fix: calculate the policy folder from targetFile

snyk · Jun 19, 2020 · e75db65 · e75db65
1 parent 7c56e25
commit e75db65
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 12 deletions.
diff --git a/src/lib/monitor/index.ts b/src/lib/monitor/index.ts
@@ -1,4 +1,6 @@
 import * as Debug from 'debug';
+import * as path from 'path';
+
 import * as depGraphLib from '@snyk/dep-graph';
 import * as snyk from '..';
 import { apiTokenExists } from '../api-token';
@@ -185,13 +187,21 @@ async function monitorDepTree(
     treeMissingDeps = missingDeps;
   }
 
+  let targetFileDir;
+
+  if (targetFileRelativePath) {
+    const { dir } = path.parse(targetFileRelativePath);
+    targetFileDir = dir;
+  }
+
   const policy = await findAndLoadPolicy(
     root,
     meta.isDocker ? 'docker' : packageManager!,
     options,
     // TODO: fix this and send only send when we used resolve-deps for node
     // it should be a ExpandedPkgTree type instead
     depTree,
+    targetFileDir,
   );
 
   const target = await projectMetadata.getInfo(scannedProject, meta, depTree);
@@ -328,10 +338,19 @@ export async function monitorDepGraph(
     );
   }
 
+  let targetFileDir;
+
+  if (targetFileRelativePath) {
+    const { dir } = path.parse(targetFileRelativePath);
+    targetFileDir = dir;
+  }
+
   const policy = await findAndLoadPolicy(
     root,
     meta.isDocker ? 'docker' : packageManager!,
     options,
+    undefined,
+    targetFileDir,
   );
 
   const target = await projectMetadata.getInfo(scannedProject, meta);
@@ -443,13 +462,21 @@ async function experimentalMonitorDepGraphFromDepTree(
     );
   }
 
+  let targetFileDir;
+
+  if (targetFileRelativePath) {
+    const { dir } = path.parse(targetFileRelativePath);
+    targetFileDir = dir;
+  }
+
   const policy = await findAndLoadPolicy(
     root,
     meta.isDocker ? 'docker' : packageManager!,
     options,
     // TODO: fix this and send only send when we used resolve-deps for node
     // it should be a ExpandedPkgTree type instead
     depTree,
+    targetFileDir,
   );
 
   if (['npm', 'yarn'].includes(meta.packageManager)) {

diff --git a/src/lib/policy/find-and-load-policy.ts b/src/lib/policy/find-and-load-policy.ts
@@ -14,18 +14,20 @@ export async function findAndLoadPolicy(
   scanType: SupportedPackageManagers | 'docker',
   options: PolicyOptions,
   pkg?: PackageExpanded,
+  scannedProjectFolder?: string,
 ): Promise<string | undefined> {
   const isDocker = scanType === 'docker';
   const isNodeProject = ['npm', 'yarn'].includes(scanType);
   // monitor
-  let policyLocations: string[] = [options['policy-path'] || root];
+  let policyLocations: string[] = [options['policy-path'] || scannedProjectFolder || root];
   if (isDocker) {
     policyLocations = policyLocations.filter((loc) => loc !== root);
   } else if (isNodeProject) {
     // TODO: pluckPolicies expects a package.json object to
     // find and apply policies in node_modules
     policyLocations = policyLocations.concat(pluckPolicies(pkg as PackageJson));
   }
+
   debug('Potential policy locations found:', policyLocations);
   analytics.add('policies', policyLocations.length);
   analytics.add('policyLocations', policyLocations);

diff --git a/src/lib/snyk-test/run-test.ts b/src/lib/snyk-test/run-test.ts
@@ -109,7 +109,6 @@ async function runTest(
         _.get(payload, 'body.originalProjectName');
       const foundProjectCount = _.get(payload, 'body.foundProjectCount');
       const displayTargetFile = _.get(payload, 'body.displayTargetFile');
-
       let dockerfilePackages;
       if (
         payload.body &&
@@ -403,13 +402,30 @@ async function assembleLocalPayloads(
         }
       }
 
+      // todo: normalize what target file gets used across plugins and functions
+      const targetFile =
+        scannedProject.targetFile || deps.plugin.targetFile || options.file;
+
+      // Forcing options.path to be a string as pathUtil requires is to be stringified
+      const targetFileRelativePath = targetFile
+        ? pathUtil.join(pathUtil.resolve(`${options.path || root}`), targetFile)
+        : '';
+
+      let targetFileDir;
+
+      if (targetFileRelativePath) {
+        const { dir } = path.parse(targetFileRelativePath);
+        targetFileDir = dir;
+      }
+
       const policy = await findAndLoadPolicy(
         root,
         options.docker ? 'docker' : packageManager!,
         options,
         // TODO: fix this and send only send when we used resolve-deps for node
         // it should be a ExpandedPkgTree type instead
         pkg,
+        targetFileDir,
       );
 
       analytics.add('packageManager', packageManager);
@@ -422,15 +438,6 @@ async function assembleLocalPayloads(
         addPackageAnalytics(depTree.name!, depTree.version!);
       }
 
-      // todo: normalize what target file gets used across plugins and functions
-      const targetFile =
-        scannedProject.targetFile || deps.plugin.targetFile || options.file;
-
-      // Forcing options.path to be a string as pathUtil requires is to be stringified
-      const targetFileRelativePath = targetFile
-        ? pathUtil.join(pathUtil.resolve(`${options.path}`), targetFile)
-        : '';
-
       let target: GitTarget | ContainerTarget | null;
       if (scannedProject.depGraph) {
         target = await projectMetadata.getInfo(scannedProject, options);

diff --git a/test/acceptance/cli-monitor/cli-monitor.acceptance.test.ts b/test/acceptance/cli-monitor/cli-monitor.acceptance.test.ts
@@ -13,7 +13,6 @@ import * as _ from '@snyk/lodash';
 
 // ensure this is required *after* the demo server, since this will
 // configure our fake configuration too
-import * as snykPolicy from 'snyk-policy';
 import { AllProjectsTests } from './cli-monitor.all-projects.spec';
 
 const { test, only } = tap;

diff --git a/test/acceptance/workspaces/mono-repo-project/bundler-app/.snyk b/test/acceptance/workspaces/mono-repo-project/bundler-app/.snyk