From 8d24b85689ce627b5496dfe95ca51e1f3c67e59a Mon Sep 17 00:00:00 2001
From: Alexandre Thenorio <alexandre.thenorio@einride.tech>
Date: Wed, 21 Dec 2022 11:46:27 +0100
Subject: [PATCH] feat: add osv-scanner tool

See
https://security.googleblog.com/2022/12/announcing-osv-scanner-vulnerability.html
for details
---
 tools/sgosvscanner/tools.go | 48 +++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 tools/sgosvscanner/tools.go

diff --git a/tools/sgosvscanner/tools.go b/tools/sgosvscanner/tools.go
new file mode 100644
index 00000000..95ac0e66
--- /dev/null
+++ b/tools/sgosvscanner/tools.go
@@ -0,0 +1,48 @@
+package sgosvscanner
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+
+	"go.einride.tech/sage/sg"
+	"go.einride.tech/sage/sgtool"
+)
+
+const (
+	version    = "1.0.2"
+	binaryName = "osv-scanner"
+)
+
+func Command(ctx context.Context, args ...string) *exec.Cmd {
+	sg.Deps(ctx, PrepareCommand)
+	return sg.Command(ctx, sg.FromBinDir(binaryName), args...)
+}
+
+func PrepareCommand(ctx context.Context) error {
+	binDir := sg.FromToolsDir(binaryName, version)
+	binary := filepath.Join(binDir, binaryName)
+	if err := sgtool.FromRemote(
+		ctx,
+		fmt.Sprintf(
+			"https://github.com/google/osv-scanner/releases/download/v%s/osv-scanner_%s_%s_%s",
+			version,
+			version,
+			runtime.GOOS,
+			runtime.GOARCH,
+		),
+		sgtool.WithDestinationDir(binDir),
+		sgtool.WithSkipIfFileExists(binary),
+		sgtool.WithRenameFile("", "osv-scanner"),
+		sgtool.WithSymlink(binary),
+	); err != nil {
+		return fmt.Errorf("unable to download %s: %w", binaryName, err)
+	}
+	if err := os.Chmod(binary, 0o755); err != nil {
+		return fmt.Errorf("unable to make %s command: %w", binaryName, err)
+	}
+	return nil
+}