refactoring scanToolMetadata repo service

Wire.go

@@ -70,6 +70,7 @@ import (
 	status3 "github.com/devtron-labs/devtron/api/router/app/pipeline/status"
 	trigger2 "github.com/devtron-labs/devtron/api/router/app/pipeline/trigger"
 	workflow2 "github.com/devtron-labs/devtron/api/router/app/workflow"
+	"github.com/devtron-labs/devtron/api/scanTool"
 	"github.com/devtron-labs/devtron/api/server"
 	"github.com/devtron-labs/devtron/api/sse"
 	"github.com/devtron-labs/devtron/api/team"
@@ -213,6 +214,7 @@ func InitializeApp() (*App, error) {
 		devtronResource.DevtronResourceWireSet,
 		policyGovernance.PolicyGovernanceWireSet,
 		resourceScan.ScanningResultWireSet,
+		scanTool.ScanToolMetadataWireSet,
 
 		// -------wireset end ----------
 		// -------

api/router/router.go

@@ -41,6 +41,7 @@ import (
 	"github.com/devtron-labs/devtron/api/restHandler/common"
 	"github.com/devtron-labs/devtron/api/router/app"
 	"github.com/devtron-labs/devtron/api/router/app/configDiff"
+	"github.com/devtron-labs/devtron/api/scanTool"
 	"github.com/devtron-labs/devtron/api/server"
 	"github.com/devtron-labs/devtron/api/team"
 	terminal2 "github.com/devtron-labs/devtron/api/terminal"
@@ -122,6 +123,7 @@ type MuxRouter struct {
 	fluxApplicationRouter              fluxApplication2.FluxApplicationRouter
 	devtronResourceRouter              devtronResource.DevtronResourceRouter
 	scanningResultRouter               resourceScan.ScanningResultRouter
+	scanToolMetadataRouter             scanTool.ScanToolRouter
 }
 
 func NewMuxRouter(logger *zap.SugaredLogger,
@@ -156,6 +158,7 @@ func NewMuxRouter(logger *zap.SugaredLogger,
 	devtronResourceRouter devtronResource.DevtronResourceRouter,
 	fluxApplicationRouter fluxApplication2.FluxApplicationRouter,
 	scanningResultRouter resourceScan.ScanningResultRouter,
+	scanToolMetadataRouter scanTool.ScanToolRouter,
 ) *MuxRouter {
 	r := &MuxRouter{
 		Router:                             mux.NewRouter(),
@@ -222,6 +225,7 @@ func NewMuxRouter(logger *zap.SugaredLogger,
 		devtronResourceRouter:              devtronResourceRouter,
 		fluxApplicationRouter:              fluxApplicationRouter,
 		scanningResultRouter:               scanningResultRouter,
+		scanToolMetadataRouter:             scanToolMetadataRouter,
 	}
 	return r
 }
@@ -324,6 +328,7 @@ func (r MuxRouter) Init() {
 
 	imageScanRouter := r.Router.PathPrefix("/orchestrator/security/scan").Subrouter()
 	r.imageScanRouter.InitImageScanRouter(imageScanRouter)
+	r.scanToolMetadataRouter.InitScanToolMetadataRouter(imageScanRouter)
 
 	scanResultRouter := r.Router.PathPrefix("/orchestrator/scan-result").Subrouter()
 	r.scanningResultRouter.InitScanningResultRouter(scanResultRouter)

