osemgrep: porting env.py (semgrep#6362)

* osemgrep: porting env.py

test plan:
make test

* fix mistake on Sys.getcwd instead of homedir

* misc

semgrep-core/semgrep.opam

@@ -29,6 +29,7 @@ bug-reports: "https://github.com/returntocorp/semgrep/issues"
 # You may also need to update the ocaml:alpine-xxx image used in ../Dockerfile.
 depends: [
   "dune" {>= "2.7.0" }
+  "base"
   "atdgen"
   "yojson"
   "yaml"

semgrep-core/src/osemgrep/TOPORT/state.py

@@ -7,7 +7,6 @@ class SemgrepState:
     """
 
     app_session: AppSession = Factory(AppSession)
-    env: Env = Factory(Env)
     metrics: Metrics = Factory(Metrics)
     error_handler: ErrorHandler = Factory(ErrorHandler)
     settings: Settings = Factory(Settings)

semgrep-core/src/osemgrep/core/Constants.ml

@@ -19,7 +19,9 @@ let _default_semgrep_app_config_url = "api/agent/deployments/scans/config"
 
 (* LATER: move to Scan_CLI.default directly *)
 let default_timeout = 30 (* seconds *)
-let _settings_filename = "settings.yml"
+
+(* LATER: used in other places than Semgrep_envvars.ml? then move there? *)
+let settings_filename = "settings.yml"
 let yml_extensions = [ ".yml"; ".yaml" ]
 let _yml_suffixes = Common.map (fun ext -> [ ext ]) yml_extensions
 let _yml_test_suffixes = Common.map (fun ext -> [ ".test"; ext ]) yml_extensions

semgrep-core/src/osemgrep/core/Constants.mli

@@ -13,6 +13,7 @@ type rule_severity = Info | Warning | Error | Inventory | Experiment
 
 val default_max_target_size : int
 val default_timeout : int
+val settings_filename : string
 
 (* "-", the rule id for interactive rule? via -e ? *)
 val cli_rule_id : string

semgrep-core/src/osemgrep/core/Semgrep_envvars.ml

@@ -0,0 +1,105 @@
+(*****************************************************************************)
+(* Prelude *)
+(*****************************************************************************)
+(*
+   Typed access to Semgrep environment variables (e.g., SEMGREP_IN_DOCKER).
+
+   Translated from env.py.
+
+   There are other Semgrep environment variables which are not mentioned
+   in this file because their value is accessed by Cmdliner
+   in Scan_CLI.conf (SEMGREP_BASELINE_COMMIT, SEMGREP_SEND_METRICS,
+   SEMGREP_TIMEOUT, and SEMGREP_RULES).
+*)
+
+(*****************************************************************************)
+(* Helpers *)
+(*****************************************************************************)
+(* LATER: use Fpath.of_string or something at some point *)
+let path_of_string s = s
+let ( / ) a b = Filename.concat a b
+
+let%test_unit "Semgrep_envvars.(/)" =
+  [%test_eq: Base.string] ("a/b/" / "c/d" / "foo.c") "a/b/c/d/foo.c"
+
+let env_opt var = Sys.getenv_opt var
+
+let env_or conv var default =
+  match Sys.getenv_opt var with
+  | None -> conv default
+  | Some x -> conv x
+
+let in_env var = env_opt var <> None
+
+(*****************************************************************************)
+(* Types and constants *)
+(*****************************************************************************)
+
+(* TODO: could we use deriving to automate the generation of
+ * env below? [@default = ...] or use ATD?
+ *)
+type t = {
+  semgrep_url : Uri.t;
+  fail_open_url : Uri.t;
+  app_token : string option;
+  version_check_url : Uri.t;
+  version_check_timeout : int;
+  (* LATER: use FPath.t *)
+  version_check_cache_path : Common.filename;
+  git_command_timeout : int;
+  src_directory : Common.filename;
+  user_data_folder : Common.filename;
+  user_log_file : Common.filename;
+  user_settings_file : Common.filename;
+  in_docker : bool;
+  in_gh_action : bool;
+  (* deprecated *)
+  in_agent : bool;
+  min_fetch_depth : int;
+  shouldafound_base_url : Uri.t;
+  shouldafound_no_email : bool;
+}
+
+(* less: make it Lazy? *)
+let env : t =
+  let user_data_folder =
+    let parent_dir =
+      match Sys.getenv_opt "XDG_CONFIG_HOME" with
+      | Some x when Sys.is_directory x -> x
+      | _else_ -> Sys.getenv "HOME"
+    in
+    parent_dir / ".semgrep"
+  in
+  {
+    (* TOPORT: also SEMGREP_APP_URL *)
+    semgrep_url = env_or Uri.of_string "SEMGREP_URL" "https://semgrep.dev";
+    fail_open_url =
+      env_or Uri.of_string "SEMGREP_FAIL_OPEN_URL"
+        "https://fail-open.prod.semgrep.dev/failure";
+    shouldafound_base_url =
+      env_or Uri.of_string "SEMGREP_SHOULDAFOUND_BASE_URL"
+        "https://shouldafound.semgrep.dev";
+    app_token = env_opt "SEMGREP_APP_TOKEN";
+    version_check_url =
+      env_or Uri.of_string "SEMGREP_VERSION_CHECK_URL"
+        "https://semgrep.dev/api/check-version";
+    version_check_timeout =
+      env_or int_of_string "SEMGREP_VERSION_CHECK_TIMEOUT" "2";
+    version_check_cache_path =
+      env_or path_of_string "SEMGREP_VERSION_CACHE_PATH"
+        (Sys.getcwd () / ".cache" / "semgrep_version");
+    git_command_timeout =
+      env_or int_of_string "SEMGREP_GIT_COMMAND_TIMEOUT" "300";
+    src_directory = env_or path_of_string "SEMGREP_SRC_DIRECTORY" "/src";
+    user_data_folder;
+    user_log_file =
+      env_or path_of_string "SEMGREP_LOG_FILE" (user_data_folder / "semgrep.log");
+    user_settings_file =
+      env_or path_of_string "SEMGREP_SETTINGS_FILE"
+        (user_data_folder / Constants.settings_filename);
+    in_docker = in_env "SEMGREP_IN_DOCKER";
+    in_gh_action = in_env "GITHUB_WORKSPACE";
+    in_agent = in_env "SEMGREP_AGENT";
+    shouldafound_no_email = in_env "SEMGREP_SHOULDAFOUND_NO_EMAIL";
+    min_fetch_depth = env_or int_of_string "SEMGREP_GHA_MIN_FETCH_DEPTH" "0";
+  }

