chore:[CSENG-68] add ffg call

chore:[CSENG-68] correct ffg path in fake server

chore:[CSENG-68] update ffg hidden end point

chore: [CSENG-68] plug in ffg call

chore: [CSENG-68] update package

chore: [CSENG-68] correct org

chore: code tidy for CSENG-68

chore: update to use makeRequest

chore: update tap tests [CSENG-68]

chore: remove status check for CSENG-68

Author: brew42

package-lock.json

@@ -121,7 +121,7 @@
     "snyk-go-plugin": "1.28.0",
     "snyk-gradle-plugin": "5.1.1",
     "snyk-module": "3.1.0",
-    "snyk-mvn-plugin": "4.3.3",
+    "snyk-mvn-plugin": "4.5.0",
     "snyk-nodejs-lockfile-parser": "2.4.3",
     "snyk-nodejs-plugin": "1.4.5",
     "snyk-nuget-plugin": "2.12.0",

package.json

@@ -0,0 +1,81 @@
+import config from '../config';
+import { getAuthHeader } from '../api-token';
+import { FeatureFlagsEvaluationResponse } from './types';
+import { makeRequest } from '../request';
+import { AuthFailedError, ValidationError } from '../errors';
+import { TestLimitReachedError } from '../../cli/commands/test/iac/local-execution/usage-tracking';
+
+export const SHOW_MAVEN_BUILD_SCOPE = 'show-maven-build-scope';
+
+export async function evaluateFeatureFlagsForOrg(
+  flags: string[],
+  orgId: string,
+  version = '2024-10-15',
+): Promise<FeatureFlagsEvaluationResponse> {
+  if (!orgId.trim()) {
+    throw new Error('orgId is required');
+  }
+
+  const url =
+    `${config.API_HIDDEN_URL}/orgs/${encodeURIComponent(orgId)}` +
+    `/feature_flags/evaluation?version=${encodeURIComponent(version)}`;
+
+  const payload = {
+    data: {
+      type: 'feature_flags_evaluation',
+      attributes: { flags },
+    },
+  };
+
+  const { res, body } = await makeRequest({
+    url,
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/vnd.api+json',
+      Authorization: getAuthHeader(),
+    },
+    body: payload,
+    json: true,
+    noCompression: true,
+  });
+
+  switch (res.statusCode) {
+    case 200:
+      break;
+    case 401:
+      throw AuthFailedError();
+    case 429:
+      throw new TestLimitReachedError();
+    default:
+      throw new ValidationError(
+        res.body?.error ?? 'An error occurred, please contact Snyk support',
+      );
+  }
+
+  if (body?.errors?.length) {
+    const first = body.errors[0];
+    throw new Error(
+      `Feature flag evaluation failed: ${first?.status ?? res.statusCode} ${
+        first?.detail ?? res.statusMessage
+      }`,
+    );
+  }
+
+  return body as FeatureFlagsEvaluationResponse;
+}
+
+export async function getFeatureFlagValue(
+  flag: string,
+  orgId: string,
+): Promise<boolean> {
+  try {
+    const result = await evaluateFeatureFlagsForOrg([flag], orgId);
+
+    return (
+      result.data.attributes.evaluations.find((e) => e.key === flag)?.value ??
+      false
+    );
+  } catch (err) {
+    return false;
+  }
+}

src/lib/feature-flag-gateway/index.ts

@@ -0,0 +1,15 @@
+export type FeatureFlagsEvaluationResponse = {
+  jsonapi?: { version: string };
+  data: {
+    id: string;
+    type: 'feature_flags_evaluation';
+    attributes: {
+      evaluations: Array<{
+        key: string;
+        value: boolean;
+        reason: string;
+      }>;
+      evaluatedAt: string;
+    };
+  };
+};

src/lib/feature-flag-gateway/types.ts

@@ -16,7 +16,7 @@ import {
   AUTO_DETECTABLE_FILES,
   detectPackageManagerFromFile,
 } from '../detect';
-import analytics = require('../analytics');
+import * as analytics from '../analytics';
 import { convertSingleResultToMultiCustom } from './convert-single-splugin-res-to-multi-custom';
 import { convertMultiResultToMultiCustom } from './convert-multi-plugin-res-to-multi-custom';
 import { processYarnWorkspaces } from './nodejs-plugin/yarn-workspaces-parser';
@@ -102,7 +102,12 @@ export async function getDepsFromPlugin(
   if (!options.docker && !(options.file || options.packageManager)) {
     throw NoSupportedManifestsFoundError([...root]);
   }
-  const inspectRes = await getSinglePluginResult(root, options);
+  const inspectRes = await getSinglePluginResult(
+    root,
+    options,
+    '',
+    featureFlags,
+  );
 
   if (!pluginApi.isMultiResult(inspectRes)) {
     if (!inspectRes.package && !inspectRes.dependencyGraph) {