api/scanTool/scanToolRestHandler.go

@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2024. Devtron Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package scanTool
+
+import (
+	"errors"
+	"github.com/devtron-labs/devtron/api/restHandler/common"
+	"github.com/devtron-labs/devtron/pkg/auth/authorisation/casbin"
+	"github.com/devtron-labs/devtron/pkg/auth/user"
+	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool"
+	"github.com/devtron-labs/devtron/util/rbac"
+	"go.uber.org/zap"
+	"gopkg.in/go-playground/validator.v9"
+	"net/http"
+	"strconv"
+)
+
+type ScanToolRestHandler interface {
+	MartToolActiveOrInActive(w http.ResponseWriter, r *http.Request)
+}
+
+type ScanToolRestHandlerImpl struct {
+	logger          *zap.SugaredLogger
+	userService     user.UserService
+	enforcer        casbin.Enforcer
+	enforcerUtil    rbac.EnforcerUtil
+	validator       *validator.Validate
+	scanToolService scanTool.ScanToolMetadataService
+}
+
+func NewScanToolRestHandlerImpl(
+	logger *zap.SugaredLogger,
+	userService user.UserService,
+	scanToolService scanTool.ScanToolMetadataService,
+	enforcer casbin.Enforcer,
+	enforcerUtil rbac.EnforcerUtil,
+	validator *validator.Validate,
+) *ScanToolRestHandlerImpl {
+	return &ScanToolRestHandlerImpl{
+		logger:          logger,
+		userService:     userService,
+		scanToolService: scanToolService,
+		enforcer:        enforcer,
+		enforcerUtil:    enforcerUtil,
+		validator:       validator,
+	}
+}
+
+func (impl *ScanToolRestHandlerImpl) MartToolActiveOrInActive(w http.ResponseWriter, r *http.Request) {
+	userId, err := impl.userService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	// since adding/registering a scan tool operates at global level hence super admin check
+	// RBAC
+	token := r.Header.Get("token")
+	if ok := impl.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*"); !ok {
+		common.WriteJsonResp(w, errors.New("unauthorized User"), nil, http.StatusForbidden)
+		return
+	}
+	// RBAC
+	queryParams := r.URL.Query()
+	toolName := queryParams.Get("toolName")
+	toolVersion := queryParams.Get("toolVersion")
+	activeStr := queryParams.Get("active")
+	if len(toolVersion) == 0 || len(toolName) == 0 || len(activeStr) == 0 {
+		common.WriteJsonResp(w, errors.New("please provide toolName, toolVersion and active query params to update"), nil, http.StatusBadRequest)
+		return
+	}
+	active, err := strconv.ParseBool(activeStr)
+	if err != nil {
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	err = impl.scanToolService.MartToolActiveOrInActiveByNameAndVersion(toolName, toolVersion, active)
+	if err != nil {
+		impl.logger.Errorw("service err, MartToolActiveOrInActiveByNameAndVersion", "toolName", toolName, "toolVersion", toolVersion, "active", active, "err", err)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	common.WriteJsonResp(w, nil, nil, http.StatusOK)
+
+}

api/scanTool/scanToolRouter.go

@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2024. Devtron Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package scanTool
+
+import (
+	"github.com/gorilla/mux"
+)
+
+type ScanToolRouter interface {
+	InitScanToolMetadataRouter(configRouter *mux.Router)
+}
+
+type ScanToolRouterImpl struct {
+	ScanToolRestHandler ScanToolRestHandler
+}
+
+func NewScanToolRouterImpl(ScanToolRestHandler ScanToolRestHandler) *ScanToolRouterImpl {
+	return &ScanToolRouterImpl{ScanToolRestHandler: ScanToolRestHandler}
+}
+
+func (router *ScanToolRouterImpl) InitScanToolMetadataRouter(configRouter *mux.Router) {
+	configRouter.Path("/scan-tool/mark-active-inactive").HandlerFunc(router.ScanToolRestHandler.MartToolActiveOrInActive).Methods("PUT")
+}

api/scanTool/wire_scanTool.go

@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2024. Devtron Inc.
+ */
+
+package scanTool
+
+import (
+	"github.com/google/wire"
+)
+
+var ScanToolMetadataWireSet = wire.NewSet(
+	NewScanToolRouterImpl,
+	wire.Bind(new(ScanToolRouter), new(*ScanToolRouterImpl)),
+	NewScanToolRestHandlerImpl,
+	wire.Bind(new(ScanToolRestHandler), new(*ScanToolRestHandlerImpl)),
+)

cmd/external-app/wire.go

@@ -77,8 +77,8 @@ import (
 	"github.com/devtron-labs/devtron/pkg/kubernetesResourceAuditLogs"
 	repository2 "github.com/devtron-labs/devtron/pkg/kubernetesResourceAuditLogs/repository"
 	"github.com/devtron-labs/devtron/pkg/pipeline"
-	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning"
-	security2 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
+	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool"
+	security2 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool/repository"
 	"github.com/devtron-labs/devtron/pkg/sql"
 	util2 "github.com/devtron-labs/devtron/pkg/util"
 	util3 "github.com/devtron-labs/devtron/util"
@@ -218,8 +218,8 @@ func InitializeApp() (*App, error) {
 		kubernetesResourceAuditLogs.Newk8sResourceHistoryServiceImpl,
 		wire.Bind(new(kubernetesResourceAuditLogs.K8sResourceHistoryService), new(*kubernetesResourceAuditLogs.K8sResourceHistoryServiceImpl)),
 