semgrep-core/src/osemgrep/core/Semgrep_envvars.mli

@@ -0,0 +1,38 @@
+(*
+   Typed access to Semgrep environment variables (e.g., SEMGREP_IN_DOCKER).
+ *)
+
+(* Most (typed) fields below correspond directly to an uppercase environment metavariable
+ * with the SEMGREP_ prefix, for example
+ * [git_command_timeout] will contain the content of SEMGREP_GIT_COMMAND_TIMEOUT
+ * in the environment (or a default value if it's not in the environment).
+ *)
+type t = {
+  (* $SEMGREP_URL *)
+  semgrep_url : Uri.t;
+  (* $SEMGREP_xxx *)
+  fail_open_url : Uri.t;
+  app_token : string option;
+  version_check_url : Uri.t;
+  version_check_timeout : int;
+  version_check_cache_path : Common.filename;
+  git_command_timeout : int;
+  src_directory : Common.filename;
+  (* $XDG_CONFIG_HOME/.semgrep or ~/.semgrep *)
+  user_data_folder : Common.filename;
+  (* $SEMGREP_LOG_FILE or ~/.semgrep/semgrep.log  *)
+  user_log_file : Common.filename;
+  (* $SEMGREP_SETTINGS_FILE ~/.semgrep/settings.yml *)
+  user_settings_file : Common.filename;
+  in_docker : bool;
+  (* $GITHUB_WORKSPACE *)
+  in_gh_action : bool;
+  (* $SEMGREP_AGENT (deprecated) *)
+  in_agent : bool;
+  (* $SEMGREP_xxx *)
+  min_fetch_depth : int;
+  shouldafound_base_url : Uri.t;
+  shouldafound_no_email : bool;
+}
+
+val env : t

semgrep-core/src/osemgrep/core/dune

@@ -7,16 +7,20 @@
   (name osemgrep_core)
   (wrapped false)
   (libraries
+    uri
     commons        ; pfff
     semgrep_utils  ; semgrep-core
     semgrep_core
   )
+ (inline_tests)
  (preprocess
    (pps
      ppx_profiling
      ppx_deriving.show
      ppx_deriving.eq
      ppx_hash
+     ppx_inline_test
+     ppx_assert
    )
  )
 )