Use sast prompt as package (#819)

* Move sast results promopt code to separate external package * Change package name * Use BuildPrompt from sastchat package * Fix chat-sast_test.go * Fix go.mod and go.sum * Fix go.mod * Fix .golangci.yml * Fix go.mod * Change gpt-wrapper with gen-ai-wrapper * Final changes * Revert .golangci.yml * Revert all files that I shouldn't have changed * Add ast-ai-prompts to allowed lint list * Change to Checkmarx/gen-ai-prompt
Checkmarx · Aug 8, 2024 · 9acfbd3 · 9acfbd3
1 parent d3760d9
commit 9acfbd3
Show file tree

Hide file tree

Showing 9 changed files with 9 additions and 465 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -9,6 +9,7 @@ linters-settings:
           - github.com/checkmarx/ast-cli/internal
           - github.com/gookit/color
           - github.com/CheckmarxDev/containers-resolver/pkg/containerResolver
+          - github.com/Checkmarx/gen-ai-prompts/prompts/sast_result_remediation
           - github.com/spf13/viper
           - github.com/checkmarxDev/gpt-wrapper
           - github.com/spf13/cobra

diff --git a/go.mod b/go.mod
@@ -6,6 +6,7 @@ require (
 	github.com/CheckmarxDev/containers-resolver v1.0.6
 	github.com/MakeNowJust/heredoc v1.0.0
 	github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c
+	github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510

diff --git a/go.sum b/go.sum
@@ -60,6 +60,8 @@ github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbi
 github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE+CFvgjbIxUNL8rsdB2sAhfuNx85HvxImKta3g=
+github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo=
 github.com/CheckmarxDev/containers-resolver v1.0.6 h1:Y0CKTR5tlw0YV+nQpz44kF0sZxWwCyvgYtjOukfYm0E=
 github.com/CheckmarxDev/containers-resolver v1.0.6/go.mod h1:S3m6qscOWqaJJw56hR/hZxBVdcZRn8AnRGU/6jtONI4=
 github.com/CycloneDX/cyclonedx-go v0.8.0 h1:FyWVj6x6hoJrui5uRQdYZcSievw3Z32Z88uYzG/0D6M=

diff --git a/internal/commands/chat-sast.go b/internal/commands/chat-sast.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"strconv"
 
+	sastchat "github.com/Checkmarx/gen-ai-prompts/prompts/sast_result_remediation"
 	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
 	"github.com/checkmarx/ast-cli/internal/logger"
 	"github.com/checkmarx/ast-cli/internal/params"
@@ -17,8 +18,6 @@ import (
 	"github.com/spf13/cobra"
 )
 
-const ScanResultsFileErrorFormat = "Error reading and parsing scan results %s"
-const CreatePromptErrorFormat = "Error creating prompt for result ID %s"
 const UserInputRequiredErrorFormat = "%s is required when %s is provided"
 const AiGuidedRemediationDisabledError = "The AI Guided Remediation is disabled in your tenant account"
 
@@ -83,7 +82,7 @@ func runChatSast(chatWrapper wrappers.ChatWrapper, tenantWrapper wrappers.Tenant
 
 		var newMessages []message.Message
 		if newConversation {
-			systemPrompt, userPrompt, e := buildPrompt(scanResultsFile, sastResultID, sourceDir)
+			systemPrompt, userPrompt, e := sastchat.BuildPrompt(scanResultsFile, sastResultID, sourceDir)
 			if e != nil {
 				logger.PrintIfVerbose(e.Error())
 				return outputError(cmd, id, e)
@@ -109,7 +108,7 @@ func runChatSast(chatWrapper wrappers.ChatWrapper, tenantWrapper wrappers.Tenant
 
 		responseContent := getMessageContents(response)
 
-		responseContent = addDescriptionForIdentifier(responseContent)
+		responseContent = sastchat.AddDescriptionForIdentifier(responseContent)
 
 		return printer.Print(cmd.OutOrStdout(), &OutputModel{
 			ConversationID: id.String(),
@@ -137,34 +136,6 @@ func isAiGuidedRemediationEnabled(tenantWrapper wrappers.TenantConfigurationWrap
 	return false
 }
 
-func buildPrompt(scanResultsFile, sastResultID, sourceDir string) (systemPrompt, userPrompt string, err error) {
-	scanResults, err := ReadResultsSAST(scanResultsFile)
-	if err != nil {
-		return "", "", fmt.Errorf("error in build-prompt: %s: %w", fmt.Sprintf(ScanResultsFileErrorFormat, scanResultsFile), err)
-	}
-
-	if sastResultID == "" {
-		return "", "", errors.Errorf(fmt.Sprintf("error in build-prompt: currently only --%s is supported", params.ChatSastResultID))
-	}
-
-	sastResult, err := GetResultByID(scanResults, sastResultID)
-	if err != nil {
-		return "", "", fmt.Errorf("error in build-prompt: %w", err)
-	}
-
-	sources, err := GetSourcesForResult(sastResult, sourceDir)
-	if err != nil {
-		return "", "", fmt.Errorf("error in build-prompt: %w", err)
-	}
-
-	prompt, err := CreateUserPrompt(sastResult, sources)
-	if err != nil {
-		return "", "", fmt.Errorf("error in build-prompt: %s: %w", fmt.Sprintf(CreatePromptErrorFormat, sastResultID), err)
-	}
-
-	return GetSystemPrompt(), prompt, nil
-}
-
 func getMessageContents(response []message.Message) []string {
 	var responseContent []string
 	for _, r := range response {

diff --git a/internal/commands/chat-sast_test.go b/internal/commands/chat-sast_test.go
@@ -46,6 +46,8 @@ func TestChatSastNoUserInput(t *testing.T) {
 }
 
 func TestChatSastInvalidScanResultsFile(t *testing.T) {
+	const ScanResultsFileErrorFormat = "Error reading and parsing SAST results file '%s'"
+
 	buffer, err := executeRedirectedTestCommand("chat", "sast",
 		"--chat-apikey", "apiKey",
 		"--scan-results-file", "invalidFile",

diff --git a/internal/commands/sast-prompt.go b/internal/commands/sast-prompt.go
diff --git a/internal/commands/sast-prompt_test.go b/internal/commands/sast-prompt_test.go