Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

analysis: set success when vulnerability is not of type Vulnerability #623

Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 17 additions & 15 deletions cmd/app/start/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ import (
"os"
"strings"

"github.com/ZupIT/horusec/internal/controllers/printresults"

"github.com/ZupIT/horusec/internal/controllers/requirements"

"github.com/ZupIT/horusec/config"
Expand All @@ -38,7 +40,7 @@ import (
//
// Analyze returns the total of vulnerabilies founded on directory
type Analyzer interface {
Analyze() (int, error)
Analyze() error
}

// Prompt is the interface that interact with use terminal prompt
Expand Down Expand Up @@ -303,28 +305,28 @@ func (s *Start) CreateStartCommand() *cobra.Command {
}

func (s *Start) runE(cmd *cobra.Command, _ []string) error {
totalVulns, err := s.startAnalysis(cmd)
if err != nil {
return err
}

if totalVulns > 0 && s.configs.ReturnErrorIfFoundVulnerability {
cmd.SetUsageFunc(func(command *cobra.Command) error {
if err := s.startAnalysis(cmd); err != nil {
if errors.Is(err, printresults.ErrorUnknownVulnerabilitiesFound) {
if s.configs.ReturnErrorIfFoundVulnerability {
cmd.SetUsageFunc(func(command *cobra.Command) error {
return nil
})
return errors.New("analysis finished with blocking vulnerabilities")
}
return nil
})

return errors.New("analysis finished with blocking vulnerabilities")
}
return err
}
return nil
}

func (s *Start) startAnalysis(cmd *cobra.Command) (totalVulns int, err error) {
func (s *Start) startAnalysis(cmd *cobra.Command) error {
if err := s.askIfRunInDirectorySelected(s.isRunPromptQuestion(cmd)); err != nil {
logger.LogErrorWithLevel(messages.MsgErrorWhenAskDirToRun, err)
return 0, err
return err
}
if err := s.configsValidations(cmd); err != nil {
return 0, err
return err
}
return s.executeAnalysisDirectory()
}
Expand Down Expand Up @@ -364,7 +366,7 @@ func (s *Start) isRunPromptQuestion(cmd *cobra.Command) bool {
return true
}

func (s *Start) executeAnalysisDirectory() (totalVulns int, err error) {
func (s *Start) executeAnalysisDirectory() error {
if s.analyzer == nil {
s.analyzer = analyzer.NewAnalyzer(s.configs)
}
Expand Down
19 changes: 10 additions & 9 deletions cmd/app/start/start_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import (
"os"
"testing"

"github.com/ZupIT/horusec/internal/controllers/printresults"

"github.com/google/uuid"

"github.com/spf13/cobra"
Expand Down Expand Up @@ -74,8 +76,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)

analyzerControllerMock.On("AnalysisDirectory").Return(nil)
requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")

Expand Down Expand Up @@ -105,7 +106,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -137,7 +138,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(10, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(printresults.ErrorUnknownVulnerabilitiesFound)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -169,7 +170,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -201,7 +202,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -234,7 +235,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -268,7 +269,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(0, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down Expand Up @@ -302,7 +303,7 @@ func TestStartCommand_Execute(t *testing.T) {
configs.WorkDir = &workdir.WorkDir{}

analyzerControllerMock := &analyzer.Mock{}
analyzerControllerMock.On("AnalysisDirectory").Return(10, nil)
analyzerControllerMock.On("AnalysisDirectory").Return(nil)

