString(fmt.Sprintln("---------------------------------"))
-		r.WriteString(fmt.Sprintf("%v\n", report.Project.PathWithNamespace))
+		r.WriteString(fmt.Sprintf("%v\n", report.Project.Path))
 		r.WriteString(fmt.Sprintf("\tProject URL: %v\n", report.Project.WebURL))
 		r.WriteString(fmt.Sprintf("\tNumber of vulnerabilities: %v\n", len(report.Vulnerabilities)))
 	}

internal/publish/to_console_test.go

@@ -1,17 +1,17 @@
 package publish
 
 import (
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	gogitlab "github.com/xanzy/go-gitlab"
 )
 
 func TestFormatReportMessageForConsole(t *testing.T) {
 	reports := []scanner.Report{
 		{
-			Project: gogitlab.Project{
+			Project: repo.Project{
 				Name:   "project1",
 				WebURL: "http://example.com",
 			},
@@ -27,7 +27,7 @@ func TestFormatReportMessageForConsole(t *testing.T) {
 			},
 		},
 		{
-			Project: gogitlab.Project{
+			Project: repo.Project{
 				Name:   "project2",
 				WebURL: "http://example2.com",
 			},

internal/publish/to_gitlab.go

@@ -3,7 +3,7 @@ package publish
 import (
 	"errors"
 	"fmt"
-	"sheriff/internal/gitlab"
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"strconv"
 	"sync"
@@ -22,24 +22,24 @@ var now = time.Now
 
 // PublishAsGitlabIssues creates or updates GitLab Issue reports for the given reports
 // It will add the Issue URL to the Report if it was created or updated successfully
-func PublishAsGitlabIssues(reports []scanner.Report, s gitlab.IService) (warn error) {
+func PublishAsGitlabIssues(reports []scanner.Report, s repo.IService) (warn error) {
 	var wg sync.WaitGroup
 	for i := 0; i < len(reports); i++ {
 		wg.Add(1)
 		go func() {
 			defer wg.Done()
 			if reports[i].IsVulnerable {
 				if issue, err := s.OpenVulnerabilityIssue(reports[i].Project, formatGitlabIssue(reports[i])); err != nil {
-					log.Error().Err(err).Str("project", reports[i].Project.Name).Msg("Failed to open or update issue")
-					err = fmt.Errorf("failed to open or update issue for project %v", reports[i].Project.Name)
+					log.Error().Err(err).Str("project", reports[i].Project.Path).Msg("Failed to open or update issue")
+					err = fmt.Errorf("failed to open or update issue for project %v", reports[i].Project.Path)
 					warn = errors.Join(err, warn)
 				} else {
 					reports[i].IssueUrl = issue.WebURL
 				}
 			} else {
 				if err := s.CloseVulnerabilityIssue(reports[i].Project); err != nil {
-					log.Error().Err(err).Str("project", reports[i].Project.Name).Msg("Failed to close issue")
-					err = fmt.Errorf("failed to close issue for project %v", reports[i].Project.Name)
+					log.Error().Err(err).Str("project", reports[i].Project.Path).Msg("Failed to close issue")
+					err = fmt.Errorf("failed to close issue for project %v", reports[i].Project.Path)
 					warn = errors.Join(err, warn)
 				}
 			}

internal/publish/to_gitlab_test.go

@@ -1,13 +1,13 @@
 package publish
 
 import (
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"testing"
 	"time"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
-	"github.com/xanzy/go-gitlab"
 )
 
 // Severities are grouped by severity score kind
@@ -164,7 +164,7 @@ func TestMarkdownBoolean(t *testing.T) {
 
 func TestPublishAsGitlabIssues(t *testing.T) {
 	mockGitlabService := &mockGitlabService{}
-	mockGitlabService.On("OpenVulnerabilityIssue", mock.Anything, mock.Anything).Return(&gitlab.Issue{WebURL: "https://my-issue.com"}, nil)
+	mockGitlabService.On("OpenVulnerabilityIssue", mock.Anything, mock.Anything).Return(&repo.Issue{WebURL: "https://my-issue.com"}, nil)
 	reports := []scanner.Report{
 		{
 			IsVulnerable: true,
@@ -206,17 +206,17 @@ type mockGitlabService struct {
 	mock.Mock
 }
 
-func (c *mockGitlabService) GetProjectList(paths []string) ([]gitlab.Project, error) {
+func (c *mockGitlabService) GetProjectList(paths []string) ([]repo.Project, error) {
 	args := c.Called(paths)
-	return args.Get(0).([]gitlab.Project), args.Error(1)
+	return args.Get(0).([]repo.Project), args.Error(1)
 }
 
-func (c *mockGitlabService) CloseVulnerabilityIssue(project gitlab.Project) error {
+func (c *mockGitlabService) CloseVulnerabilityIssue(project repo.Project) error {
 	args := c.Called(project)
 	return args.Error(0)
 }
 
-func (c *mockGitlabService) OpenVulnerabilityIssue(project gitlab.Project, report string) (*gitlab.Issue, error) {
+func (c *mockGitlabService) OpenVulnerabilityIssue(project repo.Project, report string) (*repo.Issue, error) {
 	args := c.Called(project, report)
-	return args.Get(0).(*gitlab.Issue), args.Error(1)
+	return args.Get(0).(*repo.Issue), args.Error(1)
 }

internal/publish/to_slack.go

@@ -82,7 +82,7 @@ func formatSpecificChannelSlackMessage(report scanner.Report) []goslack.MsgOptio
 
 	// Texts
 	title := fmt.Sprintf("Sheriff Report %v", time.Now().Format("2006-01-02"))
-	subtitle := fmt.Sprintf("Project: <%s|*%s*>", report.Project.WebURL, report.Project.PathWithNamespace)
+	subtitle := fmt.Sprintf("Project: <%s|*%s*>", report.Project.WebURL, report.Project.Path)
 	var subtitleFullReport string
 	if report.IssueUrl != "" {
 		subtitleFullReport = fmt.Sprintf("Full report: <%s|*Full report*>", report.IssueUrl)

internal/publish/to_slack_test.go

@@ -2,13 +2,13 @@ package publish
 
 import (
 	"sheriff/internal/config"
+	"sheriff/internal/repo"
 	"sheriff/internal/scanner"
 	"testing"
 
 	"github.com/slack-go/slack"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
-	gogitlab "github.com/xanzy/go-gitlab"
 )
 
 func TestPublishAsGeneralSlackMessage(t *testing.T) {
@@ -102,7 +102,7 @@ func TestFormatReportMessage(t *testing.T) {
 	reportBySeverityKind := map[scanner.SeverityScoreKind][]scanner.Report{
 		scanner.Critical: {
 			{
-				Project: gogitlab.Project{
+				Project: repo.Project{
 					Name:   "project1",
 					WebURL: "http://example.com",
 				},
@@ -118,7 +118,7 @@ func TestFormatReportMessage(t *testing.T) {
 		},
 		scanner.High: {
 			{
-				Project: gogitlab.Project{
+				Project: repo.Project{
 					Name:   "project2",
 					WebURL: "http://example2.com",
 				},