Minor reachability cleanup

Author: jdalton

src/commands/scan/finalize-tier1-scan.mts

@@ -13,16 +13,16 @@ export type FinalizeTier1ScanOptions = {
  *  - Sets the tier1 reachability scan to "finalized" state.
  */
 export async function finalizeTier1Scan(
-  tier1_reachability_scan_id: string,
-  report_run_id: string,
+  tier1ReachabilityScanId: string,
+  scanId: string,
 ): Promise<CResult<unknown>> {
   // we do not use the SDK here because the tier1-reachability-scan/finalize is a hidden
   // endpoint that is not part of the OpenAPI specification.
   return await sendApiRequest('tier1-reachability-scan/finalize', {
     method: 'POST',
     body: {
-      tier1_reachability_scan_id,
-      report_run_id,
+      tier1_reachability_scan_id: tier1ReachabilityScanId,
+      report_run_id: scanId,
     },
   })
 }

src/commands/scan/handle-create-new-scan.mts

@@ -17,6 +17,7 @@ import { generateAutoManifest } from '../manifest/generate_auto_manifest.mts'
 
 import type { ReachabilityOptions } from './perform-reachability-analysis.mts'
 import type { OutputKind } from '../../types.mts'
+import type { Remap } from '@socketsecurity/registry/lib/objects'
 
 export async function handleCreateNewScan({
   autoManifest,
@@ -50,9 +51,11 @@ export async function handleCreateNewScan({
   pendingHead: boolean
   pullRequest: number
   outputKind: OutputKind
-  reach: {
-    runReachabilityAnalysis: boolean
-  } & ReachabilityOptions
+  reach: Remap<
+    ReachabilityOptions & {
+      runReachabilityAnalysis: boolean
+    }
+  >
   readOnly: boolean
   repoName: string
   report: boolean
@@ -125,17 +128,15 @@ export async function handleCreateNewScan({
 
     spinner.start()
 
-    const reachResult = await performReachabilityAnalysis(
-      {
-        packagePaths,
-        orgSlug,
-        cwd,
-        repoName,
-        branchName,
-        reachabilityOptions: reach,
-      },
-      { spinner },
-    )
+    const reachResult = await performReachabilityAnalysis({
+      branchName,
+      cwd,
+      orgSlug,
+      packagePaths,
+      reachabilityOptions: reach,
+      repoName,
+      spinner,
+    })
 
     spinner.stop()
 
@@ -171,25 +172,22 @@ export async function handleCreateNewScan({
     },
   )
 
-  if (
-    reach &&
-    tier1ReachabilityScanId &&
-    fullScanCResult.ok &&
-    fullScanCResult.data?.id
-  ) {
-    await finalizeTier1Scan(tier1ReachabilityScanId, fullScanCResult.data.id)
+  const scanId = fullScanCResult.ok ? fullScanCResult.data?.id : undefined
+
+  if (reach && scanId && tier1ReachabilityScanId) {
+    await finalizeTier1Scan(tier1ReachabilityScanId, scanId)
   }
 
   if (report && fullScanCResult.ok) {
-    if (fullScanCResult.data?.id) {
+    if (scanId) {
       await handleScanReport({
         filePath: '-',
         fold: 'version',
         includeLicensePolicy: true,
         orgSlug,
         outputKind,
         reportLevel: 'error',
-        scanId: fullScanCResult.data.id,
+        scanId,
         short: false,
       })
     } else {
@@ -208,7 +206,6 @@ export async function handleCreateNewScan({
     }
   } else {
     spinner.stop()
-    spinner.clear()
 
     await outputCreateNewScan(fullScanCResult, { interactive, outputKind })
   }

src/commands/scan/handle-scan-reach.mts

@@ -66,16 +66,14 @@ export async function handleScanReach({
 
   spinner.start('Running reachability analysis...')
 
-  const result = await performReachabilityAnalysis(
-    {
-      cwd,
-      orgSlug,
-      packagePaths,
-      reachabilityOptions,
-      uploadManifests: true,
-    },
-    { spinner },
-  )
+  const result = await performReachabilityAnalysis({
+    cwd,
+    orgSlug,
+    packagePaths,
+    reachabilityOptions,
+    spinner,
+    uploadManifests: true,
+  })
 
   spinner.stop()
 

src/commands/scan/perform-reachability-analysis.mts

@@ -11,25 +11,22 @@ import type { PURL_Type } from '../../utils/ecosystem.mts'
 import type { Spinner } from '@socketsecurity/registry/lib/spinner'
 
 export type ReachabilityOptions = {
-  reachDisableAnalytics: boolean
   reachAnalysisTimeout: number
   reachAnalysisMemoryLimit: number
+  reachDisableAnalytics: boolean
   reachEcosystems: PURL_Type[]
   reachExcludePaths: string[]
 }
 