-		imageScanning.NewScanToolMetadataServiceImpl,
-		wire.Bind(new(imageScanning.ScanToolMetadataService), new(*imageScanning.ScanToolMetadataServiceImpl)),
+		scanTool.NewScanToolMetadataServiceImpl,
+		wire.Bind(new(scanTool.ScanToolMetadataService), new(*scanTool.ScanToolMetadataServiceImpl)),
 
 		security2.NewScanToolMetadataRepositoryImpl,
 		wire.Bind(new(security2.ScanToolMetadataRepository), new(*security2.ScanToolMetadataRepositoryImpl)),

pkg/module/ModuleService.go

@@ -25,7 +25,7 @@ import (
 	clientErrors "github.com/devtron-labs/devtron/pkg/errors"
 	moduleRepo "github.com/devtron-labs/devtron/pkg/module/repo"
 	moduleUtil "github.com/devtron-labs/devtron/pkg/module/util"
-	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning"
+	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool"
 	"github.com/devtron-labs/devtron/pkg/server"
 	serverBean "github.com/devtron-labs/devtron/pkg/server/bean"
 	serverEnvConfig "github.com/devtron-labs/devtron/pkg/server/config"
@@ -61,13 +61,13 @@ type ModuleServiceImpl struct {
 	moduleCronService              ModuleCronService
 	moduleServiceHelper            ModuleServiceHelper
 	moduleResourceStatusRepository moduleRepo.ModuleResourceStatusRepository
-	scanToolMetadataService        imageScanning.ScanToolMetadataService
+	scanToolMetadataService        scanTool.ScanToolMetadataService
 }
 
 func NewModuleServiceImpl(logger *zap.SugaredLogger, serverEnvConfig *serverEnvConfig.ServerEnvConfig, moduleRepository moduleRepo.ModuleRepository,
 	moduleActionAuditLogRepository ModuleActionAuditLogRepository, helmAppService client.HelmAppService, serverDataStore *serverDataStore.ServerDataStore, serverCacheService server.ServerCacheService, moduleCacheService ModuleCacheService, moduleCronService ModuleCronService,
 	moduleServiceHelper ModuleServiceHelper, moduleResourceStatusRepository moduleRepo.ModuleResourceStatusRepository,
-	scanToolMetadataService imageScanning.ScanToolMetadataService) *ModuleServiceImpl {
+	scanToolMetadataService scanTool.ScanToolMetadataService) *ModuleServiceImpl {
 	return &ModuleServiceImpl{
 		logger:                         logger,
 		serverEnvConfig:                serverEnvConfig,

pkg/policyGovernance/security/imageScanning/ImageScanService.go

@@ -27,6 +27,7 @@ import (
 	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/helper/parser"
 	repository3 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
 	securityBean "github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository/bean"
+	repository2 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool/repository"
 	"github.com/devtron-labs/devtron/pkg/workflow/cd/read"
 	"go.opentelemetry.io/otel"
 	"time"
@@ -67,7 +68,7 @@ type ImageScanServiceImpl struct {
 	policyService                             PolicyService
 	pipelineRepository                        pipelineConfig.PipelineRepository
 	ciPipelineRepository                      pipelineConfig.CiPipelineRepository
-	scanToolMetaDataRepository                repository3.ScanToolMetadataRepository
+	scanToolMetaDataRepository                repository2.ScanToolMetadataRepository
 	scanToolExecutionHistoryMappingRepository repository3.ScanToolExecutionHistoryMappingRepository
 	cvePolicyRepository                       repository3.CvePolicyRepository
 	cdWorkflowReadService                     read.CdWorkflowReadService
@@ -79,7 +80,7 @@ func NewImageScanServiceImpl(Logger *zap.SugaredLogger, scanHistoryRepository re
 	userService user.UserService,
 	appRepository repository1.AppRepository,
 	envService environment.EnvironmentService, ciArtifactRepository repository.CiArtifactRepository, policyService PolicyService,
-	pipelineRepository pipelineConfig.PipelineRepository, ciPipelineRepository pipelineConfig.CiPipelineRepository, scanToolMetaDataRepository repository3.ScanToolMetadataRepository, scanToolExecutionHistoryMappingRepository repository3.ScanToolExecutionHistoryMappingRepository,
+	pipelineRepository pipelineConfig.PipelineRepository, ciPipelineRepository pipelineConfig.CiPipelineRepository, scanToolMetaDataRepository repository2.ScanToolMetadataRepository, scanToolExecutionHistoryMappingRepository repository3.ScanToolExecutionHistoryMappingRepository,
 	cvePolicyRepository repository3.CvePolicyRepository,
 	cdWorkflowReadService read.CdWorkflowReadService) *ImageScanServiceImpl {
 	return &ImageScanServiceImpl{Logger: Logger, scanHistoryRepository: scanHistoryRepository, scanResultRepository: scanResultRepository,

pkg/policyGovernance/security/imageScanning/wire_imageScanning.go

@@ -3,6 +3,7 @@ package imageScanning
 import (
 	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/read"
 	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
+	repository2 "github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool/repository"
 	"github.com/google/wire"
 )
 
@@ -25,9 +26,6 @@ var ImageScanningWireSet = wire.NewSet(
 	read.NewImageScanResultReadServiceImpl,
 	wire.Bind(new(read.ImageScanResultReadService), new(*read.ImageScanResultReadServiceImpl)),
 
