wip: filters client

Author: paulrosca-snyk

.gitignore

@@ -4,5 +4,6 @@
 ### Local development ###
 # Local build system configuration
 /local.mk
+.idea
 
 node_modules

internal/fileupload/client.go

@@ -2,8 +2,8 @@ package fileupload
 
 import (
 	"context"
-	"encoding/json"
 	"fmt"
+	"github.com/snyk/cli-extension-os-flows/internal/fileupload/filters"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -24,17 +24,16 @@ type Config struct {
 
 // Client provides high-level file upload functionality.
 type Client struct {
-	httpClient *http.Client
-	lowlevel   uploadrevision.SealableClient
-	cfg        Config
-	filters    Filters
+	uploadRevisionSealableClient uploadrevision.SealableClient
+	filtersClient                filters.Client
+	cfg                          Config
+	filters                      Filters
 }
 
 // NewClient creates a new high-level file upload client.
 func NewClient(httpClient *http.Client, cfg Config, opts ...Option) *Client {
 	client := &Client{
-		httpClient: httpClient,
-		cfg:        cfg,
+		cfg: cfg,
 		filters: Filters{
 			supportedExtensions:  xsync.NewMapOf[bool](),
 			supportedConfigFiles: xsync.NewMapOf[bool](),
@@ -45,46 +44,24 @@ func NewClient(httpClient *http.Client, cfg Config, opts ...Option) *Client {
 		opt(client)
 	}
 
-	if client.lowlevel == nil {
-		client.lowlevel = uploadrevision.NewClient(uploadrevision.Config{
+	if client.uploadRevisionSealableClient == nil {
+		client.uploadRevisionSealableClient = uploadrevision.NewClient(uploadrevision.Config{
 			BaseURL: cfg.BaseURL,
 		}, uploadrevision.WithHTTPClient(httpClient))
 	}
 
-	return client
-}
-
-func (c *Client) getDeeproxyFilters(ctx context.Context) (FiltersResponse, error) {
-	var filtersResp FiltersResponse
-
-	url := fmt.Sprintf("%s/hidden/orgs/%s/code/filters", c.cfg.BaseURL, c.cfg.OrgID)
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, http.NoBody)
-	if err != nil {
-		return filtersResp, fmt.Errorf("failed to create deeproxy filters request: %w", err)
-	}
-
-	req.Header.Set("snyk-org-name", c.cfg.OrgID.String())
-
-	resp, err := c.httpClient.Do(req)
-	if err != nil {
-		return filtersResp, fmt.Errorf("error making deeproxy filters request: %w", err)
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode < 200 || resp.StatusCode > 299 {
-		return filtersResp, fmt.Errorf("unexpected response code: %s", resp.Status)
-	}
-
-	if err := json.NewDecoder(resp.Body).Decode(&filtersResp); err != nil {
-		return filtersResp, fmt.Errorf("failed to decode deeproxy filters response: %w", err)
+	if client.filtersClient == nil {
+		client.filtersClient = filters.NewDeeproxyClient(filters.Config{
+			BaseURL: cfg.BaseURL,
+		}, filters.WithHTTPClient(httpClient))
 	}
 
-	return filtersResp, nil
+	return client
 }
 
 func (c *Client) loadFilters(ctx context.Context) error {
 	c.filters.once.Do(func() {
-		filtersResp, err := c.getDeeproxyFilters(ctx)
+		filtersResp, err := c.filtersClient.GetFilters(ctx, c.cfg.OrgID)
 		if err != nil {
 			c.filters.initErr = err
 			return
@@ -122,7 +99,7 @@ func (c *Client) createFileFilter(ctx context.Context) (func(string) bool, error
 }
 
 func (c *Client) uploadPaths(ctx context.Context, revID RevisionID, rootPath string, paths []string) error {
-	files := make([]uploadrevision.UploadFile, 0, c.lowlevel.GetLimits().FileCountLimit)
+	files := make([]uploadrevision.UploadFile, 0, c.uploadRevisionSealableClient.GetLimits().FileCountLimit)
 	defer func() {
 		for _, file := range files {
 			file.File.Close()
@@ -146,7 +123,7 @@ func (c *Client) uploadPaths(ctx context.Context, revID RevisionID, rootPath str
 		})
 	}
 