requirementsMock := &requirements.Mock{}
requirementsMock.On("ValidateDocker")
Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,5 @@ require (
github.com/spf13/cobra v1.2.1
github.com/spf13/viper v1.9.0
github.com/stretchr/testify v1.7.0
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
)
10 changes: 2 additions & 8 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -165,12 +165,8 @@ github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMx
github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg=
github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
github.com/ZupIT/horusec-devkit v1.0.16 h1:MBO1RjochmJfrWYm0Jr6qC9c5x6t/5LwjVDhZvdzOnE=
github.com/ZupIT/horusec-devkit v1.0.16/go.mod h1:SEzhqEWkXrJ5/N+tGfQVvIsBsuWaU0x0g7wVl6fqlmc=
github.com/ZupIT/horusec-devkit v1.0.17 h1:j4KtyP3bV7eAWNZtk/2ZB9TIZYaD7QyUv0zRDPuKWiA=
github.com/ZupIT/horusec-devkit v1.0.17/go.mod h1:wTsXrXTD1YrChTQEng8EvVg+zL9nMUIQkhUG85sQwuQ=
github.com/ZupIT/horusec-engine v0.3.5 h1:RwjMuogcG/rO0UQ4Ci1qvmOOWDPW/W4bgCJQAZ1EnHg=
github.com/ZupIT/horusec-engine v0.3.5/go.mod h1:8IoM2BGMJ7jHThgkTIWHD/S4YeEgLD0j3tsxy6nwyd0=
github.com/ZupIT/horusec-engine v0.3.6 h1:m/kL9K8+OVAaYjagoDmNFFDEA3BnyJbcx0DfNYGyaDM=
github.com/ZupIT/horusec-engine v0.3.6/go.mod h1:s3SZQ9gXXlEcIagEuopZJga+Dw6RBFWMD7Rh5A+tIys=
github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
Expand Down Expand Up @@ -553,8 +549,6 @@ github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxm
github.com/go-chi/cors v1.2.0/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
github.com/go-critic/go-critic v0.4.1/go.mod h1:7/14rZGnZbY6E38VEGk2kVhoq6itzc1E68facVDK23g=
github.com/go-critic/go-critic v0.4.3/go.mod h1:j4O3D4RoIwRqlZw5jJpx0BNfXWWbpcJoKu5cYSe4YmQ=
github.com/go-enry/go-enry/v2 v2.7.1 h1:WCqtfyteIz61GYk9lRVy8HblvIv4cP9GIiwm/6txCbU=
github.com/go-enry/go-enry/v2 v2.7.1/go.mod h1:GVzIiAytiS5uT/QiuakK7TF1u4xDab87Y8V5EJRpsIQ=
github.com/go-enry/go-enry/v2 v2.7.2 h1:IBtFo783PgL7oyd/TL1/8HQFMNzOAl4NaLPbzNOvbwM=
github.com/go-enry/go-enry/v2 v2.7.2/go.mod h1:GVzIiAytiS5uT/QiuakK7TF1u4xDab87Y8V5EJRpsIQ=
github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo=
Expand Down Expand Up @@ -1649,10 +1643,10 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 h1:HWj/xjIHfjYU5nVXpTM0s39J9CbLn7Cc5a7IC5rwsMQ=
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210920023735-84f357641f63 h1:kETrAMYZq6WVGPa8IIixL0CaEcIUNi+1WX7grUoi3y8=
golang.org/x/crypto v0.0.0-20210920023735-84f357641f63/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
Expand Down
18 changes: 0 additions & 18 deletions horusec-config.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,6 @@
"horusecCliEnableGitHistoryAnalysis": false,
"horusecCliEnableInformationSeverity": false,
"horusecCliFalsePositiveHashes": [
"2eab7620998c54bcbdb1da9ad96f54c3b6ac7b5e0babbff8f502ec10594479ad",
"52ccbcd6c0d13a6af137ba7d5fc6c66a466f7e746256558550e660c82449851b",
"b9f0d3772a885673b4a968d21eb9c350d25aae332b7c1a9bf113b5af24704ff9",
"e8c6a9744859f048a44a4eb160ce0e22df524507a288cfbfcbfcdc26d2533c63",
"9c205ee4b31bea1254f4e8031958995912312a524105469cb49e757d59558496",
"3e64eb0ec371e5ef7d97adec60d3b94cb7dd5a1189951f2a45ed1827e6781d30",
"5fc8f08b377cdc0c92913da73a2d8d8acd85896993e04ae4c15e34ecb829d8b5",
"362a89c4517db256b648e9b1d21ddb0d99018e7c7b9f9b45d200ede54a49363d",
"06f6ce2402e20f1e885e5d59f66db4dde44dfdd2eaf821d86b1d066a707c9fff",
"85492fbc829b64336a4f858022fbe52f05e27ee18d7a8fbdf5ffd23991ebd7a9",
"36f41965e929e9763260c61451ce0a5ca572f8a1a8979390b7c694e54e3dce29",
"c25edc56029ba81e69515d3bca44fa5545af63cf841d8f219ac57fcd7cb95265",
"daf141d66c2b98a3c579726372fbd91957d3e51c00b3a6ec18e5b40ca98fcbe6",
"10415a9f27493234fc73226fd2697c7a4af6ae48bfa8b733ba8fb6693ed44f90",
"8ff7424e06c66ce6264da9c160de02d05c644672de9ec9420a9c1f6f7d632ea0",
"a49902aabb86572896df9baba7d15a5b6db7e968ccd59b88c371bccaefc8fcf2",
"f1721f8345e395a894e4341442a9e22c46eafc4fdf777a8d30ed1cf4f5ea22c1"
],
"horusecCliFilesOrPathsToIgnore": [
"**/e2e/**",
Expand All @@ -64,7 +47,6 @@
"horusecCliRiskAcceptHashes": [],
"horusecCliSeveritiesToIgnore": [],
"horusecCliShowVulnerabilitiesTypes": [
"Vulnerability"
],
"horusecCliTimeoutInSecondsAnalysis": 1000,
"horusecCliTimeoutInSecondsRequest": 300,
Expand Down
14 changes: 7 additions & 7 deletions internal/controllers/analyzer/analyzer.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ type LanguageDetect interface {
//
// Print print the results to stdout and return the total vulnerabilities that was printed.
type PrintResults interface {
Print() (int, error)
Print() error
SetAnalysis(analysis *analysis.Analysis)
}

