diff --git a/config/config.go b/config/config.go index 21957578c..89c5808fe 100644 --- a/config/config.go +++ b/config/config.go @@ -114,7 +114,7 @@ type StartOptions struct { FalsePositiveHashes []string `json:"false_positive_hashes"` RiskAcceptHashes []string `json:"risk_accept_hashes"` ShowVulnerabilitiesTypes []string `json:"show_vulnerabilities_types"` - ToolsConfig toolsconfig.MapToolConfig `json:"tools_config"` + ToolsConfig toolsconfig.ToolsConfig `json:"tools_config"` Headers map[string]string `json:"headers"` WorkDir *workdir.WorkDir `json:"work_dir"` CustomImages customimages.CustomImages `json:"custom_images"` @@ -167,7 +167,7 @@ func New() *Config { FalsePositiveHashes: make([]string, 0), Headers: make(map[string]string), ContainerBindProjectPath: "", - ToolsConfig: toolsconfig.ParseInterfaceToMapToolsConfig(toolsconfig.ToolConfig{}), + ToolsConfig: toolsconfig.Default(), ShowVulnerabilitiesTypes: []string{vulnerability.Vulnerability.ToString()}, CustomImages: customimages.NewCustomImages(), DisableDocker: dist.IsStandAlone(), @@ -296,8 +296,8 @@ func (c *Config) LoadFromConfigFile() *Config { viper.GetString(c.toLowerCamel(EnvContainerBindProjectPath)), c.ContainerBindProjectPath, ) - if cfg := viper.Get(c.toLowerCamel(EnvToolsConfig)); cfg != nil { - c.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig(cfg) + if cfg := viper.GetStringMap(c.toLowerCamel(EnvToolsConfig)); cfg != nil { + c.ToolsConfig = toolsconfig.MustParseToolsConfig(cfg) } c.DisableDocker = viper.GetBool(c.toLowerCamel(EnvDisableDocker)) diff --git a/config/config_test.go b/config/config_test.go index 3547bbb23..e28a76b01 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -117,7 +117,7 @@ func TestNewHorusecConfig(t *testing.T) { assert.Equal(t, true, configs.EnableOwaspDependencyCheck) assert.Equal(t, true, configs.EnableShellCheck) assert.Equal(t, []string{vulnerability.Vulnerability.ToString(), vulnerability.FalsePositive.ToString()}, configs.ShowVulnerabilitiesTypes) - assert.Equal(t, toolsconfig.ToolConfig{ + assert.Equal(t, toolsconfig.Config{ IsToIgnore: true, }, configs.ToolsConfig[tools.GoSec]) assert.Equal(t, "docker.io/company/go:latest", configs.CustomImages["go"]) @@ -157,7 +157,7 @@ func TestNewHorusecConfig(t *testing.T) { assert.Equal(t, true, configs.EnableInformationSeverity) assert.Equal(t, true, configs.EnableOwaspDependencyCheck) assert.Equal(t, true, configs.EnableShellCheck) - assert.Equal(t, toolsconfig.ToolConfig{ + assert.Equal(t, toolsconfig.Config{ IsToIgnore: true, }, configs.ToolsConfig[tools.GoSec]) assert.Equal(t, "docker.io/company/go:latest", configs.CustomImages["go"]) @@ -260,7 +260,7 @@ func TestNewHorusecConfig(t *testing.T) { assert.Equal(t, true, configs.EnableInformationSeverity) assert.Equal(t, true, configs.EnableOwaspDependencyCheck) assert.Equal(t, true, configs.EnableShellCheck) - assert.Equal(t, toolsconfig.ToolConfig{ + assert.Equal(t, toolsconfig.Config{ IsToIgnore: true, }, configs.ToolsConfig[tools.GoSec]) assert.Equal(t, "docker.io/company/go:latest", configs.CustomImages["go"]) diff --git a/internal/entities/toolsconfig/tools_config.go b/internal/entities/toolsconfig/tools_config.go index 4ab33e82e..6011ac38a 100644 --- a/internal/entities/toolsconfig/tools_config.go +++ b/internal/entities/toolsconfig/tools_config.go @@ -22,40 +22,45 @@ import ( "github.com/ZupIT/horusec/internal/helpers/messages" ) -type MapToolConfig map[tools.Tool]ToolConfig +// ToolsConfig is a map of a tool to config for easily index access. +type ToolsConfig map[tools.Tool]Config -type ToolConfig struct { +// Config represents the configuration options for all tools. +type Config struct { IsToIgnore bool `json:"istoignore"` } -type ToolsConfigsStruct struct { - Bandit ToolConfig `json:"bandit"` - BundlerAudit ToolConfig `json:"bundleraudit"` - Brakeman ToolConfig `json:"brakeman"` - Checkov ToolConfig `json:"checkov"` - Flawfinder