-	err := c.lowlevel.UploadFiles(ctx, c.cfg.OrgID, revID, files)
+	err := c.uploadRevisionSealableClient.UploadFiles(ctx, c.cfg.OrgID, revID, files)
 	if err != nil {
 		return fmt.Errorf("failed to upload files: %w", err)
 	}
@@ -159,13 +136,13 @@ func (c *Client) addPathsToRevision(ctx context.Context, revisionID RevisionID,
 	var chunks <-chan []string
 
 	if opts.SkipFiltering {
-		chunks = chunkChan(pathsChan, c.lowlevel.GetLimits().FileCountLimit)
+		chunks = chunkChan(pathsChan, c.uploadRevisionSealableClient.GetLimits().FileCountLimit)
 	} else {
 		filter, err := c.createFileFilter(ctx)
 		if err != nil {
 			return err
 		}
-		chunks = chunkChanFiltered(pathsChan, c.lowlevel.GetLimits().FileCountLimit, filter)
+		chunks = chunkChanFiltered(pathsChan, c.uploadRevisionSealableClient.GetLimits().FileCountLimit, filter)
 	}
 
 	for chunk := range chunks {
@@ -180,7 +157,7 @@ func (c *Client) addPathsToRevision(ctx context.Context, revisionID RevisionID,
 
 // CreateRevision creates a new revision and returns its ID.
 func (c *Client) CreateRevision(ctx context.Context) (RevisionID, error) {
-	revision, err := c.lowlevel.CreateRevision(ctx, c.cfg.OrgID)
+	revision, err := c.uploadRevisionSealableClient.CreateRevision(ctx, c.cfg.OrgID)
 	if err != nil {
 		return uuid.Nil, fmt.Errorf("failed to create revision: %w", err)
 	}
@@ -208,7 +185,7 @@ func (c *Client) AddDirToRevision(ctx context.Context, revisionID RevisionID, di
 
 // SealRevision seals a revision, making it immutable.
 func (c *Client) SealRevision(ctx context.Context, revisionID RevisionID) error {
-	_, err := c.lowlevel.SealRevision(ctx, c.cfg.OrgID, revisionID)
+	_, err := c.uploadRevisionSealableClient.SealRevision(ctx, c.cfg.OrgID, revisionID)
 	if err != nil {
 		return fmt.Errorf("failed to seal revision: %w", err)
 	}

internal/fileupload/client_test.go

@@ -2,10 +2,7 @@ package fileupload_test
 
 import (
 	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/http/httptest"
+	"github.com/snyk/cli-extension-os-flows/internal/fileupload/filters"
 	"os"
 	"path/filepath"
 	"slices"
@@ -28,7 +25,7 @@ func Test_GranularAPI(t *testing.T) {
 		},
 	}
 
-	filters := fileupload.FiltersResponse{
+	filters := filters.AllowList{
 		ConfigFiles: []string{"go.mod"},
 		Extensions:  []string{".txt", ".go", ".md"},
 	}
@@ -133,7 +130,7 @@ func Test_CreateRevisionFromPaths(t *testing.T) {
 		},
 	}
 
-	filters := fileupload.FiltersResponse{
+	filters := filters.AllowList{
 		ConfigFiles: []string{"go.mod"},
 		Extensions:  []string{".txt", ".go", ".md"},
 	}
@@ -194,7 +191,7 @@ func Test_CreateRevisionFromDir(t *testing.T) {
 		},
 	}
 
-	filters := fileupload.FiltersResponse{
+	filters := filters.AllowList{
 		ConfigFiles: []string{"go.mod"},
 		Extensions:  []string{".txt", ".go", ".md"},
 	}
@@ -446,40 +443,24 @@ func setupTest(
 	t *testing.T,
 	llcfg uploadrevision.FakeClientConfig,
 	files []uploadrevision.LoadedFile,
-	filters fileupload.FiltersResponse,
+	allowList filters.AllowList,
 ) (context.Context, *uploadrevision.FakeSealableClient, *fileupload.Client, *os.File, func()) {
 	t.Helper()
 
 	ctx := context.Background()
 	orgID := uuid.New()
-	filtersCalls := 0
-
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		filtersCalls++
-		if filtersCalls > 1 {
-			t.Fail()
-		}
-		expectedURL := fmt.Sprintf("/hidden/orgs/%s/code/filters", orgID)
-		assert.Equal(t, expectedURL, r.URL.Path)
-		assert.Equal(t, orgID.String(), r.Header.Get("snyk-org-name"))
-
-		w.Header().Set("Content-Type", "application/json")
-		if err := json.NewEncoder(w).Encode(filters); err != nil {
-			http.Error(w, "failed to encode response", http.StatusInternalServerError)
-			return
-		}
-	}))
 
 	fakeSealeableClient := uploadrevision.NewFakeSealableClient(llcfg)
-	client := fileupload.NewClient(server.Client(), fileupload.Config{
-		BaseURL: server.URL,
-		OrgID:   orgID,
-	}, fileupload.WithLowLevelClient(fakeSealeableClient))
+	fakeFiltersClient := filters.NewFakeClient(allowList, nil)
+	client := fileupload.NewClient(nil, fileupload.Config{
+		OrgID: orgID,
+	},
+		fileupload.WithUploadRevisionSealableClient(fakeSealeableClient),
+		fileupload.WithFiltersClient(fakeFiltersClient))
 
 	dir, dirCleanup := createDirWithFiles(t, files)
 
 	return ctx, fakeSealeableClient, client, dir, func() {
-		server.Close()
 		dirCleanup()
 	}
 }

internal/fileupload/errors.go

@@ -2,7 +2,7 @@ package fileupload
 
 import "github.com/snyk/cli-extension-os-flows/internal/fileupload/uploadrevision"
 
-// Aliasing lowlevel errors so that they're scoped to the fileupload package as well.
+// Aliasing uploadRevisionSealableClient errors so that they're scoped to the fileupload package as well.
 
