diff --git a/.github/workflows/container-tests.yml b/.github/workflows/container-tests.yml index 3f9a166..e557ed8 100644 --- a/.github/workflows/container-tests.yml +++ b/.github/workflows/container-tests.yml @@ -6,7 +6,7 @@ concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true jobs: - ruby-samples: + lang-container-tests: strategy: fail-fast: false matrix: @@ -16,8 +16,7 @@ jobs: - uses: actions/checkout@v4 - name: setup paths run: | - mkdir -p repotests - mkdir -p rubyresults + mkdir -p repotests rubyresults scalaresults - uses: actions/checkout@v4 with: repository: 'campsite/campsite' @@ -33,7 +32,12 @@ jobs: repository: 'OWASP/railsgoat' path: 'repotests/railsgoat' ref: 'c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9' - - name: generate usages sbom - bionomia + - uses: actions/checkout@v4 + with: + repository: 'playframework/play-samples' + path: 'repotests/play-samples' + ref: '0dccba17856e89dbb5e457ab760efb14cc691395' + - name: generate usages - bionomia run: | mkdir -p $GITHUB_WORKSPACE/rubyresults/bionomia cd repotests/bionomia @@ -42,26 +46,37 @@ jobs: docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atom:main atom usages -l ruby -o /app/app.atom -s /app/usages.slices.json /app ls -lh cp *.slices.json $GITHUB_WORKSPACE/rubyresults/bionomia - - name: generate usages sbom - railsgoat + - name: generate usages - railsgoat run: | mkdir -p $GITHUB_WORKSPACE/rubyresults/railsgoat cd repotests/railsgoat docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atom:main atom usages --extract-endpoints -l ruby -o /app/app.atom -s /app/usages.slices.json /app ls -lh cp *.slices.json $GITHUB_WORKSPACE/rubyresults/railsgoat - - name: generate usages sbom - campsite + - name: generate usages - campsite run: | mkdir -p $GITHUB_WORKSPACE/rubyresults/campsite cd repotests/campsite/api docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/atom:main atom usages -l ruby -o /app/app.atom -s /app/usages.slices.json /app ls -lh cp *.slices.json $GITHUB_WORKSPACE/rubyresults/campsite + - name: generate usages - play-samples + run: | + mkdir -p $GITHUB_WORKSPACE/scalaresults/play-samples + cd repotests/play-samples/play-scala-rest-api-example + docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -w /app -t ghcr.io/appthreat/atom:main atom usages --extract-endpoints -l scala -o /app/app.atom -s /app/usages.slices.json /app + ls -lh + cp *.slices.json $GITHUB_WORKSPACE/scalaresults/play-samples - uses: actions/upload-artifact@v4 with: name: rubyresults path: rubyresults if: matrix.os == 'ubuntu-24.04' - + - uses: actions/upload-artifact@v4 + with: + name: scalaresults + path: scalaresults + if: matrix.os == 'ubuntu-24.04' npm-latest-tests: strategy: fail-fast: false diff --git a/.github/workflows/containers.yml b/.github/workflows/containers.yml index e5b8e71..85cf09b 100644 --- a/.github/workflows/containers.yml +++ b/.github/workflows/containers.yml @@ -34,6 +34,9 @@ jobs: distribution: 'temurin' java-version: '22' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Use Node.js uses: actions/setup-node@v4 with: @@ -102,6 +105,9 @@ jobs: distribution: 'temurin' java-version: '22' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Use Node.js uses: actions/setup-node@v4 with: @@ -201,6 +207,9 @@ jobs: distribution: 'temurin' java-version: '22' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Use Node.js uses: actions/setup-node@v4 with: @@ -270,6 +279,9 @@ jobs: distribution: 'temurin' java-version: '22' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Use Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/nodejstests.yml b/.github/workflows/nodejstests.yml index a1d57ff..f922ba5 100644 --- a/.github/workflows/nodejstests.yml +++ b/.github/workflows/nodejstests.yml @@ -55,6 +55,11 @@ jobs: repository: 'OWASP/railsgoat' path: 'repotests/railsgoat' ref: 'c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9' + - uses: actions/checkout@v4 + with: + repository: 'playframework/play-samples' + path: 'repotests/play-samples' + ref: '0dccba17856e89dbb5e457ab760efb14cc691395' - uses: coursier/cache-action@v6 - name: Set up JDK uses: actions/setup-java@v4 @@ -62,6 +67,9 @@ jobs: distribution: 'temurin' java-version: ${{ matrix.java-version }} - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: "Install PHP" uses: "shivammathur/setup-php@v2" with: @@ -82,6 +90,7 @@ jobs: if: runner.os == 'Linux' - run: | sbt stage createDistribution + python -m pip install atom-tools cd wrapper/nodejs bash build.sh sudo npm install -g . @@ -96,6 +105,7 @@ jobs: atom -l c -o ${GITHUB_WORKSPACE}/repotests/libexpat/app.atom ${GITHUB_WORKSPACE}/repotests/libexpat atom -o ${GITHUB_WORKSPACE}/repotests/railsgoat/app.atom -l ruby ${GITHUB_WORKSPACE}/repotests/railsgoat atom -o ${GITHUB_WORKSPACE}/repotests/bionomia/app.atom -l ruby ${GITHUB_WORKSPACE}/repotests/bionomia + atom -o ${GITHUB_WORKSPACE}/repotests/play-samples/play-scala-rest-api-example/app.atom -l scala ${GITHUB_WORKSPACE}/repotests/play-samples/play-scala-rest-api-example env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} nodejs-testing-windows: @@ -110,6 +120,10 @@ jobs: uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.12' - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-java-example' @@ -130,6 +144,11 @@ jobs: with: repository: 'HooliCorp/DjanGoat' path: 'repotests/DjanGoat' + - uses: actions/checkout@v4 + with: + repository: 'playframework/play-samples' + path: 'repotests/play-samples' + ref: '0dccba17856e89dbb5e457ab760efb14cc691395' - uses: coursier/cache-action@v6 - name: Set up JDK uses: actions/setup-java@v4 @@ -137,10 +156,14 @@ jobs: distribution: 'temurin' java-version: ${{ matrix.java-version }} - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: build shell: pwsh run: | sbt stage createDistribution + python -m pip install atom-tools cd wrapper\\nodejs copy ..\..\target\atom.zip plugins\ Expand-Archive -Path ..\..\target\atom.zip -DestinationPath plugins\ -Force @@ -161,6 +184,7 @@ jobs: atom -l python --remove-atom -o $env:GITHUB_WORKSPACE\\repotests\\DjanGoat\\app.atom $env:GITHUB_WORKSPACE\\repotests\\DjanGoat atom parsedeps --remove-atom -l python -o $env:GITHUB_WORKSPACE\\repotests\\DjanGoat\\app.atom $env:GITHUB_WORKSPACE\\repotests\\DjanGoat atom -l c -o $env:GITHUB_WORKSPACE\\repotests\\libexpat\\app.atom $env:GITHUB_WORKSPACE\\repotests\\libexpat + atom -l scala -o $env:GITHUB_WORKSPACE\\repotests\\play-samples\\play-scala-rest-api-example\\app.atom $env:GITHUB_WORKSPACE\\repotests\\play-samples\\play-scala-rest-api-example - name: test3 shell: cmd run: | diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index 926968c..3a4a342 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -31,6 +31,9 @@ jobs: distribution: 'temurin' java-version: '21' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Build run: | sudo apt update -y diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 915a6ca..aa7120b 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -61,6 +61,9 @@ jobs: native-image-job-reports: 'true' cache: 'sbt' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - run: | sbt stage createDistribution cd wrapper/nodejs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 929adf4..9a960d3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,6 +73,9 @@ jobs: native-image-job-reports: 'true' cache: 'sbt' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - uses: oras-project/setup-oras@v1 - run: | wget https://github.com/upx/upx/releases/download/v5.0.0/upx-5.0.0-amd64_linux.tar.xz @@ -145,6 +148,9 @@ jobs: native-image-job-reports: 'true' cache: 'sbt' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - uses: oras-project/setup-oras@v1 - run: | wget https://github.com/upx/upx/releases/download/v5.0.0/upx-5.0.0-arm64_linux.tar.xz @@ -199,6 +205,9 @@ jobs: native-image-job-reports: 'true' cache: 'sbt' - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - uses: oras-project/setup-oras@v1 - run: | brew install coreutils diff --git a/.github/workflows/repotests.yml b/.github/workflows/repotests.yml index e01d78c..f083ffd 100644 --- a/.github/workflows/repotests.yml +++ b/.github/workflows/repotests.yml @@ -2,7 +2,6 @@ name: repotests