-	NewScanToolMetadataServiceImpl,
-	wire.Bind(new(ScanToolMetadataService), new(*ScanToolMetadataServiceImpl)),
-
 	repository.NewImageScanHistoryRepositoryImpl,
 	wire.Bind(new(repository.ImageScanHistoryRepository), new(*repository.ImageScanHistoryRepositoryImpl)),
 	repository.NewImageScanResultRepositoryImpl,
@@ -38,8 +36,8 @@ var ImageScanningWireSet = wire.NewSet(
 	wire.Bind(new(repository.CveStoreRepository), new(*repository.CveStoreRepositoryImpl)),
 	repository.NewImageScanDeployInfoRepositoryImpl,
 	wire.Bind(new(repository.ImageScanDeployInfoRepository), new(*repository.ImageScanDeployInfoRepositoryImpl)),
-	repository.NewScanToolMetadataRepositoryImpl,
-	wire.Bind(new(repository.ScanToolMetadataRepository), new(*repository.ScanToolMetadataRepositoryImpl)),
+	repository2.NewScanToolMetadataRepositoryImpl,
+	wire.Bind(new(repository2.ScanToolMetadataRepository), new(*repository2.ScanToolMetadataRepositoryImpl)),
 
 	repository.NewPolicyRepositoryImpl,
 	wire.Bind(new(repository.CvePolicyRepository), new(*repository.CvePolicyRepositoryImpl)),

pkg/policyGovernance/security/imageScanning/ScanToolMetadataService.go → pkg/policyGovernance/security/scanTool/ScanToolMetadataService.go

@@ -1,14 +1,15 @@
-package imageScanning
+package scanTool
 
 import (
-	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
+	"github.com/devtron-labs/devtron/pkg/policyGovernance/security/scanTool/repository"
 	"github.com/go-pg/pg"
 	"go.uber.org/zap"
 )
 
 type ScanToolMetadataService interface {
 	MarkToolAsActive(toolName, version string, tx *pg.Tx) error
 	MarkOtherToolsInActive(toolName string, tx *pg.Tx, version string) error
+	MartToolActiveOrInActiveByNameAndVersion(toolName, version string, isActive bool) error
 }
 
 type ScanToolMetadataServiceImpl struct {
@@ -30,3 +31,7 @@ func (impl *ScanToolMetadataServiceImpl) MarkToolAsActive(toolName, version stri
 func (impl *ScanToolMetadataServiceImpl) MarkOtherToolsInActive(toolName string, tx *pg.Tx, version string) error {
 	return impl.scanToolMetadataRepository.MarkOtherToolsInActive(toolName, tx, version)
 }
+
+func (impl *ScanToolMetadataServiceImpl) MartToolActiveOrInActiveByNameAndVersion(toolName, version string, isActive bool) error {
+	return impl.scanToolMetadataRepository.MartToolActiveOrInActiveByNameAndVersion(toolName, version, isActive)
+}

pkg/policyGovernance/security/scanTool/bean/bean.go

@@ -0,0 +1 @@
+package bean

pkg/policyGovernance/security/imageScanning/repository/ScanToolMetaDataRepository.go → pkg/policyGovernance/security/scanTool/repository/ScanToolMetaDataRepository.go

@@ -52,6 +52,7 @@ type ScanToolMetadataRepository interface {
 	MarkOtherToolsInActive(toolName string, tx *pg.Tx, version string) error
 	FindActiveTool() (*ScanToolMetadata, error)
 	FindNameById(id int) (string, error)
+	MartToolActiveOrInActiveByNameAndVersion(toolName, version string, isActive bool) error
 }
 
 type ScanToolMetadataRepositoryImpl struct {
@@ -183,3 +184,13 @@ func (repo *ScanToolMetadataRepositoryImpl) FindNameById(id int) (string, error)
 	}
 	return model.Name, nil
 }
+
+func (repo *ScanToolMetadataRepositoryImpl) MartToolActiveOrInActiveByNameAndVersion(toolName, version string, isActive bool) error {
+	model := &ScanToolMetadata{}
+	_, err := repo.dbConnection.Model(model).Set("active = ?", isActive).Where("name = ?", toolName).Where("version = ?", version).Update()
+	if err != nil {
+		repo.logger.Errorw("error in marking tool active for scan target", "err", err)
+		return err
+	}
+	return nil
+}

pkg/policyGovernance/security/scanTool/wire_scanTool.go

@@ -0,0 +1,8 @@
+package scanTool
+
+import "github.com/google/wire"
+
+var ScanToolWireSet = wire.NewSet(
+	NewScanToolMetadataServiceImpl,
+	wire.Bind(new(ScanToolMetadataService), new(*ScanToolMetadataServiceImpl)),
+)