codeclient

package module
v1.22.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2025 License: MIT Imports: 13 Imported by: 2

README

code-client-go

A library that exposes scanning capabilities for Snyk Code that can be used in the Snyk CLI as well as Snyk IDE plugins using the Snyk Language Server.

Installation

$ go get github.com/snyk/code-client-go

Usage

HTTP Client

Use the HTTP client to make HTTP requests with configured retriable codes and authorisation headers for Snyk Rest APIs.

You can either configure the client using the functional options pattern provided or by implementing the interfaces.

Provide a net/http.Client factory to customize the underlying HTTP protocol behavior (timeouts, etc).

import (
    "net/http"

    "github.com/rs/zerolog"
    codeClientHTTP "github.com/snyk/code-client-go/http"
    codeClientObservability  "github.com/snyk/code-client-go/observability"
)

logger := zerlog.NewLogger(...)
instrumentor := codeClientObservability.NewInstrumentor()
errorReporter := codeClientObservability.NewErrorReporter()
httpClient := codeClientHTTP.NewHTTPClient(
    func() *http.Client {
        return &http.Client{
            Timeout: time.Duration(1) * time.Second,
        }
    },
    codeClientHTTP.WithRetryCount(1),
    codeClientHTTP.WithLogger(logger),
    codeClientHTTP.WithInstrumentor(instrumentor),
    codeClientHTTP.WithErrorReporter(errorReporter),
)

The HTTP client exposes a Do function.

Target

Use the target to record the target of a scan, which can be either a folder enhanced with repository metadata or a repository.

import (
    codeClientScan  "github.com/snyk/code-client-go/scan"
)

target, _ := codeClientScan.NewRepositoryTarget(path)

target, _ := codeClientScan.NewRepositoryTarget(path, codeClientScan.WithRepositoryUrl("https://github.com/snyk/code-client-go.git"))
Tracker Factory

Use the tracker factory to generate a tracker used to update the consumer of the client with frequent progress updates.

The tracker either exposes an interface with two Begin and End functions or an implementation that doesn't do anything.

import (
    codeClientScan  "github.com/snyk/code-client-go/scan"
)

trackerFactory := codeClientScan.NewNoopTrackerFactory()

tracker := trackerFactory.GenerateTracker()
tracker.Begin()
...
tracker.End()
Configuration

Implement the config.Config interface to configure the Snyk Code API client from applications.

Code Scanner

Use the Code Scanner to trigger a scan for a Snyk Code workspace using the Bundle Manager created above.

The Code Scanner exposes a UploadAndAnalyze function, which can be used like this:

import (
    codeClient  "github.com/snyk/code-client-go"
)

config := newConfigForMyApp()
codeScanner := codeClient.NewCodeScanner(
    httpClient,
    config,
	codeClient.WithTrackerFactory(trackerFactory),
    codeClientHTTP.WithLogger(logger),
    codeClientHTTP.WithInstrumentor(instrumentor),
    codeClientHTTP.WithErrorReporter(errorReporter),
)
codeScanner.UploadAndAnalyze(context.Background(), requestId, target, channelForWalkingFiles, changedFiles)
Observability

Under ./observability we have defined some observability interfaces which allows consumers of the library to inject their own observability implementations as long as they follow the defined interfaces.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewCodeScanner added in v0.4.0 

func NewCodeScanner(
	config config.Config,
	httpClient codeClientHTTP.HTTPClient,
	options ...OptionFunc,
) *codeScanner

NewCodeScanner creates a Code Scanner which can be used to trigger Snyk Code on a folder.

Types

type AnalysisOption added in v1.15.0 

type AnalysisOption func(*analysis.AnalysisConfig)

func ReportLocalTest added in v1.15.0 

func ReportLocalTest(projectName string, targetName string, targetReference string) AnalysisOption

func ReportRemoteTest added in v1.15.0 

func ReportRemoteTest(projectId uuid.UUID, commitId string) AnalysisOption

type CodeScanner added in v0.4.0 

type CodeScanner interface {
	Upload(
		ctx context.Context,
		requestId string,
		target scan.Target,
		files <-chan string,
		changedFiles map[string]bool,
	) (bundle.Bundle, error)

	UploadAndAnalyze(
		ctx context.Context,
		requestId string,
		target scan.Target,
		files <-chan string,
		changedFiles map[string]bool,
	) (*sarif.SarifResponse, string, error)
}

type OptionFunc added in v1.4.4 

type OptionFunc func(*codeScanner)

func WithErrorReporter added in v1.4.4 

func WithErrorReporter(errorReporter observability.ErrorReporter) OptionFunc

func WithFlow added in v1.7.0 

func WithFlow(flow string) OptionFunc

func WithInstrumentor added in v1.4.4 

func WithInstrumentor(instrumentor observability.Instrumentor) OptionFunc

func WithLogger added in v1.4.4 

func WithLogger(logger *zerolog.Logger) OptionFunc

func WithTrackerFactory added in v1.6.0 

func WithTrackerFactory(trackerFactory scan.TrackerFactory) OptionFunc

Source Files

View all Source files

Directories

Path Synopsis
mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
Package http defines the HTTP client used to interact with the Snyk Code API.
 Package http defines the HTTP client used to interact with the Snyk Code API.
mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
internal
analysis
analysis/mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
api/test/2024-12-21
Package v20241221 provides primitives to interact with the openapi HTTP API.
 Package v20241221 provides primitives to interact with the openapi HTTP API.
api/test/2024-12-21/common
Package v20241221 provides primitives to interact with the openapi HTTP API.
 Package v20241221 provides primitives to interact with the openapi HTTP API.
api/test/2024-12-21/models
Package v20241221 provides primitives to interact with the openapi HTTP API.
 Package v20241221 provides primitives to interact with the openapi HTTP API.
api/test/2024-12-21/parameters
Package v20241221 provides primitives to interact with the openapi HTTP API.
 Package v20241221 provides primitives to interact with the openapi HTTP API.
deepcode
* © 2024 Snyk Limited All rights reserved.
 * © 2024 Snyk Limited All rights reserved.
deepcode/mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
util
util/encoding
util/testutil
* © 2024 Snyk Limited All rights reserved.
 * © 2024 Snyk Limited All rights reserved.
mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
* © 2024 Snyk Limited All rights reserved.
 * © 2024 Snyk Limited All rights reserved.
mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.