Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

export GenerateSarifContentFromResults function #981

Merged
merged 4 commits into from
Oct 1, 2023
Merged

export GenerateSarifContentFromResults function #981

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
fe9a89a
export function
EyalDelarea Sep 28, 2023
7a62538
Fix resultwriter refactor
EyalDelarea Sep 28, 2023
71099d0
remove code
EyalDelarea Sep 28, 2023
b2abe5a
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into fi…
EyalDelarea Sep 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 16 additions & 16 deletions xray/utils/resultwriter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ func (rw *ResultsWriter) PrintScanResults() error {
case Json:
return PrintJson(rw.results.getXrayScanResults())
case Sarif:
sarifFile, err := rw.generateSarifContentFromResults(false)
sarifFile, err := GenerateSarifContentFromResults(rw.results, rw.isMultipleRoots, rw.includeLicenses, false)
if err != nil {
return err
}
Expand Down Expand Up @@ -172,21 +172,21 @@ func printMessage(message string) {
log.Output("💬" + message)
}

func (rw *ResultsWriter) generateSarifContentFromResults(markdownOutput bool) (sarifStr string, err error) {
func GenerateSarifContentFromResults(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, markdownOutput bool) (sarifStr string, err error) {
report, err := NewReport()
if err != nil {
return
}
xrayRun, err := rw.convertXrayResponsesToSarifRun(markdownOutput)
xrayRun, err := convertXrayResponsesToSarifRun(extendedResults, isMultipleRoots, includeLicenses, markdownOutput)
if err != nil {
return
}

report.Runs = append(report.Runs, xrayRun)
report.Runs = append(report.Runs, rw.results.ApplicabilityScanResults...)
report.Runs = append(report.Runs, rw.results.IacScanResults...)
report.Runs = append(report.Runs, rw.results.SecretsScanResults...)
report.Runs = append(report.Runs, rw.results.SastScanResults...)
report.Runs = append(report.Runs, extendedResults.ApplicabilityScanResults...)
report.Runs = append(report.Runs, extendedResults.IacScanResults...)
report.Runs = append(report.Runs, extendedResults.SecretsScanResults...)
report.Runs = append(report.Runs, extendedResults.SastScanResults...)

out, err := json.Marshal(report)
if err != nil {
Expand All @@ -196,13 +196,13 @@ func (rw *ResultsWriter) generateSarifContentFromResults(markdownOutput bool) (s
return clientUtils.IndentJson(out), nil
}

func (rw *ResultsWriter) convertXrayResponsesToSarifRun(markdownOutput bool) (run *sarif.Run, err error) {
xrayJson, err := rw.convertXrayScanToSimpleJson(true)
func convertXrayResponsesToSarifRun(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, markdownOutput bool) (run *sarif.Run, err error) {
xrayJson, err := convertXrayScanToSimpleJson(extendedResults, isMultipleRoots, includeLicenses, true)
if err != nil {
return
}
xrayRun := sarif.NewRunWithInformationURI("JFrog Xray Sca", "https://jfrog.com/xray/")
xrayRun.Tool.Driver.Version = &rw.results.XrayVersion
xrayRun.Tool.Driver.Version = &extendedResults.XrayVersion
if len(xrayJson.Vulnerabilities) > 0 || len(xrayJson.SecurityViolations) > 0 {
if err = extractXrayIssuesToSarifRun(xrayRun, xrayJson, markdownOutput); err != nil {
return
Expand Down Expand Up @@ -298,26 +298,26 @@ func addResultToSarifRun(issueId, msg, severity string, location *sarif.Location
return
}

func (rw *ResultsWriter) convertXrayScanToSimpleJson(simplifiedOutput bool) (formats.SimpleJsonResults, error) {
violations, vulnerabilities, licenses := SplitScanResults(rw.results.XrayResults)
func convertXrayScanToSimpleJson(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, simplifiedOutput bool) (formats.SimpleJsonResults, error) {
violations, vulnerabilities, licenses := SplitScanResults(extendedResults.XrayResults)
jsonTable := formats.SimpleJsonResults{}
if len(vulnerabilities) > 0 {
vulJsonTable, err := PrepareVulnerabilities(vulnerabilities, rw.results, rw.isMultipleRoots, simplifiedOutput)
vulJsonTable, err := PrepareVulnerabilities(vulnerabilities, extendedResults, isMultipleRoots, simplifiedOutput)
if err != nil {
return formats.SimpleJsonResults{}, err
}
jsonTable.Vulnerabilities = vulJsonTable
}
if len(violations) > 0 {
secViolationsJsonTable, licViolationsJsonTable, opRiskViolationsJsonTable, err := PrepareViolations(violations, rw.results, rw.isMultipleRoots, simplifiedOutput)
secViolationsJsonTable, licViolationsJsonTable, opRiskViolationsJsonTable, err := PrepareViolations(violations, extendedResults, isMultipleRoots, simplifiedOutput)
if err != nil {
return formats.SimpleJsonResults{}, err
}
jsonTable.SecurityViolations = secViolationsJsonTable
jsonTable.LicensesViolations = licViolationsJsonTable
jsonTable.OperationalRiskViolations = opRiskViolationsJsonTable
}
if rw.includeLicenses {
if includeLicenses {
licJsonTable, err := PrepareLicenses(licenses)
if err != nil {
return formats.SimpleJsonResults{}, err
Expand All @@ -329,7 +329,7 @@ func (rw *ResultsWriter) convertXrayScanToSimpleJson(simplifiedOutput bool) (for
}

func (rw *ResultsWriter) convertScanToSimpleJson() (formats.SimpleJsonResults, error) {
jsonTable, err := rw.convertXrayScanToSimpleJson(false)
jsonTable, err := convertXrayScanToSimpleJson(rw.results, rw.isMultipleRoots, rw.includeLicenses, false)
if err != nil {
return formats.SimpleJsonResults{}, err
}
Expand Down