src/lib/plugins/get-deps-from-plugin.ts

@@ -116,6 +116,7 @@ export async function getMultiPluginResult(
         root,
         optionsClone,
         optionsClone.file,
+        featureFlags,
       );
       let resultWithScannedProjects: cliInterface.legacyPlugin.MultiProjectResult;
 

src/lib/plugins/get-multi-plugin-result.ts

@@ -1,21 +1,27 @@
-import plugins = require('.');
+import * as plugins from '.';
 import { ModuleInfo } from '../module-info';
 import { legacyPlugin as pluginApi } from '@snyk/cli-interface';
 import { TestOptions, Options, MonitorOptions } from '../types';
 import { snykHttpClient } from '../request/snyk-http-client';
 import * as types from './types';
+import { SHOW_MAVEN_BUILD_SCOPE } from '../feature-flag-gateway';
 
 export async function getSinglePluginResult(
   root: string,
   options: Options & (TestOptions | MonitorOptions),
   targetFile?: string,
+  featureFlags: Set<string> = new Set<string>(),
 ): Promise<pluginApi.InspectResult> {
   const plugin: types.Plugin = plugins.loadPlugin(options.packageManager);
   const moduleInfo = ModuleInfo(plugin, options.policy);
+
   const inspectRes: pluginApi.InspectResult = await moduleInfo.inspect(
     root,
     targetFile || options.file,
-    { ...options },
+    {
+      ...options,
+      showMavenBuildScope: featureFlags.has(SHOW_MAVEN_BUILD_SCOPE),
+    },
     snykHttpClient,
   );
   return inspectRes;

src/lib/plugins/get-single-plugin-result.ts

@@ -2,6 +2,7 @@ module.exports = test;
 
 const detect = require('../detect');
 const { runTest } = require('./run-test');
+
 const chalk = require('chalk');
 const pm = require('../package-managers');
 const { UnsupportedPackageManagerError } = require('../errors');
@@ -12,6 +13,11 @@ const {
   DOTNET_WITHOUT_PUBLISH_FEATURE_FLAG,
   MAVEN_DVERBOSE_EXHAUSTIVE_DEPS_FF,
 } = require('../package-managers');
+const {
+  getFeatureFlagValue,
+  SHOW_MAVEN_BUILD_SCOPE,
+} = require('../feature-flag-gateway');
+const { getOrganizationID } = require('../organization');
 
 async function test(root, options, callback) {
   if (typeof options === 'function') {
@@ -76,6 +82,14 @@ async function executeTest(root, options) {
       ? new Set([PNPM_FEATURE_FLAG])
       : new Set([]);
 
+    const showScope = await getFeatureFlagValue(
+      SHOW_MAVEN_BUILD_SCOPE,
+      getOrganizationID(),
+    );
+    if (showScope) {
+      featureFlags.add(SHOW_MAVEN_BUILD_SCOPE);
+    }
+
     if (!options.allProjects) {
       options.packageManager = detect.detectPackageManager(
         root,

src/lib/snyk-test/index.js

@@ -214,6 +214,7 @@ export const fakeServer = (basePath: string, snykToken: string): FakeServer => {
 
     if (
       req.url?.includes('/iac-org-settings') ||
+      req.url?.includes('/feature_flags/evaluation') ||
       req.url?.includes('/cli-config/feature-flags/') ||
       (!nextResponse && !nextStatusCode && !statusCode)
     ) {
@@ -887,6 +888,56 @@ export const fakeServer = (basePath: string, snykToken: string): FakeServer => {
     });
   });
 
+  app.post('/api/hidden/orgs/:orgId/feature_flags/evaluation', (req, res) => {
+    const { orgId } = req.params;
+    const flags: string[] = req.body?.data?.attributes?.flags ?? [];
+
+    // Example: org that has no flags at all
+    if (orgId === 'no-flag') {
+      return res.send({
+        data: {
+          type: 'feature_flags_evaluation',
+          attributes: {
+            evaluations: flags.map((flag) => ({
+              key: flag,
+              value: false,
+              reason: 'not_available',
+            })),
+            evaluatedAt: new Date().toISOString(),
+          },
+        },
+      });
+    }
+
+    const evaluations = flags.map((flag) => {
+      if (!featureFlags.has(flag)) {
+        return {
+          key: flag,
+          value: false,
+          reason: 'not_available',
+        };
+      }
+
+      const enabled = featureFlags.get(flag);
+
+      return {
+        key: flag,
+        value: Boolean(enabled),
+        reason: enabled ? 'found' : 'not_available',
+      };
+    });
+
+    res.send({
+      data: {
+        type: 'feature_flags_evaluation',
+        attributes: {
+          evaluations,
+          evaluatedAt: new Date().toISOString(),
+        },
+      },
+    });
+  });
+
   app.get(basePath + '/iac-org-settings', (req, res) => {
     const baseResponse = {
       meta: {