Skip to content

Commit

Permalink
create v2 version (#30)
Browse files Browse the repository at this point in the history
owenrumney authored Dec 8, 2021

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 868e13e commit 8b2ab29
Showing 11 changed files with 166 additions and 108 deletions.
40 changes: 32 additions & 8 deletions example/example-report.sarif
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"version": "2.1.0",
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
"$schema": "https://json.schemastore.org/sarif-2.1.0-rtm.5.json",
"runs": [
{
"tool": {
@@ -14,7 +14,7 @@
"text": "Resource 'aws_security_group_rule.my-rule' defines a fully open ingress security group rule."
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS006/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Your port exposed to the internet",
@@ -27,7 +27,7 @@
"text": "Resource 'azurerm_managed_disk.source' defines an unencrypted managed disk."
},
"help": {
"text": "See https://tfsec.dev/docs/azure/AZU003/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "",
@@ -40,7 +40,7 @@
"text": "Resource 'aws_api_gateway_domain_name.outdated_security_policy' defines outdated SSL/TLS policies (not using TLS_1_2)."
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS025/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Outdated SSL policies increase exposure to known vulnerabilites",
@@ -53,7 +53,7 @@
"text": "Resource 'aws_security_group_rule.my-rule' should include a description for auditing purposes."
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS018/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Descriptions provide context for the firewall rule reasons",
@@ -66,7 +66,7 @@
"text": "Resource 'aws_alb_listener.my-alb-listener' uses plain HTTP instead of HTTPS."
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS004/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Your traffic is not protected",
@@ -79,7 +79,7 @@
"text": "Resource 'aws_db_security_group.my-group' uses EC2 Classic. Use a VPC instead."
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS003/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Classic resources are running in a shared environment with other customers",
@@ -92,7 +92,7 @@
"text": "Resource 'aws_dynamodb_table.bad_example' is not using KMS CMK for encryption"
},
"help": {
"text": "See https://tfsec.dev/docs/aws/AWS092/ for more information."
"markdown": "# markdown"
},
"properties": {
"impact": "Using AWS managed keys does not allow for fine grained control",
@@ -294,4 +294,28 @@
]
}
]
}in.tf"
},
"region": {
"startLine": 41,
"endLine": 56
}
}
}
]
}
]
}
]
}
"startLine": 41,
"endLine": 56
}
}
}
]
}
]
}
]
}
7 changes: 4 additions & 3 deletions example/main.go
Original file line number Diff line number Diff line change
@@ -6,7 +6,7 @@ import (
"os"
"strings"

"github.com/owenrumney/go-sarif/sarif"
"github.com/owenrumney/go-sarif/v2/sarif"
)

// simple structure for the output of tfsec
@@ -58,7 +58,8 @@ func main() {
run.AddRule(r.RuleID).
WithDescription(r.Description).
WithHelp(r.Link).
WithProperties(pb.Properties)
WithProperties(pb.Properties).
WithMarkdownHelp("# markdown")

// add the location as a unique artifact
run.AddDistinctArtifact(r.Location.Filename)
@@ -95,7 +96,7 @@ func main() {
// load the example results file
func loadTfsecResults() (TfsecResults, error) {

jsonResult, err := ioutil.ReadFile("results.json")
jsonResult, err := ioutil.ReadFile("./results.json")
if err != nil {
panic(err)
}
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
module github.com/owenrumney/go-sarif
module github.com/owenrumney/go-sarif/v2

go 1.16

10 changes: 8 additions & 2 deletions sarif/multi_format_message_string.go
Original file line number Diff line number Diff line change
@@ -2,13 +2,19 @@ package sarif

type MultiformatMessageString struct {
PropertyBag
Text string `json:"text"`
Text *string `json:"text,omitempty"`
Markdown *string `json:"markdown,omitempty"`
}

func NewMarkdownMultiformatMessageString(markdown string) *MultiformatMessageString {
return &MultiformatMessageString{
Markdown: &markdown,
}
}

func NewMultiformatMessageString(text string) *MultiformatMessageString {
return &MultiformatMessageString{
Text: text,
Text: &text,
}
}

87 changes: 87 additions & 0 deletions sarif/reporting_descriptor.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
package sarif

type ReportingConfiguration struct {
Enabled bool `json:"enabled,omitempty"`
Level interface{} `json:"level,omitempty"`
Parameters *PropertyBag `json:"parameters,omitempty"`
Properties *PropertyBag `json:"properties,omitempty"`
Rank float64 `json:"rank,omitempty"`
}

// ReportingDescriptor specifies a Sarif ReportingDescriptor object
type ReportingDescriptor struct {
PropertyBag
ID string `json:"id"`
Name *string `json:"name,omitempty"`
ShortDescription *MultiformatMessageString `json:"shortDescription"`
FullDescription *MultiformatMessageString `json:"fullDescription,omitempty"`
DefaultConfiguration *ReportingConfiguration `json:"defaultConfiguration,omitempty"`
HelpURI *string `json:"helpUri,omitempty"`
Help *MultiformatMessageString `json:"help,omitempty"`
Properties Properties `json:"properties,omitempty"`
}

func newRule(ruleID string) *ReportingDescriptor {
return &ReportingDescriptor{
ID: ruleID,
}
}

// WithName specifies rule name that is understandable to an end user and returns the updated rule.
func (rule *ReportingDescriptor) WithName(name string) *ReportingDescriptor {
rule.Name = &name
return rule
}

// WithDescription specifies short description for a rule and returns the updated rule.
// Short description should be a single sentence that is understandable when visible space is limited to a single line
// of text.
func (rule *ReportingDescriptor) WithDescription(description string) *ReportingDescriptor {
rule.ShortDescription = NewMultiformatMessageString(description)
return rule
}