on: push: branches: - - main - feature/* workflow_dispatch: concurrency: @@ -70,6 +69,11 @@ jobs: repository: 'OWASP/railsgoat' path: 'repotests/railsgoat' ref: 'c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9' + - uses: actions/checkout@v4 + with: + repository: 'playframework/play-samples' + path: 'repotests/play-samples' + ref: '0dccba17856e89dbb5e457ab760efb14cc691395' - uses: coursier/cache-action@v6 - name: Set up JDK uses: actions/setup-java@v4 @@ -77,6 +81,9 @@ jobs: distribution: 'temurin' java-version: ${{ matrix.java-version }} - uses: sbt/setup-sbt@v1 + - uses: coursier/setup-action@v1 + with: + apps: scala3 scalac - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 with: @@ -135,6 +142,14 @@ jobs: ./atom.sh usages --extract-endpoints --remove-atom -o /tmp/railsgoat2.atom -l ruby $GITHUB_WORKSPACE/repotests/railsgoat -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/railsgoat2.usages.json ./atom.sh usages --remove-atom -o /tmp/bionomia2.atom -l ruby $GITHUB_WORKSPACE/repotests/bionomia -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/bionomia2.usages.json ./atom.sh --remove-atom -o /tmp/java-sec-code.atom -l java $GITHUB_WORKSPACE/repotests/java-sec-code -Dlog4j.configurationFile=log4j2.xml -x --export-dir gml_exports + + ./atom.sh --remove-atom -o /tmp/play-scala-slick-example.atom -l scala $GITHUB_WORKSPACE/repotests/play-samples/play-scala-slick-example + ls -lh $GITHUB_WORKSPACE/repotests/play-samples/play-scala-slick-example + ./atom.sh --remove-atom -o /tmp/play-scala-rest-api-example.atom -l scala $GITHUB_WORKSPACE/repotests/play-samples/play-scala-rest-api-example + ./atom.sh usages --extract-endpoints --remove-atom -o /tmp/play-scala-rest-api-example.atom -l scala $GITHUB_WORKSPACE/repotests/play-samples/play-scala-rest-api-example --slice-outfile /tmp/scala-rest.usages.json + ls -lh $GITHUB_WORKSPACE/repotests/play-samples/play-scala-rest-api-example + ./atom.sh --remove-atom -o /tmp/play-scala-grpc-example.atom -l scala $GITHUB_WORKSPACE/repotests/play-samples/play-scala-grpc-example + ls -lh $GITHUB_WORKSPACE/repotests/play-samples/play-scala-grpc-example ls -lh . if: runner.os != 'Windows' env: diff --git a/ci/Dockerfile b/ci/Dockerfile index 67b9bed..8d94535 100644 --- a/ci/Dockerfile +++ b/ci/Dockerfile @@ -114,4 +114,6 @@ RUN unzip -q atom.zip \ && rbastgen --help \ && microdnf clean all +WORKDIR /app + CMD ["/opt/bin/atom"] diff --git a/ci/Dockerfile.sle b/ci/Dockerfile.sle index 87f7f3b..d78c515 100644 --- a/ci/Dockerfile.sle +++ b/ci/Dockerfile.sle @@ -96,4 +96,6 @@ RUN unzip -q atom.zip \ && rbastgen --help \ && zypper clean -a +WORKDIR /app + CMD ["/opt/bin/atom"] diff --git a/src/main/scala/io/appthreat/atom/Atom.scala b/src/main/scala/io/appthreat/atom/Atom.scala index 05d8ed7..6621f37 100644 --- a/src/main/scala/io/appthreat/atom/Atom.scala +++ b/src/main/scala/io/appthreat/atom/Atom.scala @@ -540,9 +540,16 @@ object Atom: ) result match case Success(_) => - println( - s"Semantic slices file '${semanticSlicesFile}' created successfully." - ) + if File(semanticSlicesFile).exists then + println( + s"Semantic slices file '${semanticSlicesFile}' created successfully." + ) + else{ + println(s"scalasem ${workDir} ${semanticSlicesFile}") + println( + s"scalasem command did not produce the semantic slices file." + ) +} case Failure(exception) => println( s"Failed to run scalasem. Use the atom container image and re-run this command. Exception: ${exception.getMessage}" diff --git a/wrapper/nodejs/scalasem.js b/wrapper/nodejs/scalasem.js index b6656e7..0fe53ef 100755 --- a/wrapper/nodejs/scalasem.js +++ b/wrapper/nodejs/scalasem.js @@ -15,14 +15,10 @@ import { } from "node:fs"; function main(argvs) { - if (!detectScala()) { + if (!detectScala() && !detectScalac()) { console.warn("Scala is not installed!"); return false; } - if (!detectScalac()) { - console.warn("Scalac is not installed!"); - return false; - } let configFiles = getAllFiles(argvs[0], "routes"); configFiles = configFiles.concat(getAllFiles(argvs[0], ".conf")); let tastyFiles = getAllFiles(argvs[0], ".tasty");