Merge pull request #14 from Checkmarx/miryamFoifer/LimitedHelmContext

Support Limited Context Of Helm (AST-106346)

Author: cx-miryam-foifer

pkg/imagesExtractor/files_extractor.go

@@ -15,7 +15,7 @@ import (
 type ImagesExtractor interface {
 	ExtractAndMergeImagesFromFiles(files types.FileImages, images []types.ImageModel,
 		settingsFiles map[string]map[string]string) ([]types.ImageModel, error)
-	ExtractFiles(scanPath string) (types.FileImages, map[string]map[string]string, string, error)
+	ExtractFiles(scanPath string, isFullHelmDirectory ...bool) (types.FileImages, map[string]map[string]string, string, error)
 	SaveObjectToFile(folderPath string, obj interface{}) error
 	ExtractAndMergeImagesFromFilesWithLineInfo(files types.FileImages, images []types.ImageModel, settingsFiles map[string]map[string]string) ([]types.ImageModel, error)
 }
@@ -52,7 +52,13 @@ func (ie *imagesExtractor) ExtractAndMergeImagesFromFiles(files types.FileImages
 	return imagesFromFiles, nil
 }
 
-func (ie *imagesExtractor) ExtractFiles(scanPath string) (types.FileImages, map[string]map[string]string, string, error) {
+func (ie *imagesExtractor) ExtractFiles(scanPath string, isFullHelmDirectory ...bool) (types.FileImages, map[string]map[string]string, string, error) {
+	// Default to true (current behavior) if not provided
+	fullHelmDir := true
+	if len(isFullHelmDirectory) > 0 {
+		fullHelmDir = isFullHelmDirectory[0]
+	}
+
 	filesPath, err := extractCompressedPath(scanPath)
 	if err != nil {
 		log.Err(err).Msgf("Could not extract compressed folder")
@@ -95,13 +101,24 @@ func (ie *imagesExtractor) ExtractFiles(scanPath string) (types.FileImages, map[
 		log.Warn().Msgf("Could not extract docker or docker compose files: %s", err.Error())
 	}
 
-	helmCharts, err := findHelmCharts(filesPath)
-	if err != nil {
-		log.Warn().Msgf("Could not extract helm charts: %s", err.Error())
-	}
-	if len(helmCharts) > 0 {
-		f.Helm = helmCharts
+	if fullHelmDir {
+		helmCharts, err := findHelmCharts(filesPath)
+		if err != nil {
+			log.Warn().Msgf("Could not extract helm charts: %s", err.Error())
+		}
+		if len(helmCharts) > 0 {
+			f.Helm = helmCharts
+		}
+	} else {
+		helmCharts, err := findHelmFilesInDirectory(scanPath)
+		if err != nil {
+			log.Warn().Msgf("Could not validate helm file: %s", err.Error())
+		}
+		if len(helmCharts) > 0 {
+			f.Helm = helmCharts
+		}
 	}
+
 	printFilePaths(f.Dockerfile, "Successfully found dockerfiles")
 	printFilePaths(f.DockerCompose, "Successfully found docker compose files")
 

pkg/imagesExtractor/files_extractor_test.go

@@ -473,3 +473,144 @@ func TestDockerComposeExtractorWithLineNumbersAndIndices(t *testing.T) {
 