Expand Down Expand Up @@ -137,11 +137,11 @@ func NewAnalyzer(cfg *config.Config) *Analyzer {
}
}

func (a *Analyzer) Analyze() (totalVulns int, err error) {
func (a *Analyzer) Analyze() error {
a.removeTrashByInterruptProcess()
totalVulns, err = a.runAnalysis()
err := a.runAnalysis()
a.removeHorusecFolder()
return totalVulns, err
return err
}

func (a *Analyzer) removeTrashByInterruptProcess() {
Expand All @@ -163,16 +163,16 @@ func (a *Analyzer) removeHorusecFolder() {
}
}

func (a *Analyzer) runAnalysis() (totalVulns int, err error) {
func (a *Analyzer) runAnalysis() error {
langs, err := a.languageDetect.Detect(a.config.ProjectPath)
if err != nil {
return 0, err
return err
}
a.startDetectVulnerabilities(langs)
return a.sendAnalysisAndStartPrintResults()
}

func (a *Analyzer) sendAnalysisAndStartPrintResults() (int, error) {
func (a *Analyzer) sendAnalysisAndStartPrintResults() error {
a.formatAnalysisToSendToAPI()
a.horusec.SendAnalysis(a.analysis)
analysisSaved := a.horusec.GetAnalysis(a.analysis.ID)
Expand Down
4 changes: 2 additions & 2 deletions internal/controllers/analyzer/analyzer_mock.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ type Mock struct {
mock.Mock
}

func (m *Mock) Analyze() (int, error) {
func (m *Mock) Analyze() error {
args := m.MethodCalled("AnalysisDirectory")
return args.Get(0).(int), utilsMock.ReturnNilOrError(args, 0)
return utilsMock.ReturnNilOrError(args, 0)
}
17 changes: 7 additions & 10 deletions internal/controllers/analyzer/analyzer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ func BenchmarkAnalyzerAnalyze(b *testing.B) {
analyzer := NewAnalyzer(cfg)

for i := 0; i < b.N; i++ {
if _, err := analyzer.Analyze(); err != nil {
if err := analyzer.Analyze(); err != nil {
b.Fatalf("Unexepcted error to analyze on benchmark: %v\n", err)
}
}
Expand Down Expand Up @@ -97,7 +97,7 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
}, nil)

printResultMock := &printresults.Mock{}
printResultMock.On("StartPrintResults").Return(0, nil)
printResultMock.On("StartPrintResults").Return(nil)
printResultMock.On("SetAnalysis")