// WithShortDescription specifies short description for a rule and returns the updated rule.
// Short description should be a single sentence that is understandable when visible space is limited to a single line
// of text.
func (rule *ReportingDescriptor) WithShortDescription(description *MultiformatMessageString) *ReportingDescriptor {
rule.ShortDescription = description
return rule
}

// WithFullDescription specifies full description for a rule and returns the updated rule.
// Full description should, as far as possible, provide details sufficient to enable resolution of any problem indicated
// by the result.
func (rule *ReportingDescriptor) WithFullDescription(description *MultiformatMessageString) *ReportingDescriptor {
rule.FullDescription = description
return rule
}

// WithHelpURI specifies a helpURI for a rule and returns the updated rule
func (rule *ReportingDescriptor) WithHelpURI(helpURI string) *ReportingDescriptor {
rule.HelpURI = &helpURI
return rule
}

// WithHelp specifies a help text for a rule and returns the updated rule
func (rule *ReportingDescriptor) WithHelp(helpText string) *ReportingDescriptor {
rule.Help = NewMultiformatMessageString(helpText)
return rule
}

// WithMarkdownHelp specifies a help text for a rule and returns the updated rule
func (rule *ReportingDescriptor) WithMarkdownHelp(markdownText string) *ReportingDescriptor {
rule.Help = NewMarkdownMultiformatMessageString(markdownText)
return rule
}

// WithProperties specifies properties for a rule and returns the updated rule
func (rule *ReportingDescriptor) WithProperties(properties Properties) *ReportingDescriptor {
rule.Properties = properties
return rule
}

// AttachPropertyBag adds a property bag to a rule
func (rule *ReportingDescriptor) AttachPropertyBag(pb *PropertyBag) {
rule.Properties = pb.Properties
}
64 changes: 0 additions & 64 deletions sarif/rule.go

This file was deleted.

8 changes: 4 additions & 4 deletions sarif/run.go
Original file line number Diff line number Diff line change
@@ -24,7 +24,7 @@ type Run struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sari
func NewRun(toolName, informationURI string) *Run {
run := &Run{
Tool: Tool{
Driver: &Driver{
Driver: &ToolComponent{
Name: toolName,
InformationURI: &informationURI,
},
@@ -70,8 +70,8 @@ func (run *Run) AddDistinctArtifact(uri string) *Artifact {
return a
}

// AddRule returns an existing Rule for the ruleID or creates a new Rule and returns a pointer to it
func (run *Run) AddRule(ruleID string) *Rule {
// AddRule returns an existing ReportingDescriptor for the ruleID or creates a new ReportingDescriptor and returns a pointer to it
func (run *Run) AddRule(ruleID string) *ReportingDescriptor {
for _, rule := range run.Tool.Driver.Rules {
if rule.ID == ruleID {
return rule
@@ -94,7 +94,7 @@ func (run *Run) AttachPropertyBag(pb *PropertyBag) {
}

// GetRuleById finds a rule by a given rule ID and returns a pointer to it
func (run *Run) GetRuleById(ruleId string) (*Rule, error) {
func (run *Run) GetRuleById(ruleId string) (*ReportingDescriptor, error) {
if run.Tool.Driver != nil {
for _, rule := range run.Tool.Driver.Rules {
if rule.ID == ruleId {
25 changes: 1 addition & 24 deletions sarif/tool.go
Original file line number Diff line number Diff line change
@@ -2,29 +2,6 @@ package sarif

type Tool struct {
PropertyBag
Driver *Driver `json:"driver"`
Driver *ToolComponent `json:"driver"`
}

type Driver struct {
PropertyBag
Name string `json:"name"`
Version *string `json:"version,omitempty"`
InformationURI *string `json:"informationUri"`
Rules []*Rule `json:"rules,omitempty"`
}

// WithVersion specifies tool version, in whatever format it natively provides. Returns updated driver.
func (driver *Driver) WithVersion(version string) *Driver {
driver.Version = &version
return driver
}

func (driver *Driver) getOrCreateRule(rule *Rule) uint {
for i, r := range driver.Rules {
if r.ID == rule.ID {
return uint(i)
}
}
driver.Rules = append(driver.Rules, rule)
return uint(len(driver.Rules) - 1)
}
27 changes: 27 additions & 0 deletions sarif/tool_component.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
package sarif

type ToolComponent struct {
PropertyBag
Name string `json:"name"`
Version *string `json:"version,omitempty"`
InformationURI *string `json:"informationUri"`
Notifications []*ReportingDescriptor `json:"notifications,omitempty"`
Rules []*ReportingDescriptor `json:"rules,omitempty"`
Taxa []*ReportingDescriptor `json:"taxa,omitempty"`
}

// WithVersion specifies tool version, in whatever format it natively provides. Returns updated driver.
func (driver *ToolComponent) WithVersion(version string) *ToolComponent {
driver.Version = &version
return driver
}

func (driver *ToolComponent) getOrCreateRule(rule *ReportingDescriptor) uint {
for i, r := range driver.Rules {
if r.ID == rule.ID {
return uint(i)
}
}
driver.Rules = append(driver.Rules, rule)
return uint(len(driver.Rules) - 1)
}
2 changes: 1 addition & 1 deletion test/report_stage_test.go
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ import (
"bytes"
"testing"

"github.com/owenrumney/go-sarif/sarif"
"github.com/owenrumney/go-sarif/v2/sarif"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
2 changes: 1 addition & 1 deletion test/run_stage_test.go
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ import (
"encoding/json"
"testing"

"github.com/owenrumney/go-sarif/sarif"
"github.com/owenrumney/go-sarif/v2/sarif"
"github.com/stretchr/testify/assert"
)

0 comments on commit 8b2ab29

Please sign in to comment.