 	t.Logf("Image '%s' found at line %d, indices [%d:%d]", img.Name, loc.Line, loc.StartIndex, loc.EndIndex)
 }
+
+// TestExtractFilesWithFullHelmDirectoryFalse tests the ExtractFiles method when isFullHelmDirectory is false
+func TestExtractFilesWithFullHelmDirectoryFalse(t *testing.T) {
+	extractor := NewImagesExtractor()
+
+	scenarios := []struct {
+		Name              string
+		InputPath         string
+		ShouldHaveHelm    bool
+		ExpectedErrString string
+	}{
+		{
+			Name:              "ValidHelmDirectoryWithFalseFlag",
+			InputPath:         "../../test_files/helm-testcases",
+			ShouldHaveHelm:    true,
+			ExpectedErrString: "",
+		},
+		{
+			Name:              "ValidHelmDirectoryWithTemplatesSubdirectory",
+			InputPath:         "../../test_files/helm-testcases/templates",
+			ShouldHaveHelm:    true,
+			ExpectedErrString: "",
+		},
+		{
+			Name:              "NonHelmDirectoryWithFalseFlag",
+			InputPath:         "../../test_files/imageExtraction/dockerfiles",
+			ShouldHaveHelm:    false,
+			ExpectedErrString: "",
+		},
+	}
+
+	// Run test scenarios
+	for _, scenario := range scenarios {
+		t.Run(scenario.Name, func(t *testing.T) {
+			// Run the function with isFullHelmDirectory = false
+			files, _, _, err := extractor.ExtractFiles(scenario.InputPath, false)
+
+			// Check for errors
+			if scenario.ExpectedErrString != "" {
+				if err == nil || !strings.Contains(err.Error(), scenario.ExpectedErrString) {
+					t.Errorf("Expected error containing '%s' but got '%v'", scenario.ExpectedErrString, err)
+				}
+			} else {
+				// Check that Helm charts are found when expected
+				if scenario.ShouldHaveHelm {
+					if len(files.Helm) == 0 {
+						t.Errorf("Expected Helm charts to be found for scenario '%s'", scenario.Name)
+					} else {
+						// Verify basic structure
+						chart := files.Helm[0]
+						if chart.Directory != "../../test_files/helm-testcases" && chart.Directory != "..\\..\\test_files\\helm-testcases" {
+							t.Errorf("Expected directory '../../test_files/helm-testcases', got '%s'", chart.Directory)
+						}
+						if chart.ValuesFile != "values-extra.yaml" {
+							t.Errorf("Expected values file 'values-extra.yaml', got '%s'", chart.ValuesFile)
+						}
+						if len(chart.TemplateFiles) == 0 {
+							t.Errorf("Expected template files to be found")
+						}
+					}
+				} else {
+					if len(files.Helm) > 0 {
+						t.Errorf("Expected no Helm charts for scenario '%s', but found %d", scenario.Name, len(files.Helm))
+					}
+				}
+			}
+		})
+	}
+}
+
+// TestExtractFilesWithFullHelmDirectoryFalseErrorCases tests error scenarios when isFullHelmDirectory is false
+func TestExtractFilesWithFullHelmDirectoryFalseErrorCases(t *testing.T) {
+	extractor := NewImagesExtractor()
+
+	scenarios := []struct {
+		Name              string
+		InputPath         string
+		ExpectedErrString string
+	}{
+		{
+			Name:              "NonExistentDirectory",
+			InputPath:         "../../test_files/non-existent-directory",
+			ExpectedErrString: "unsupported file type",
+		},
+		{
+			Name:              "FileInsteadOfDirectory",
+			InputPath:         "../../test_files/helm-testcases/Chart.yaml",
+			ExpectedErrString: "unsupported file type",
+		},
+	}
+
+	// Run test scenarios
+	for _, scenario := range scenarios {
+		t.Run(scenario.Name, func(t *testing.T) {
+			// Run the function with isFullHelmDirectory = false
+			_, _, _, err := extractor.ExtractFiles(scenario.InputPath, false)
+
+			// Check for errors
+			if err == nil || !strings.Contains(err.Error(), scenario.ExpectedErrString) {
+				t.Errorf("Expected error containing '%s' but got '%v'", scenario.ExpectedErrString, err)
+			}
+		})
+	}
+}
+
+// TestExtractFilesWithFullHelmDirectoryFalseDefaultBehavior tests that the default behavior (no parameter) is the same as true
+func TestExtractFilesWithFullHelmDirectoryFalseDefaultBehavior(t *testing.T) {
+	extractor := NewImagesExtractor()
+
+	// Test that calling ExtractFiles without the isFullHelmDirectory parameter
+	// produces the same result as calling it with true
+	scanPath := "../../test_files/imageExtraction"
+
+	filesDefault, settingsDefault, pathDefault, errDefault := extractor.ExtractFiles(scanPath)
+	filesTrue, settingsTrue, pathTrue, errTrue := extractor.ExtractFiles(scanPath, true)
+
+	// Check that both calls return the same results
+	if errDefault != nil || errTrue != nil {
+		t.Errorf("Unexpected errors: default=%v, true=%v", errDefault, errTrue)
+	}
+
+	if pathDefault != pathTrue {
+		t.Errorf("Expected same path, got default=%s, true=%s", pathDefault, pathTrue)
+	}
+
+	if !CompareDockerfiles(filesDefault.Dockerfile, filesTrue.Dockerfile) {
+		t.Errorf("Dockerfiles mismatch between default and true calls")
+	}
+
+	if !CompareDockerCompose(filesDefault.DockerCompose, filesTrue.DockerCompose) {
+		t.Errorf("Docker Compose files mismatch between default and true calls")
+	}
+
+	if !CompareHelm(filesDefault.Helm, filesTrue.Helm) {
+		t.Errorf("Helm charts mismatch between default and true calls")
+	}
+
+	if !CompareSettingsFiles(settingsDefault, settingsTrue) {
+		t.Errorf("Settings files mismatch between default and true calls")
+	}
+}