 // FileSizeLimitError indicates a file exceeds the maximum allowed size.
 type FileSizeLimitError = uploadrevision.FileSizeLimitError

internal/fileupload/filters/client.go

@@ -0,0 +1,71 @@
+package filters
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"github.com/google/uuid"
+)
+
+// AllowList represents the response structure from the deeproxy filters API.
+type AllowList struct {
+	ConfigFiles []string `json:"configFiles"`
+	Extensions  []string `json:"extensions"`
+}
+
+type Client interface {
+	GetFilters(ctx context.Context, orgID uuid.UUID) (AllowList, error)
+}
+
+type deeproxyClient struct {
+	httpClient *http.Client
+	cfg        Config
+}
+
+type Config struct {
+	BaseURL   string
+	IsFedRamp bool
+}
+
+func NewDeeproxyClient(cfg Config, opts ...Opt) *deeproxyClient {
+	c := &deeproxyClient{
+		cfg:        cfg,
+		httpClient: http.DefaultClient,
+	}
+
+	for _, opt := range opts {
+		opt(c)
+	}
+
+	return c
+}
+
+func (c *deeproxyClient) GetFilters(ctx context.Context, orgID uuid.UUID) (AllowList, error) {
+	var allowList AllowList
+
+	url := getFilterUrl(c.cfg.BaseURL, orgID, c.cfg.IsFedRamp)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, http.NoBody)
+	if err != nil {
+		return allowList, fmt.Errorf("failed to create deeproxy filters request: %w", err)
+	}
+
+	req.Header.Set("snyk-org-name", orgID.String())
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return allowList, fmt.Errorf("error making deeproxy filters request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode < 200 || resp.StatusCode > 299 {
+		return allowList, fmt.Errorf("unexpected response code: %s", resp.Status)
+	}
+
+	if err := json.NewDecoder(resp.Body).Decode(&allowList); err != nil {
+		return allowList, fmt.Errorf("failed to decode deeproxy filters response: %w", err)
+	}
+
+	return allowList, nil
+}

internal/fileupload/filters/client_test.go

@@ -0,0 +1,77 @@
+package filters
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestClients(t *testing.T) {
+	tests := []struct {
+		getClient  func(t *testing.T, orgID uuid.UUID, expectedAllow AllowList) (Client, func())
+		clientName string
+	}{
+		{
+			clientName: "deeproxyClient",
+			getClient: func(t *testing.T, orgID uuid.UUID, expectedAllow AllowList) (Client, func()) {
+				t.Helper()
+
+				s := setupServer(t, orgID, expectedAllow)
+				cleanup := func() {
+					s.Close()
+				}
+				c := NewDeeproxyClient(Config{BaseURL: s.URL, IsFedRamp: true}, WithHTTPClient(s.Client()))
+
+				return c, cleanup
+			},
+		},
+		{
+			clientName: "fakeClient",
+			getClient: func(t *testing.T, orgID uuid.UUID, expectedAllow AllowList) (Client, func()) {
+				t.Helper()
+
+				c := NewFakeClient(expectedAllow, nil)
+
+				return c, func() {}
+			},
+		},
+	}
+
+	for _, testData := range tests {
+		t.Run(testData.clientName+": GetFilters", func(t *testing.T) {
+			orgID := uuid.New()
+			expectedAllow := AllowList{
+				ConfigFiles: []string{"package.json"},
+				Extensions:  []string{".ts", ".js"},
+			}
+			client, cleanup := testData.getClient(t, orgID, expectedAllow)
+			defer cleanup()
+
+			allow, err := client.GetFilters(t.Context(), orgID)
+			require.NoError(t, err)
+
+			assert.Equal(t, expectedAllow, allow)
+		})
+	}
+}
+
+func setupServer(t *testing.T, orgID uuid.UUID, expectedAllow AllowList) *httptest.Server {
+	t.Helper()
+	ts := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		expectedURL := getFilterUrl("", orgID, true)
+		assert.Equal(t, expectedURL, r.URL.Path)
+		assert.Equal(t, orgID.String(), r.Header.Get("snyk-org-name"))
+		w.Header().Set("Content-Type", "application/json")
+		if err := json.NewEncoder(w).Encode(expectedAllow); err != nil {
+			http.Error(w, "failed to encode response", http.StatusInternalServerError)
+			return
+		}
+	}))
+	ts.Start()
+	return ts
+}