ToolConfig `json:"flawfinder"` - GitLeaks ToolConfig `json:"gitleaks"` - GoSec ToolConfig `json:"gosec"` - HorusecEngine ToolConfig `json:"horusecengine"` - MixAudit ToolConfig `json:"mixaudit"` - NpmAudit ToolConfig `json:"npmaudit"` - PhpCS ToolConfig `json:"phpcs"` - Safety ToolConfig `json:"safety"` - SecurityCodeScan ToolConfig `json:"securitycodescan"` - Semgrep ToolConfig `json:"semgrep"` - ShellCheck ToolConfig `json:"shellcheck"` - Sobelow ToolConfig `json:"sobelow"` - TfSec ToolConfig `json:"tfsec"` - YarnAudit ToolConfig `json:"yarnaudit"` - OwaspDependencyCheck ToolConfig `json:"owaspDependencyCheck"` - DotnetCli ToolConfig `json:"dotnetCli"` - Nancy ToolConfig `json:"nancy"` - Trivy ToolConfig `json:"trivy"` +// toolsConfig represents the schema of configuration tools. +type toolsConfig struct { + Bandit Config `json:"bandit"` + BundlerAudit Config `json:"bundleraudit"` + Brakeman Config `json:"brakeman"` + Checkov Config `json:"checkov"` + Flawfinder Config `json:"flawfinder"` + GitLeaks Config `json:"gitleaks"` + GoSec Config `json:"gosec"` + HorusecEngine Config `json:"horusecengine"` + MixAudit Config `json:"mixaudit"` + NpmAudit Config `json:"npmaudit"` + PhpCS Config `json:"phpcs"` + Safety Config `json:"safety"` + SecurityCodeScan Config `json:"securitycodescan"` + Semgrep Config `json:"semgrep"` + ShellCheck Config `json:"shellcheck"` + Sobelow Config `json:"sobelow"` + TfSec Config `json:"tfsec"` + YarnAudit Config `json:"yarnaudit"` + OwaspDependencyCheck Config `json:"owaspDependencyCheck"` + DotnetCli Config `json:"dotnetCli"` + Nancy Config `json:"nancy"` + Trivy Config `json:"trivy"` } -// nolint:funlen // toMap is necessary more 15 lines -func (t *ToolsConfigsStruct) ToMap() MapToolConfig { - return MapToolConfig{ +// toMap return the tools configuration as ToolsConfig for easily access. +// +// nolint:funlen +func (t *toolsConfig) toMap() ToolsConfig { + return ToolsConfig{ tools.Bandit: t.Bandit, tools.BundlerAudit: t.BundlerAudit, tools.Brakeman: t.Brakeman, @@ -81,17 +86,38 @@ func (t *ToolsConfigsStruct) ToMap() MapToolConfig { } } -func ParseInterfaceToMapToolsConfig(input interface{}) (output MapToolConfig) { - outputStruct := ToolsConfigsStruct{} - bytes, err := json.Marshal(input) +// Default return the default configuration of tools. +// +// The default configuration is enabled for all tools. +func Default() ToolsConfig { + return (&toolsConfig{}).toMap() +} + +// MustParseToolsConfig parse a input to ToolsConfig. +// +// If some error occur the default values will be returned and the error +// will be logged. +func MustParseToolsConfig(input map[string]interface{}) ToolsConfig { + cfg, err := parseToolsConfig(input) if err != nil { logger.LogErrorWithLevel(messages.MsgErrorParseStringToToolsConfig, err) - return outputStruct.ToMap() + return Default() } - err = json.Unmarshal(bytes, &outputStruct) + return cfg +} + +// parseToolsConfig parse input to ToolsConfig. +func parseToolsConfig(input map[string]interface{}) (ToolsConfig, error) { + var config toolsConfig + + bytes, err := json.Marshal(input) if err != nil { - logger.LogErrorWithLevel(messages.MsgErrorParseStringToToolsConfig, err) - return outputStruct.ToMap() + return nil, err } - return outputStruct.ToMap() + + if err := json.Unmarshal(bytes, &config); err != nil { + return nil, err + } + + return config.toMap(), nil } diff --git a/internal/entities/toolsconfig/tools_config_test.go b/internal/entities/toolsconfig/tools_config_test.go new file mode 100644 index 000000000..b6fd93f83 --- /dev/null +++ b/internal/entities/toolsconfig/tools_config_test.go @@ -0,0 +1,141 @@ +// Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package toolsconfig + +import ( + "bytes" + "testing" + + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" + "github.com/ZupIT/horusec-devkit/pkg/utils/logger" + "github.com/ZupIT/horusec/internal/helpers/messages" + "github.com/stretchr/testify/assert" +) + +func