-export type ReachabilityAnalysisConfig = {
-  branchName?: string
-  cwd: string
-  orgSlug?: string
-  packagePaths?: string[]
-  reachabilityOptions: ReachabilityOptions
-  repoName?: string
-  uploadManifests?: boolean
-}
-
 export type ReachabilityAnalysisOptions = {
+  branchName?: string | undefined
+  cwd?: string | undefined
+  orgSlug?: string | undefined
+  packagePaths?: string[] | undefined
+  reachabilityOptions: ReachabilityOptions
+  repoName?: string | undefined
   spinner?: Spinner | undefined
+  uploadManifests?: boolean | undefined
 }
 
 export type ReachabilityAnalysisResult = {
@@ -38,22 +35,18 @@ export type ReachabilityAnalysisResult = {
 }
 
 export async function performReachabilityAnalysis(
-  {
+  options?: ReachabilityAnalysisOptions | undefined,
+): Promise<CResult<ReachabilityAnalysisResult>> {
+  const {
     branchName,
-    cwd,
+    cwd = process.cwd(),
     orgSlug,
     packagePaths,
     reachabilityOptions,
     repoName,
+    spinner,
     uploadManifests = true,
-  }: ReachabilityAnalysisConfig,
-  options?: ReachabilityAnalysisOptions | undefined,
-): Promise<CResult<ReachabilityAnalysisResult>> {
-  const { spinner } = {
-    __proto__: null,
-    ...options,
-  } as ReachabilityAnalysisOptions
-
+  } = { __proto__: null, ...options } as ReachabilityAnalysisOptions
   let tarHash: string | undefined
 
   if (uploadManifests && orgSlug && packagePaths) {
@@ -67,15 +60,15 @@ export async function performReachabilityAnalysis(
 
     const wasSpinning = !!spinner?.isSpinning
 
-    // Upload manifests to get tar hash
-    spinner?.start('Uploading manifests for reachability analysis...')
-
-    // Exclude DOT_SOCKET_DOT_FACTS_JSON if it was created in previous runs.
-    const filteredPackagePaths = packagePaths.filter(
+    // Exclude .socket.facts.json from upload.
+    const filepathsToUpload = packagePaths.filter(
       p => !p.endsWith(constants.DOT_SOCKET_DOT_FACTS_JSON),
     )
+
+    spinner?.start('Uploading manifests for reachability analysis...')
+
     const uploadCResult = await handleApiCall(
-      sockSdk.uploadManifestFiles(orgSlug, filteredPackagePaths),
+      sockSdk.uploadManifestFiles(orgSlug, filepathsToUpload),
       {
         desc: 'upload manifests',
         spinner,
@@ -105,16 +98,12 @@ export async function performReachabilityAnalysis(
 
     spinner?.start()
     spinner?.success(`Manifests uploaded successfully. Tar hash: ${tarHash}`)
-    spinner?.infoAndStop('Running reachability analysis with Coana...')
-  } else {
-    const wasSpinning = !!spinner?.isSpinning
-    spinner?.start('Running reachability analysis with Coana...')
-    if (!wasSpinning) {
-      spinner?.stop()
-    }
   }
 
-  // Build Coana arguments
+  spinner?.start()
+  spinner?.infoAndStop('Running reachability analysis with Coana...')
+
+  // Build Coana arguments.
   const coanaArgs = [
     'run',
     cwd,
@@ -124,33 +113,27 @@ export async function performReachabilityAnalysis(
     constants.DOT_SOCKET_DOT_FACTS_JSON,
     '--disable-report-submission',
     ...(reachabilityOptions.reachAnalysisTimeout
-      ? [
-          '--analysis-timeout',
-          reachabilityOptions.reachAnalysisTimeout.toString(),
-        ]
+      ? ['--analysis-timeout', `${reachabilityOptions.reachAnalysisTimeout}`]
       : []),
     ...(reachabilityOptions.reachAnalysisMemoryLimit
-      ? [
-          '--memory-limit',
-          reachabilityOptions.reachAnalysisMemoryLimit.toString(),
-        ]
+      ? ['--memory-limit', `${reachabilityOptions.reachAnalysisMemoryLimit}`]
       : []),
     ...(reachabilityOptions.reachDisableAnalytics
       ? ['--disable-analytics-sharing']
       : []),
-    // empty reachEcosystems implies scan all ecosystems
+    ...(tarHash
+      ? ['--run-without-docker', '--manifests-tar-hash', tarHash]
+      : []),
+    // Empty reachEcosystems implies scan all ecosystems.
     ...(reachabilityOptions.reachEcosystems.length
       ? ['--purl-types', ...reachabilityOptions.reachEcosystems]
       : []),
     ...(reachabilityOptions.reachExcludePaths.length
-      ? ['--exclude-dirs', reachabilityOptions.reachExcludePaths.join(' ')]
-      : []),
-    ...(tarHash
-      ? ['--manifests-tar-hash', tarHash, '--run-without-docker']
+      ? ['--exclude-dirs', ...reachabilityOptions.reachExcludePaths]
       : []),
   ]
 
-  // Build environment variables
+  // Build environment variables.
   const env: NodeJS.ProcessEnv = {
     ...process.env,
   }
@@ -161,7 +144,6 @@ export async function performReachabilityAnalysis(
     env['SOCKET_BRANCH_NAME'] = branchName
   }
 
-  // Run Coana with the manifests tar hash.
   const coanaResult = await spawnCoana(coanaArgs, {
     cwd,
     env,