added image pulling to cli for dast local package

README.md

@@ -73,6 +73,7 @@ Options:
                          The repository name to create the Nullify issue dashboard in e.g. cli
   --header HEADER        List of headers for the DAST agent to authenticate with your API
   --local                Test the given app locally for bugs and vulnerabilities in private networks
+  --version VERSION      Version of the DAST local image that is used for scanning [default: 0.0.0]
 
 Global options:
   --host HOST            The base URL of your Nullify API instance [default: https://api.nullify.ai]
@@ -122,4 +123,5 @@ nullify dast \
 | **`github-repo`**  | The repository name to create the Nullify issue dashboard in, e.g. cli                              | `true`   |         |
 | **`header`**       | List of headers for the DAST agent to authenticate with your API                                    | `false`  |         |
 | **`local`**        | Test the given app locally for bugs and vulnerabilities in private networks                         | `false`  |         |
+| **`version`**      | Version of the DAST local image that is used for scanning [default: ]                               | `false`  |  0.0.0  |
 

cmd/cli/main.go

@@ -20,6 +20,7 @@ type DAST struct {
 	GitHubRepository string   `arg:"--github-repo" help:"The repository name to create the Nullify issue dashboard in e.g. cli"`
 	AuthHeaders      []string `arg:"--header" help:"List of headers for the DAST agent to authenticate with your API"`
 	Local            bool     `arg:"--local" help:"Test the given app locally for bugs and vulnerabilities in private networks"`
+	Version          string   `arg:"--version" default:"0.0.0" help:"Version of the DAST local image that is used for scanning"`
 }
 
 type args struct {
@@ -84,6 +85,7 @@ func main() {
 				AppName:     args.DAST.AppName,
 				Host:        args.Host,
 				TargetHost:  args.DAST.TargetHost,
+				Version:     args.DAST.Version,
 				OpenAPISpec: openAPISpec,
 				AuthSources: args.AuthSources,
 				AuthConfig: models.AuthConfig{

internal/dast/dast_local_scan.go

@@ -2,12 +2,15 @@ package dast
 
 import (
 	"context"
+	"encoding/base64"
 	"encoding/json"
+	"fmt"
 	"net/http"
 	"os"
 
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/stdcopy"
 	"github.com/nullify-platform/cli/internal/models"
@@ -18,6 +21,7 @@ type DASTLocalScanInput struct {
 	AppName     string                 `json:"appName"`
 	Host        string                 `json:"host"`
 	TargetHost  string                 `json:"targetHost"`
+	Version     string                 `json:"version"`
 	OpenAPISpec map[string]interface{} `json:"openAPISpec"`
 	AuthConfig  models.AuthConfig      `json:"authConfig"`
 
@@ -54,11 +58,28 @@ func DASTLocalScan(httpClient *http.Client, nullifyHost string, input *DASTLocal
 	}
 	defer client.Close()
 
-	imageRef := "public.ecr.aws/nullify/dast:0.1.0"
-	image, err := client.ImagePull(ctx, imageRef, types.ImagePullOptions{})
+	authConfig := registry.AuthConfig{
+		Username: input.GitHubOwner,
+		Password: input.GitHubToken,
+	}
+	logger.Debug(
+		"auth config in dast local scan",
+		logger.Any("authConfig", authConfig),
+	)
+	encodedJSON, err := json.Marshal(authConfig)
+	if err != nil {
+		logger.Error(
+			"error in marshalling auth config to json",
+			logger.Err(err),
+		)
+		return err
+	}
+	authStr := base64.URLEncoding.EncodeToString(encodedJSON)
+	imageRef := fmt.Sprintf("ghcr.io/nullify-platform/dast-local:%s", input.Version)
+	image, err := client.ImagePull(ctx, imageRef, types.ImagePullOptions{RegistryAuth: authStr})
 	if err != nil {
 		logger.Error(
-			"unable to pull image from nullify public ecr",
+			"unable to pull image from nullify platform ghrc",
 			logger.Err(err),
 		)
 		return err
@@ -68,7 +89,7 @@ func DASTLocalScan(httpClient *http.Client, nullifyHost string, input *DASTLocal
 	containerResp, err := client.ContainerCreate(ctx, &container.Config{
 		Image: imageRef,
 		Cmd:   []string{"/local", string(requestBody)},
-	}, nil, nil, nil, imageRef)
+	}, nil, nil, nil, "")
 	if err != nil {
 		logger.Error(
 			"unable to create new docker container",