Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactored Graal Backends using Strategy Pattern #108

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 7 additions & 10 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ on: [push, pull_request]
jobs:
tests:

runs-on: ubuntu-latest
runs-on: ubuntu-20.04
strategy:
matrix:
python-version: [3.6, 3.7, 3.8]
Expand All @@ -19,29 +19,26 @@ jobs:
with:
python-version: ${{ matrix.python-version }}

- name: Set up Ruby
uses: actions/setup-ruby@v1
with:
ruby-version: 2.6

- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.15

- name: Install dependencies
env:
FOSSOLOGY_VERSION: 3.11.0
run: |
pip install --upgrade setuptools==49.6.0
pip install --upgrade pip==18.1
pip install --upgrade wheel
pip install -r "requirements.txt"
pip install flake8 coveralls
gem install github-linguist
pip install bandit pylint execnet
wget https://github.com/fossology/fossology/releases/download/3.8.1/FOSSology-3.8.0-debian9stretch.tar.gz
tar -xzf FOSSology-3.8.0-debian9stretch.tar.gz
wget https://github.com/fossology/fossology/releases/download/${FOSSOLOGY_VERSION}/FOSSology-${FOSSOLOGY_VERSION}-ubuntu-focal.tar.gz
tar -xzf FOSSology-${FOSSOLOGY_VERSION}-ubuntu-focal.tar.gz
sudo apt-get update -y
sudo apt-get -y install ./packages/fossology-common_3.8.1-1_amd64.deb ./packages/fossology-nomos_3.8.1-1_amd64.deb
sudo apt-get install -y ruby-github-linguist
sudo apt-get -y install ./packages/fossology-common_${FOSSOLOGY_VERSION}-1_amd64.deb ./packages/fossology-nomos_${FOSSOLOGY_VERSION}-1_amd64.deb
sudo apt-get install cloc
eval "$(gimme stable)"

Expand Down
2 changes: 1 addition & 1 deletion graal/_version.py
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
# Versions compliant with PEP 440 https://www.python.org/dev/peps/pep-0440
__version__ = "0.2.9"
__version__ = "0.2.10"
88 changes: 88 additions & 0 deletions graal/backends/core/analyzer_composition_factory.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# Copyright (C) 2015-2020 Bitergia
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Authors:
# Groninger Bugbusters <[email protected]>
#

import importlib
import inspect

from graal.graal import GraalError
from graal.backends.core.composer import Composer


class AnalyzerCompositionFactory:
"""Factory class for Analyzer Composers"""

def __init__(self, target_package):
try:
self.__composers, self.__kind_to_category = _load_composers_in_package(target_package)
except Exception as error:
raise GraalError(cause="Error while loading composers.") from error

def get_composer(self, category):
"""Returns composer object corresponding with category"""

if category not in self.__composers:
raise GraalError(cause=f"Unknown category {category}")

return self.__composers[category]

def get_categories(self):
"""Returns all considered categories"""

return self.__composers.keys()

def get_category_from_kind(self, kind):
"""Returns the category corresponding with the provided kind."""

if kind not in self.__kind_to_category:
raise GraalError(cause=f"Unknown category {kind}")

return self.__kind_to_category[kind]


def _load_composers_in_package(target_package):
"""
Loads composer objects from target package.

:param target_package: package from which composers are loaded.

:returns: tuple
dictionary of (category, composer) pairs \\
dictionary of (kind, category) pairs
"""

composers = {}
kind_to_category = {}

# iterates through all submodules contained in target
target_module = importlib.import_module(target_package)
for name, klass in target_module.__dict__.items():
if name.startswith("_") \
or not inspect.isclass(klass) \
or not issubclass(klass, Composer) \
or klass is Composer:
continue

composer = klass()
composers[composer.get_category()] = composer
kind_to_category[composer.get_kind()] = composer.get_category()

return composers, kind_to_category
22 changes: 21 additions & 1 deletion graal/backends/core/analyzers/analyzer.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
# Authors:
# Valerio Cosentino <[email protected]>
# inishchith <[email protected]>
# Groninger Bugbusters <[email protected]>
#


Expand All @@ -33,7 +34,26 @@ class Analyzer:
:raises NotImplementedError: raised when `analyze`
is not defined
"""
version = '0.1.0'
version = '0.1.1'

def analyze(self, **kwargs):
raise NotImplementedError


def is_in_paths(in_paths, file_path):
"""
Returns true if the file path is in in_paths.

:param in_paths: the list of in_paths
:param file_path: to-be-tested file path

:returns: boolean value
"""

if in_paths:
found = [p for p in in_paths if file_path.endswith(p)]

if not found:
return False

return True
21 changes: 11 additions & 10 deletions graal/backends/core/analyzers/bandit.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
# Authors:
# Valerio Cosentino <[email protected]>
# inishchith <[email protected]>
# Groninger Bugbusters <[email protected]>
#

from collections import Counter
Expand All @@ -34,17 +35,17 @@ class Bandit(Analyzer):
Once Bandit has finished scanning all the files it generates a report.
"""

version = '0.2.1'
version = '0.2.2'

def analyze(self, **kwargs):
"""Add security issue data using Bandit.

:param folder_path: folder path
:param worktreepath: folder path
:param details: if True, it returns information about single vulnerabilities

:returns result: dict of the results of the analysis
"""
folder_path = kwargs['folder_path']
folder_path = kwargs['worktreepath']
details = kwargs['details']

try:
Expand All @@ -63,17 +64,17 @@ def analyze(self, **kwargs):
descr = None
severity = None
confidence = None
inIssue = False
inOverview = False
in_issue = False
in_overview = False
lines = msg.lower().split('\n')
for line in lines:
if line.startswith(">> issue: "):
descr = line.replace(">> issue: ", "")
inIssue = True
in_issue = True
elif line.startswith("code scanned:"):
inOverview = True
in_overview = True
else:
if inIssue:
if in_issue:
line = line.strip()
if line.startswith("severity:"):
tokens = [t.strip(":") for t in line.split(" ")]
Expand All @@ -94,8 +95,8 @@ def analyze(self, **kwargs):
severity = None
confidence = None
descr = None
inIssue = False
elif inOverview:
in_issue = False
elif in_overview:
if line.startswith("\ttotal lines of code:"):
loc = line.split(":")[1].strip()
loc = int(loc)
Expand Down
Loading