fix linter issues

ZupIT · Jan 28, 2022 · 02c2a74 · 02c2a74
1 parent 014256a
commit 02c2a74
Show file tree

Hide file tree

Showing 2 changed files with 82 additions and 90 deletions.
diff --git a/internal/services/sarif/sarif.go b/internal/services/sarif/sarif.go
@@ -18,93 +18,83 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/ZupIT/horusec-devkit/pkg/entities/analysis"
+	a "github.com/ZupIT/horusec-devkit/pkg/entities/analysis"
 	"github.com/ZupIT/horusec-devkit/pkg/entities/vulnerability"
 	"github.com/ZupIT/horusec-devkit/pkg/enums/severities"
 )
 
 type Sarif struct {
-	analysis *analysis.Analysis
+	analysis *a.Analysis
 }
 
-func NewSarif(analysis *analysis.Analysis) *Sarif {
+func NewSarif(analysis *a.Analysis) *Sarif {
 	return &Sarif{
 		analysis: analysis,
 	}
 }
 
 func (s *Sarif) ConvertVulnerabilityToSarif() (report Report) {
-
-	// All runs in the report (each run is one tool's output)
-	report.Runs = []ReportRun{}
-
 	resultsByTool := make(map[string][]Result)
+	rulesByToolAndID := make(map[string]map[string]Rule)
+	artifactsByToolAndName := make(map[string]map[string]Artifact)
 
-	// Organize each run by its corresponding tool name
-	// Each run has only one tool providing values; since we run many tools, must have many runs
-	runsByTool := make(map[string]ReportRun)
-
-	// Organize rules by corresponding tool name, subkeying by RuleId
-	// Each tool has a unique list of rules with metadata
-	rulesByToolAndId := make(map[string]map[string]Rule)
+	s.populateReferenceMaps(&report, rulesByToolAndID, artifactsByToolAndName, resultsByTool)
+	s.buildReportRun(&report, rulesByToolAndID, artifactsByToolAndName, resultsByTool)
 
-	// Organize artifacts for each run by corresponding tool name
-	// Each tool has a list of artifacts which are referred to by the results
-	artifactsByToolAndName := make(map[string]map[string]Artifact)
+	return report
+}
 
+func (s *Sarif) populateReferenceMaps(
+	report *Report, rulesByToolAndID map[string]map[string]Rule,
+	artifactsByToolAndName map[string]map[string]Artifact, resultsByTool map[string][]Result) {
+	runsByTool := make(map[string]ReportRun)
 	for index := range s.analysis.AnalysisVulnerabilities {
 		vTarget := &s.analysis.AnalysisVulnerabilities[index].Vulnerability
-		toolName := vTarget.SecurityTool.ToString()
-
-		// Test for first time seeing a given tool
-		if _, exists := runsByTool[toolName]; !exists {
-			rulesByToolAndId[toolName] = make(map[string]Rule)
-			artifactsByToolAndName[toolName] = make(map[string]Artifact)
-
-			reportRun := ReportRun{
-				Tool: s.newTool(vTarget),
-			}
-
-			// create the run and the tool
-			runsByTool[toolName] = reportRun
-
-			// add run to main (composite) report
-			report.Runs = append(report.Runs, reportRun)
+		if _, exists := runsByTool[string(vTarget.SecurityTool)]; !exists {
+			report.Runs = append(report.Runs, s.initToolStructure(vTarget, runsByTool, rulesByToolAndID, artifactsByToolAndName))
 		}
-
-		// add result to run report
-		result := s.newResult(vTarget)
-		resultsByTool[toolName] = append(resultsByTool[toolName], result)
-
-		// add artifact to run report
+		resultsByTool[string(vTarget.SecurityTool)] =
+			append(resultsByTool[string(vTarget.SecurityTool)], s.newResult(vTarget))
 		artifact := s.newArtifact(vTarget)
-		artifactsByToolAndName[toolName][artifact.Location.Uri] = artifact
-
-		// add rule to tool
+		artifactsByToolAndName[string(vTarget.SecurityTool)][artifact.Location.URI] = artifact
 		rule := s.newRule(vTarget)
-		rulesByToolAndId[toolName][rule.Id] = rule
+		rulesByToolAndID[string(vTarget.SecurityTool)][rule.ID] = rule
 	}
+}
+
+func (s *Sarif) buildReportRun(
+	report *Report,
+	rulesByToolAndID map[string]map[string]Rule,
+	artifactsByToolAndName map[string]map[string]Artifact,
+	resultsByTool map[string][]Result) {
+	report.Runs = []ReportRun{}
 