pkg/imagesExtractor/utils.go

@@ -138,3 +138,162 @@ func printFilePaths(f []types.FilePath, message string) {
 		}(), ", "))
 	}
 }
+
+func findHelmFilesInDirectory(scanPath string) ([]types.HelmChartInfo, error) {
+	// Validate scan path and find helm directory
+	helmDir, err := validateScanPathAndFindHelmDir(scanPath)
+	if err != nil {
+		return nil, err
+	}
+
+	// Collect all valid Helm files
+	valuesFiles, templateFiles, err := collectHelmFiles(helmDir, helmDir)
+	if err != nil {
+		return nil, err
+	}
+
+	return createHelmChartInfo(helmDir, valuesFiles, templateFiles), nil
+}
+
+func validateScanPathAndFindHelmDir(scanPath string) (string, error) {
+	// Check if directory exists
+	if _, err := os.Stat(scanPath); os.IsNotExist(err) {
+		return "", fmt.Errorf("directory does not exist: %s", scanPath)
+	}
+
+	helmDir, isUnderHelm := findHelmDirectory(scanPath)
+	if !isUnderHelm {
+		return "", fmt.Errorf("no helm directory found in path hierarchy: %s", scanPath)
+	}
+
+	relativeScanPath, err := filepath.Rel(helmDir, scanPath)
+	if err != nil {
+		return "", fmt.Errorf("could not get relative path: %v", err)
+	}
+
+	fullScanPath := filepath.Join(helmDir, relativeScanPath)
+
+	scanPathInfo, err := os.Stat(fullScanPath)
+	if err != nil {
+		return "", fmt.Errorf("could not get scan path info: %v", err)
+	}
+	if !scanPathInfo.IsDir() {
+		return "", fmt.Errorf("scan path must be a directory: %s", scanPath)
+	}
+
+	return helmDir, nil
+}
+
+func collectHelmFiles(scanPath, helmDir string) ([]string, []types.FilePath, error) {
+	var valuesFiles []string
+	var templateFiles []types.FilePath
+
+	err := filepath.Walk(helmDir, func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		if info.IsDir() {
+			return nil
+		}
+
+		if !isYAMLFile(path) {
+			return nil
+		}
+
+		if info.Name() == "Chart.yaml" {
+			return nil
+		}
+
+		relativePath, err := filepath.Rel(helmDir, path)
+		if err != nil {
+			return err
+		}
+
+		if isValuesFile(path, helmDir) {
+			valuesFiles = append(valuesFiles, relativePath)
+		} else if isTemplateFile(relativePath) {
+			templateFiles = append(templateFiles, types.FilePath{
+				FullPath:     path,
+				RelativePath: relativePath,
+			})
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		return nil, nil, fmt.Errorf("error walking directory: %v", err)
+	}
+
+	return valuesFiles, templateFiles, nil
+}
+
+func isValuesFile(filePath, helmDir string) bool {
+	fileDir := filepath.Dir(filePath)
+	isDirectlyUnderHelm := filepath.Clean(fileDir) == filepath.Clean(helmDir)
+
+	if !isDirectlyUnderHelm {
+		return false
+	}
+
+	fileName := filepath.Base(filePath)
+	return strings.Contains(strings.ToLower(fileName), "values")
+}
+
+func isTemplateFile(relativePath string) bool {
+	relativeDir := filepath.Dir(relativePath)
+	return strings.HasPrefix(relativeDir, "templates") || relativeDir == "templates"
+}
+
+func createHelmChartInfo(helmDir string, valuesFiles []string, templateFiles []types.FilePath) []types.HelmChartInfo {
+	if len(valuesFiles) == 0 && len(templateFiles) == 0 {
+		return []types.HelmChartInfo{}
+	}
+
+	helmChart := types.HelmChartInfo{
+		Directory: helmDir,
+	}
+
+	// Add values files (take the first one as ValuesFile, others could be added to TemplateFiles if needed)
+	if len(valuesFiles) > 0 {
+		helmChart.ValuesFile = valuesFiles[0]
+		// Add remaining values files to template files for completeness
+		for i := 1; i < len(valuesFiles); i++ {
+			templateFiles = append(templateFiles, types.FilePath{
+				FullPath:     filepath.Join(helmDir, valuesFiles[i]),
+				RelativePath: valuesFiles[i],
+			})
+		}
+	}
+
+	helmChart.TemplateFiles = templateFiles
+
+	return []types.HelmChartInfo{helmChart}
+}
+
+func findHelmDirectory(dirPath string) (string, bool) {
+	currentDir := dirPath
+
+	for {
+		dirName := filepath.Base(currentDir)
+		if isHelmDirectoryName(dirName) {
+			return currentDir, true
+		}
+
+		parentDir := filepath.Dir(currentDir)
+		if parentDir == currentDir {
+			// Reached root directory
+			break
+		}
+		currentDir = parentDir
+	}
+
+	return "", false
+}
+
+func isHelmDirectoryName(dirName string) bool {
+	dirNameLower := strings.ToLower(dirName)
+
+	return strings.Contains(dirNameLower, "helm")
+}