Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: HEAD-679 only check snykgov.io domain to check if fedramp #373

Merged
merged 5 commits into from
Sep 4, 2023
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix: only check snykgov.io domain to check if fedramp
  • Loading branch information
j-luong committed Sep 4, 2023
commit 41a93fc41aeb380114e5a0e252a93879fc099826
7 changes: 3 additions & 4 deletions src/snyk/common/configuration/configuration.ts
Original file line number Diff line number Diff line change
@@ -196,16 +196,15 @@ export class Configuration implements IConfiguration {
get isFedramp(): boolean {
if (!this.customEndpoint) return false;

// FEDRAMP URL e.g. https://api.fedramp.snykgov.io
// FEDRAMP URL e.g. https://api.feddramp.snykgov.io
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo in the comment?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think just pointing out that the fedramp part is irrelevant (the domain is the trigger)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry yes, we check for snykgov.io only now

const endpoint = new URL(this.customEndpoint);

// hostname validation
const hostnameParts = endpoint.hostname.split('.');
if (hostnameParts.length < 3) return false;

const isFedrampInstance = hostnameParts[1].includes('fedramp');
const isFedrampDomain = hostnameParts[2].includes('snykgov') && hostnameParts[3].includes('io');
return isFedrampDomain && isFedrampInstance;
const isFedrampDomain = `${hostnameParts[2]}.${hostnameParts[3]}`.includes('snykgov.io');
return isFedrampDomain;
}

get snykOssApiEndpoint(): string {
2 changes: 1 addition & 1 deletion src/test/integration/analytics.test.ts
Original file line number Diff line number Diff line change
@@ -36,7 +36,7 @@ suite('Analytics', () => {
});

test('"Welcome Is Viewed" not tracked if using fedramp endpoint', async () => {
await configuration.setEndpoint('https://api.fedramp.snykgov.io');
await configuration.setEndpoint('https://api.feddramp.snykgov.io');
await vscode.commands.executeCommand('workbench.action.toggleSidebarVisibility');
await vscode.commands.executeCommand(VSCODE_VIEW_CONTAINER_COMMAND);

20 changes: 20 additions & 0 deletions src/test/unit/common/configuration.test.ts
Original file line number Diff line number Diff line change
@@ -211,4 +211,24 @@ suite('Configuration', () => {
strictEqual(configuration.scanningMode, mode);
});
});

suite('.isFedramp()', () => {
test('returns true for FEDRAMP URLs', () => {
const fedrampUrl = 'https://api.fedramp.snykgov.io';
const workspace = stubWorkspaceConfiguration(ADVANCED_CUSTOM_ENDPOINT, fedrampUrl);

const configuration = new Configuration({}, workspace);

strictEqual(configuration.isFedramp, true);
});

test('returns false for non-FEDRAMP URLs', () => {
const nonFedrampUrl = 'https://api.snyk.io';
const workspace = stubWorkspaceConfiguration(ADVANCED_CUSTOM_ENDPOINT, nonFedrampUrl);

const configuration = new Configuration({}, workspace);

strictEqual(configuration.isFedramp, false);
});
});
});