TestDefaultValues(t *testing.T) { + cfg := Default() + + tools := tools.Values() + + assert.Len(t, cfg, len(tools), "Expected all tools on default values") + + for tool, cfg := range cfg { + assert.Contains(t, tools, tool, "Tool %s is invalid", tool) + assert.False(t, cfg.IsToIgnore, "Expected default value as false to IsToIgnore") + } +} + +func TestParseToolsConfig(t *testing.T) { + testcases := []struct { + name string + input map[string]interface{} + expected ToolsConfig + output string + }{ + { + name: "Should parse values incomplete correctly and return all tools", + input: map[string]interface{}{ + "bandit": map[string]bool{ + "istoignore": false, + }, + "gosec": map[string]bool{ + "istoignore": true, + }, + }, + expected: ToolsConfig{ + tools.Bandit: Config{false}, + tools.BundlerAudit: Config{false}, + tools.Brakeman: Config{false}, + tools.Checkov: Config{false}, + tools.Flawfinder: Config{false}, + tools.GitLeaks: Config{false}, + tools.GoSec: Config{true}, + tools.HorusecEngine: Config{false}, + tools.MixAudit: Config{false}, + tools.NpmAudit: Config{false}, + tools.PhpCS: Config{false}, + tools.Safety: Config{false}, + tools.SecurityCodeScan: Config{false}, + tools.Semgrep: Config{false}, + tools.ShellCheck: Config{false}, + tools.Sobelow: Config{false}, + tools.TfSec: Config{false}, + tools.YarnAudit: Config{false}, + tools.OwaspDependencyCheck: Config{false}, + tools.DotnetCli: Config{false}, + tools.Nancy: Config{false}, + tools.Trivy: Config{false}, + }, + }, + { + name: "Should error on invalid configuration and use default values", + input: map[string]interface{}{ + "gosec": map[string]string{ + "istoigore": "invalid data type", + }, + "bandit": "invalid type", + }, + expected: Default(), + output: messages.MsgErrorParseStringToToolsConfig, + }, + { + name: "Should parse using lower and upper case", + input: map[string]interface{}{ + "trivy": map[string]bool{ + "istoignore": true, + }, + "HorusecEngine": map[string]bool{ + "istoignore": true, + }, + }, + expected: ToolsConfig{ + tools.Bandit: Config{false}, + tools.BundlerAudit: Config{false}, + tools.Brakeman: Config{false}, + tools.Checkov: Config{false}, + tools.Flawfinder: Config{false}, + tools.GitLeaks: Config{false}, + tools.GoSec: Config{false}, + tools.HorusecEngine: Config{true}, + tools.MixAudit: Config{false}, + tools.NpmAudit: Config{false}, + tools.PhpCS: Config{false}, + tools.Safety: Config{false}, + tools.SecurityCodeScan: Config{false}, + tools.Semgrep: Config{false}, + tools.ShellCheck: Config{false}, + tools.Sobelow: Config{false}, + tools.TfSec: Config{false}, + tools.YarnAudit: Config{false}, + tools.OwaspDependencyCheck: Config{false}, + tools.DotnetCli: Config{false}, + tools.Nancy: Config{false}, + tools.Trivy: Config{true}, + }, + }, + } + + output := bytes.NewBufferString("") + logger.LogSetOutput(output) + + for _, tt := range testcases { + t.Run(tt.name, func(t *testing.T) { + config := MustParseToolsConfig(tt.input) + + assert.Equal(t, tt.expected, config) + assert.Contains(t, output.String(), tt.output) + }) + } +} diff --git a/internal/services/formatters/c/flawfinder/formatter_test.go b/internal/services/formatters/c/flawfinder/formatter_test.go index 3803479d5..ff3272aa4 100644 --- a/internal/services/formatters/c/flawfinder/formatter_test.go +++ b/internal/services/formatters/c/flawfinder/formatter_test.go @@ -20,6 +20,7 @@ import ( "errors" "testing" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" @@ -114,11 +115,11 @@ func TestStartCFlawfinder(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig(toolsconfig.ToolsConfigsStruct{ - Flawfinder: toolsconfig.ToolConfig{ + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Flawfinder: toolsconfig.Config{ IsToIgnore: true, }, - }) + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/csharp/dotnet_cli/formatter_test.go