 	for idx, runReport := range report.Runs {
-		toolName := runReport.Tool.Driver.Name
-		artifactMap := artifactsByToolAndName[toolName]
-		ruleMap := rulesByToolAndId[toolName]
-		resultMap := resultsByTool[toolName]
-
-		// Integrate artifacts and rules into the run map
-		// Using this intermediate map enforces uniqueness
-		for _, artifact := range artifactMap {
+		for _, artifact := range artifactsByToolAndName[runReport.Tool.Driver.Name] {
 			report.Runs[idx].Artifacts = append(report.Runs[idx].Artifacts, artifact)
 		}
-		for _, rule := range ruleMap {
+		for _, rule := range rulesByToolAndID[runReport.Tool.Driver.Name] {
 			report.Runs[idx].Tool.Driver.Rules = append(report.Runs[idx].Tool.Driver.Rules, rule)
 		}
-		for _, result := range resultMap {
-			report.Runs[idx].Results = append(report.Runs[idx].Results, result)
-		}
+		report.Runs[idx].Results = append(report.Runs[idx].Results, resultsByTool[runReport.Tool.Driver.Name]...)
 	}
+}
 
-	return report
+func (s *Sarif) initToolStructure(
+	vulnerabilityy *vulnerability.Vulnerability,
+	runsByTool map[string]ReportRun,
+	rulesByToolAndID map[string]map[string]Rule,
+	artifactsByToolAndName map[string]map[string]Artifact) ReportRun {
+	rulesByToolAndID[string(vulnerabilityy.SecurityTool)] = make(map[string]Rule)
+	artifactsByToolAndName[string(vulnerabilityy.SecurityTool)] = make(map[string]Artifact)
+
+	reportRun := ReportRun{
+		Tool: s.newTool(vulnerabilityy),
+	}
+
+	runsByTool[string(vulnerabilityy.SecurityTool)] = reportRun
+
+	return reportRun
 }
 
 func (s *Sarif) convertNonZeroIntStr(str string) int {
@@ -115,61 +105,63 @@ func (s *Sarif) convertNonZeroIntStr(str string) int {
 	return 1
 }
 
-func (s *Sarif) newTool(vulnerability *vulnerability.Vulnerability) ScanTool {
+func (s *Sarif) newTool(vulnerabilityy *vulnerability.Vulnerability) ScanTool {
 	return ScanTool{
 		Driver: ScanToolDriver{
-			Name:               vulnerability.SecurityTool.ToString(),
-			MoreInformationUri: "https://www.google.com", // TODO
+			Name:               vulnerabilityy.SecurityTool.ToString(),
+			MoreInformationURI: "https://www.google.com", // TODO
 			Version:            "1.0.0",                  // TODO
 		},
 	}
 }
 
-func (s *Sarif) newRule(vulnerability *vulnerability.Vulnerability) Rule {
+func (s *Sarif) newRule(vulnerabilityy *vulnerability.Vulnerability) Rule {
 	return Rule{
-		Id: vulnerability.RuleID,
+		ID: vulnerabilityy.RuleID,
 		ShortDescription: TextDisplayComponent{
-			Text: vulnerability.Details,
+			Text: vulnerabilityy.Details,
 		},
 		FullDescription: TextDisplayComponent{
-			Text: vulnerability.Details,
+			Text: vulnerabilityy.Details,
 		},
-		HelpUri: "https://not.implemented", // TODO
-		Name:    strings.Split(vulnerability.Details, "\n")[0],
+		HelpURI: "https://not.implemented", // TODO
+		Name:    strings.Split(vulnerabilityy.Details, "\n")[0],
 	}
 }
 