horusecAPIMock := &horusecAPI.Mock{}
Expand Down Expand Up @@ -128,9 +128,8 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
}

controller.analysis = &entitiesAnalysis.Analysis{ID: uuid.New()}
totalVulns, err := controller.Analyze()
err := controller.Analyze()
assert.NoError(t, err)
assert.Equal(t, 0, totalVulns)
})
t.Run("Should run all analysis with and send to server correctly", func(t *testing.T) {
configs := config.New()
Expand All @@ -155,7 +154,7 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
}, nil)

printResultMock := &printresults.Mock{}
printResultMock.On("StartPrintResults").Return(0, nil)
printResultMock.On("StartPrintResults").Return(nil)
printResultMock.On("SetAnalysis")

horusecAPIMock := &horusecAPI.Mock{}
Expand Down Expand Up @@ -186,9 +185,8 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
}

controller.analysis = &entitiesAnalysis.Analysis{ID: uuid.New()}
totalVulns, err := controller.Analyze()
err := controller.Analyze()
assert.NoError(t, err)
assert.Equal(t, 0, totalVulns)
})
t.Run("Should run error in language detect", func(t *testing.T) {
configs := config.New()
Expand All @@ -198,7 +196,7 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
languageDetectMock.On("LanguageDetect").Return([]languages.Language{}, errors.New("test"))

printResultMock := &printresults.Mock{}
printResultMock.On("StartPrintResults").Return(0, nil)
printResultMock.On("StartPrintResults").Return(nil)
printResultMock.On("SetAnalysis")

horusecAPIMock := &horusecAPI.Mock{}
Expand Down Expand Up @@ -229,8 +227,7 @@ func TestAnalyzer_AnalysisDirectory(t *testing.T) {
}

controller.analysis = &entitiesAnalysis.Analysis{ID: uuid.New()}
totalVulns, err := controller.Analyze()
err := controller.Analyze()
assert.Error(t, err)
assert.Equal(t, 0, totalVulns)
})
}
18 changes: 13 additions & 5 deletions internal/controllers/printresults/print_results.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@ import (
)

var (
ErrOutputJSON = errors.New("{HORUSEC_CLI} error creating and/or writing to the specified file")
ErrOutputJSON = errors.New("{HORUSEC_CLI} error creating and/or writing to the specified file")
ErrorUnknownVulnerabilitiesFound = errors.New("unknown vulnerabilities found")
)

type SonarQubeConverter interface {
Expand Down Expand Up @@ -69,9 +70,9 @@ func (pr *PrintResults) SetAnalysis(entity *analysis.Analysis) {
pr.analysis = entity
}

func (pr *PrintResults) Print() (totalVulns int, err error) {
func (pr *PrintResults) Print() error {
if err := pr.factoryPrintByType(); err != nil {
return 0, err
return err
}

pr.checkIfExistVulnerabilityOrNoSec()
Expand All @@ -82,9 +83,16 @@ func (pr *PrintResults) Print() (totalVulns int, err error) {
logger.LogWarnWithLevel(messages.MsgErrorTimeoutOccurs)
}

return pr.totalVulns, nil
return pr.checkIfHasUnkownVulnerabilities()
}
func (pr *PrintResults) checkIfHasUnkownVulnerabilities() error {
for i := range pr.analysis.AnalysisVulnerabilities {
if pr.analysis.AnalysisVulnerabilities[i].Vulnerability.Type == enumsVulnerability.Vulnerability {
return ErrorUnknownVulnerabilitiesFound
}
}
return nil
}

func (pr *PrintResults) factoryPrintByType() error {
switch {
case pr.configs.PrintOutputType == outputtype.JSON:
Expand Down
4 changes: 2 additions & 2 deletions internal/controllers/printresults/print_results_mock.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ type Mock struct {
mock.Mock
}

func (m *Mock) Print() (totalVulns int, err error) {
func (m *Mock) Print() error {
args := m.MethodCalled("StartPrintResults")
return args.Get(0).(int), utilsMock.ReturnNilOrError(args, 0)
return utilsMock.ReturnNilOrError(args, 0)
}

func (m *Mock) SetAnalysis(analysis *entitiesAnalysis.Analysis) {
Expand Down
Loading