b/internal/services/formatters/csharp/dotnet_cli/formatter_test.go index 1b6a07faa..ec7bb9d8e 100644 --- a/internal/services/formatters/csharp/dotnet_cli/formatter_test.go +++ b/internal/services/formatters/csharp/dotnet_cli/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/assert" analysisEntities "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/toolsconfig" @@ -115,9 +116,11 @@ func TestParseOutput(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{DotnetCli: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.DotnetCli: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/csharp/scs/formatter_test.go b/internal/services/formatters/csharp/scs/formatter_test.go index 07f2bf4db..033c9f058 100644 --- a/internal/services/formatters/csharp/scs/formatter_test.go +++ b/internal/services/formatters/csharp/scs/formatter_test.go @@ -24,6 +24,7 @@ import ( "github.com/stretchr/testify/require" analysisEntities "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/toolsconfig" @@ -190,9 +191,11 @@ func TestParseOutput(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{SecurityCodeScan: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.SecurityCodeScan: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/elixir/mixaudit/formatter_test.go b/internal/services/formatters/elixir/mixaudit/formatter_test.go index a937d40b1..7e8e12977 100644 --- a/internal/services/formatters/elixir/mixaudit/formatter_test.go +++ b/internal/services/formatters/elixir/mixaudit/formatter_test.go @@ -23,6 +23,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/workdir" "github.com/ZupIT/horusec/internal/services/docker" @@ -92,9 +93,11 @@ func TestStartCFlawfinder(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{MixAudit: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.MixAudit: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(entity, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/elixir/sobelow/formatter_test.go b/internal/services/formatters/elixir/sobelow/formatter_test.go index 2ee265564..834caee60 100644 --- a/internal/services/formatters/elixir/sobelow/formatter_test.go +++ b/internal/services/formatters/elixir/sobelow/formatter_test.go @@ -23,6 +23,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/workdir" "github.com/ZupIT/horusec/internal/services/docker" @@ -101,9 +102,11 @@ func TestStartCFlawfinder(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Sobelow: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Sobelow: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(entity, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/generic/dependency_check/formatter_test.go b/internal/services/formatters/generic/dependency_check/formatter_test.go index e8c894f8d..d7ea9ba62 100644 --- a/internal/services/formatters/generic/dependency_check/formatter_test.go +++ b/internal/services/formatters/generic/dependency_check/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/assert" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/toolsconfig" @@ -133,9 +134,11 @@ func TestStartGenericOwaspDependencyCheck(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{OwaspDependencyCheck: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.OwaspDependencyCheck: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/generic/semgrep/formatter_test.go b/internal/services/formatters/generic/semgrep/formatter_test.go index fb98f948a..feb7fe9c2 100644 --- a/internal/services/formatters/generic/semgrep/formatter_test.go +++ b/internal/services/formatters/generic/semgrep/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -139,9 +140,11 @@ func TestParseOutput(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Semgrep: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Semgrep: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/generic/trivy/formatter_test.go b/internal/services/formatters/generic/trivy/formatter_test.go index c7bf060be..187ba0ca6 100644 --- a/internal/services/formatters/generic/trivy/formatter_test.go +++ b/internal/services/formatters/generic/trivy/formatter_test.go @@ -20,6 +20,7 @@ import ( "github.com/stretchr/testify/assert" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/toolsconfig" "github.com/ZupIT/horusec/internal/entities/workdir" @@ -69,9 +70,11 @@ func TestParseOutput(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} c := &config.Config{} c.WorkDir = &workdir.WorkDir{} - c.