-func (s *Sarif) newArtifact(vulnerability *vulnerability.Vulnerability) Artifact {
+func (s *Sarif) newArtifact(vulnerabilityy *vulnerability.Vulnerability) Artifact {
 	return Artifact{
 		Location: LocationComponent{
-			Uri: vulnerability.File,
+			URI: vulnerabilityy.File,
 		},
 	}
 }
 
-func (s *Sarif) newResult(vulnerability *vulnerability.Vulnerability) Result {
+func (s *Sarif) newResult(vulnerabilityy *vulnerability.Vulnerability) Result {
 	return Result{
 		Message: TextDisplayComponent{
-			Text: vulnerability.Details,
+			Text: vulnerabilityy.Details,
 		},
-		Level: ResultLevel(s.convertHorusecSeverityToSarif(vulnerability.Severity)),
-		Locations: []Location{
-			{
-				PhysicalLocation: PhysicalLocation{
-					ArtifactLocation: LocationComponent{
-						Uri: vulnerability.File,
-					},
-					Region: SnippetRegion{
-						Snippet: TextDisplayComponent{
-							Text: vulnerability.Code,
-						},
-						StartLine:   s.convertNonZeroIntStr(vulnerability.Line),
-						StartColumn: s.convertNonZeroIntStr(vulnerability.Column),
-					},
+		Level:     ResultLevel(s.convertHorusecSeverityToSarif(vulnerabilityy.Severity)),
+		Locations: []Location{s.createLocation(vulnerabilityy)},
+		RuleID:    vulnerabilityy.RuleID,
+	}
+}
+
+func (s *Sarif) createLocation(vulnerabilityy *vulnerability.Vulnerability) Location {
+	return Location{
+		PhysicalLocation: PhysicalLocation{
+			ArtifactLocation: LocationComponent{
+				URI: vulnerabilityy.File,
+			},
+			Region: SnippetRegion{
+				Snippet: TextDisplayComponent{
+					Text: vulnerabilityy.Code,
 				},
+				StartLine:   s.convertNonZeroIntStr(vulnerabilityy.Line),
+				StartColumn: s.convertNonZeroIntStr(vulnerabilityy.Column),
 			},
 		},
-		RuleId: vulnerability.RuleID,
 	}
 }
 

diff --git a/internal/services/sarif/schema.go b/internal/services/sarif/schema.go
@@ -19,7 +19,7 @@ type Artifact struct {
 }
 
 type LocationComponent struct {
-	Uri string `json:"uri"`
+	URI string `json:"uri"`
 }
 
 type Location struct {
@@ -40,14 +40,14 @@ type ReportRun struct {
 type Report struct {
 	Runs      []ReportRun `json:"runs"`
 	Version   string      `json:"version"`
-	SchemaUri string      `json:"$schema"`
+	SchemaURI string      `json:"$schema"`
 }
 
 type Result struct {
 	Message   TextDisplayComponent `json:"message"`
 	Level     ResultLevel          `json:"level"`
 	Locations []Location           `json:"locations"`
-	RuleId    string               `json:"ruleId"`
+	RuleID    string               `json:"ruleId"`
 }
 
 type ResultLevel string
@@ -59,10 +59,10 @@ const (
 )
 
 type Rule struct {
-	Id               string               `json:"id"`
+	ID               string               `json:"id"`
 	ShortDescription TextDisplayComponent `json:"shortDescription"`
 	FullDescription  TextDisplayComponent `json:"fullDescription"`
-	HelpUri          string               `json:"helpUri"`
+	HelpURI          string               `json:"helpUri"`
 	Name             string               `json:"name"`
 }
 
@@ -72,7 +72,7 @@ type ScanTool struct {
 
 type ScanToolDriver struct {
 	Name               string `json:"name"`
-	MoreInformationUri string `json:"informationUri"`
+	MoreInformationURI string `json:"informationUri"`
 	Rules              []Rule `json:"rules"`
 	Version            string `json:"version"`
 }