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Trivy: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + c.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Trivy: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, c) formatter := NewFormatter(service) diff --git a/internal/services/formatters/go/gosec/formatter_test.go b/internal/services/formatters/go/gosec/formatter_test.go index 5fb36096f..d2f22b507 100644 --- a/internal/services/formatters/go/gosec/formatter_test.go +++ b/internal/services/formatters/go/gosec/formatter_test.go @@ -23,6 +23,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/workdir" "github.com/ZupIT/horusec/internal/services/docker" @@ -120,9 +121,11 @@ func TestGoLang_StartAnalysis(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{GoSec: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.GoSec: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(entity, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/go/nancy/formatter_test.go b/internal/services/formatters/go/nancy/formatter_test.go index 33ad12167..e7b96361a 100644 --- a/internal/services/formatters/go/nancy/formatter_test.go +++ b/internal/services/formatters/go/nancy/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/assert" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/toolsconfig" @@ -145,9 +146,11 @@ func TestParseOutput(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Nancy: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Nancy: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/hcl/checkov/formatter_test.go b/internal/services/formatters/hcl/checkov/formatter_test.go index 9488a4b0a..7e3abc18e 100644 --- a/internal/services/formatters/hcl/checkov/formatter_test.go +++ b/internal/services/formatters/hcl/checkov/formatter_test.go @@ -19,6 +19,7 @@ import ( "testing" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -88,9 +89,11 @@ func TestStartHCLCheckov(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Checkov: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Checkov: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/hcl/tfsec/formatter_test.go b/internal/services/formatters/hcl/tfsec/formatter_test.go index 3672ad080..c3f820ed6 100644 --- a/internal/services/formatters/hcl/tfsec/formatter_test.go +++ b/internal/services/formatters/hcl/tfsec/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -88,9 +89,11 @@ func TestStartHCLTfSec(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.WorkDir = &workdir.WorkDir{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{TfSec: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.TfSec: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/javascript/npmaudit/formatter_test.go b/internal/services/formatters/javascript/npmaudit/formatter_test.go index 62921ebc4..67aca4ff5 100644 --- a/internal/services/formatters/javascript/npmaudit/formatter_test.go +++ b/internal/services/formatters/javascript/npmaudit/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -129,9 +130,11 @@ func TestStartNpmAudit(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{NpmAudit: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.NpmAudit: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/javascript/yarnaudit/formatter_test.go b/internal/services/formatters/javascript/yarnaudit/formatter_test.go index 64cfc06d7..84439f9c9 100644 --- a/internal/services/formatters/javascript/yarnaudit/formatter_test.go +++ b/internal/services/formatters/javascript/yarnaudit/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -132,9 +133,11 @@ func TestParseOutputYarn(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{YarnAudit: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.YarnAudit: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/leaks/gitleaks/formatter_test.go b/internal/services/formatters/leaks/gitleaks/formatter_test.go index c12b96da1..20838ed43 100644 --- a/internal/services/formatters/leaks/gitleaks/formatter_test.go +++ b/internal/services/formatters/leaks/gitleaks/formatter_test.go @@ -23,6 +23,7 @@ import ( entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" enumsAnalysis "github.com/ZupIT/horusec-devkit/pkg/enums/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/google/uuid" "github.com/stretchr/testify/assert" @@ -137,9 +138,11 @@ func TestLeaks_StartAnalysis(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{GitLeaks: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.GitLeaks: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/php/phpcs/formatter_test.go b/internal/services/formatters/php/phpcs/formatter_test.go index cfe28b30d..a3fa3a2a6 100644 --- a/internal/services/formatters/php/phpcs/formatter_test.go +++ b/internal/services/formatters/php/phpcs/formatter_test.go @@ -23,6 +23,7 @@ import ( "github.com/stretchr/testify/assert" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" cliConfig "github.com/ZupIT/horusec/config" "github.com/ZupIT/horusec/internal/entities/workdir" "github.com/ZupIT/horusec/internal/services/docker" @@ -86,9 +87,11 @@ func TestStartCFlawfinder(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{PhpCS: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.PhpCS: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/python/bandit/formatter_test.go b/internal/services/formatters/python/bandit/formatter_test.go index 56cc10ddd..0d99d0582 100644 --- a/internal/services/formatters/python/bandit/formatter_test.go +++ b/internal/services/formatters/python/bandit/formatter_test.go @@ -23,6 +23,7 @@ import ( entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" enumHorusec "github.com/ZupIT/horusec-devkit/pkg/enums/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/google/uuid" "github.com/stretchr/testify/assert" @@ -156,9 +157,11 @@ func TestFormatter_StartSafety(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Bandit: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Bandit: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/python/safety/formatter_test.go b/internal/services/formatters/python/safety/formatter_test.go index d2eff2fce..e1f1b7ecf 100644 --- a/internal/services/formatters/python/safety/formatter_test.go +++ b/internal/services/formatters/python/safety/formatter_test.go @@ -23,6 +23,7 @@ import ( entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" enumHorusec "github.com/ZupIT/horusec-devkit/pkg/enums/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/google/uuid" "github.com/stretchr/testify/assert" @@ -134,9 +135,11 @@ func TestFormatter_StartSafety(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Safety: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Safety: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/ruby/brakeman/formatter_test.go b/internal/services/formatters/ruby/brakeman/formatter_test.go index 662339b77..314c0cce4 100644 --- a/internal/services/formatters/ruby/brakeman/formatter_test.go +++ b/internal/services/formatters/ruby/brakeman/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -140,9 +141,11 @@ func TestParseOutput(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{Brakeman: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.Brakeman: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/ruby/bundler/formatter_test.go b/internal/services/formatters/ruby/bundler/formatter_test.go index a0ad4c061..947ac57f2 100644 --- a/internal/services/formatters/ruby/bundler/formatter_test.go +++ b/internal/services/formatters/ruby/bundler/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -128,9 +129,11 @@ func TestParseOutput(t *testing.T) { analysis := &entitiesAnalysis.Analysis{} dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{BundlerAudit: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.BundlerAudit: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service) diff --git a/internal/services/formatters/service_test.go b/internal/services/formatters/service_test.go index 3a3a61a8b..200ef8988 100644 --- a/internal/services/formatters/service_test.go +++ b/internal/services/formatters/service_test.go @@ -298,9 +298,11 @@ func TestLogAnalysisError(t *testing.T) { func TestToolIsToIgnore(t *testing.T) { t.Run("should return true when language is match", func(t *testing.T) { configs := &config.Config{} - configs.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{GoSec: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + configs.ToolsConfig = toolsconfig.ToolsConfig{ + tools.GoSec: toolsconfig.Config{ + IsToIgnore: true, + }, + } monitorController := NewFormatterService(&analysis.Analysis{}, &docker.Mock{}, configs) @@ -308,9 +310,11 @@ func TestToolIsToIgnore(t *testing.T) { }) t.Run("should return true when language is match uppercase", func(t *testing.T) { configs := &config.Config{} - configs.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{GoSec: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + configs.ToolsConfig = toolsconfig.ToolsConfig{ + tools.GoSec: toolsconfig.Config{ + IsToIgnore: true, + }, + } monitorController := NewFormatterService(&analysis.Analysis{}, &docker.Mock{}, configs) @@ -318,12 +322,10 @@ func TestToolIsToIgnore(t *testing.T) { }) t.Run("should return true when language is match lowercase and multi tools", func(t *testing.T) { configs := &config.Config{} - configs.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{ - GoSec: toolsconfig.ToolConfig{IsToIgnore: true}, - SecurityCodeScan: toolsconfig.ToolConfig{IsToIgnore: true}, - }, - ) + configs.ToolsConfig = toolsconfig.ToolsConfig{ + tools.GoSec: toolsconfig.Config{IsToIgnore: true}, + tools.SecurityCodeScan: toolsconfig.Config{IsToIgnore: true}, + } monitorController := NewFormatterService(&analysis.Analysis{}, &docker.Mock{}, configs) @@ -331,9 +333,11 @@ func TestToolIsToIgnore(t *testing.T) { }) t.Run("should return false when language is not match", func(t *testing.T) { configs := &config.Config{} - configs.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{SecurityCodeScan: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + configs.ToolsConfig = toolsconfig.ToolsConfig{ + tools.SecurityCodeScan: toolsconfig.Config{ + IsToIgnore: true, + }, + } monitorController := NewFormatterService(&analysis.Analysis{}, &docker.Mock{}, configs) diff --git a/internal/services/formatters/shell/shellcheck/formatter_test.go b/internal/services/formatters/shell/shellcheck/formatter_test.go index 2ea59cada..3bc4882bf 100644 --- a/internal/services/formatters/shell/shellcheck/formatter_test.go +++ b/internal/services/formatters/shell/shellcheck/formatter_test.go @@ -21,6 +21,7 @@ import ( "github.com/ZupIT/horusec/internal/entities/toolsconfig" entitiesAnalysis "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/enums/tools" "github.com/stretchr/testify/assert" @@ -141,9 +142,11 @@ func TestParseOutput(t *testing.T) { dockerAPIControllerMock := &docker.Mock{} config := &cliConfig.Config{} config.EnableShellCheck = true - config.ToolsConfig = toolsconfig.ParseInterfaceToMapToolsConfig( - toolsconfig.ToolsConfigsStruct{ShellCheck: toolsconfig.ToolConfig{IsToIgnore: true}}, - ) + config.ToolsConfig = toolsconfig.ToolsConfig{ + tools.ShellCheck: toolsconfig.Config{ + IsToIgnore: true, + }, + } service := formatters.NewFormatterService(analysis, dockerAPIControllerMock, config) formatter := NewFormatter(service)