diff --git a/internal/controllers/printresults/print_results.go b/internal/controllers/printresults/print_results.go index 8cf53307a..0d012ea05 100644 --- a/internal/controllers/printresults/print_results.go +++ b/internal/controllers/printresults/print_results.go @@ -30,7 +30,6 @@ import ( "github.com/ZupIT/horusec-devkit/pkg/utils/logger" "github.com/ZupIT/horusec/config" - sq "github.com/ZupIT/horusec/internal/entities/sonarqube" "github.com/ZupIT/horusec/internal/enums/outputtype" "github.com/ZupIT/horusec/internal/helpers/messages" "github.com/ZupIT/horusec/internal/services/sonarqube" @@ -40,7 +39,7 @@ import ( var ErrOutputJSON = errors.New("{HORUSEC_CLI} error creating and/or writing to the specified file") type SonarQubeConverter interface { - ConvertVulnerabilityToSonarQube() sq.Report + ConvertVulnerabilityToSonarQube() sonarqube.Report } type analysisOutputJSON struct { diff --git a/internal/entities/sonarqube/location.go b/internal/entities/sonarqube/location.go deleted file mode 100644 index a22e9cccc..000000000 --- a/internal/entities/sonarqube/location.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package sonarqube - -type Location struct { - Message string `json:"message"` - Filepath string `json:"filePath"` - Range TextRange `json:"textRange"` -} diff --git a/internal/entities/sonarqube/report.go b/internal/entities/sonarqube/report.go deleted file mode 100644 index 6e68a60d4..000000000 --- a/internal/entities/sonarqube/report.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package sonarqube - -type Report struct { - Issues []Issue `json:"issues"` -} diff --git a/internal/entities/sonarqube/text_range.go b/internal/entities/sonarqube/text_range.go deleted file mode 100644 index c8c4b351f..000000000 --- a/internal/entities/sonarqube/text_range.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package sonarqube - -type TextRange struct { - StartLine int `json:"startLine"` - EndLine int `json:"endLine,omitempty"` - StartColumn int `json:"startColumn,omitempty"` - EndColumn int `json:"endColumn,omitempty"` -} diff --git a/internal/entities/sonarqube/issue.go b/internal/services/sonarqube/schema.go similarity index 72% rename from internal/entities/sonarqube/issue.go rename to internal/services/sonarqube/schema.go index b96104a66..5e7dfc25f 100644 --- a/internal/entities/sonarqube/issue.go +++ b/internal/services/sonarqube/schema.go @@ -14,6 +14,10 @@ package sonarqube +type Report struct { + Issues []Issue `json:"issues"` +} + type Issue struct { Type string `json:"type"` RuleID string `json:"ruleId"` @@ -23,3 +27,16 @@ type Issue struct { PrimaryLocation Location `json:"primaryLocation"` SecondaryLocations []Location `json:"secondaryLocations,omitempty"` } + +type Location struct { + Message string `json:"message"` + Filepath string `json:"filePath"` + Range TextRange `json:"textRange"` +} + +type TextRange struct { + StartLine int `json:"startLine"` + EndLine int `json:"endLine,omitempty"` + StartColumn int `json:"startColumn,omitempty"` + EndColumn int `json:"endColumn,omitempty"` +} diff --git a/internal/services/sonarqube/sonarqube.go b/internal/services/sonarqube/sonarqube.go index f685604eb..a7e4bce64 100644 --- a/internal/services/sonarqube/sonarqube.go +++ b/internal/services/sonarqube/sonarqube.go @@ -17,29 +17,27 @@ package sonarqube import ( "strconv" - horusecEntities "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" - vulnEntity "github.com/ZupIT/horusec-devkit/pkg/entities/vulnerability" - horusecSeverity "github.com/ZupIT/horusec-devkit/pkg/enums/severities" - - "github.com/ZupIT/horusec/internal/entities/sonarqube" + "github.com/ZupIT/horusec-devkit/pkg/entities/analysis" + "github.com/ZupIT/horusec-devkit/pkg/entities/vulnerability" + "github.com/ZupIT/horusec-devkit/pkg/enums/severities" ) type SonarQube struct { - analysis *horusecEntities.Analysis + analysis *analysis.Analysis } -func NewSonarQube(analysis *horusecEntities.Analysis) *SonarQube { +func NewSonarQube(analysiss *analysis.Analysis) *SonarQube { return &SonarQube{ - analysis: analysis, + analysis: analysiss, } } -func (sq *SonarQube) ConvertVulnerabilityToSonarQube() (report sonarqube.Report) { - report.Issues = []sonarqube.Issue{} +func (sq *SonarQube) ConvertVulnerabilityToSonarQube() (report Report) { + report.Issues = []Issue{} for index := range sq.analysis.AnalysisVulnerabilities { - vulnerability := sq.analysis.AnalysisVulnerabilities[index].Vulnerability + vuln := sq.analysis.AnalysisVulnerabilities[index].Vulnerability - issue := sq.formatReportStruct(&vulnerability) + issue := sq.formatReportStruct(&vuln) report.Issues = append(report.Issues, *issue) } @@ -47,11 +45,11 @@ func (sq *SonarQube) ConvertVulnerabilityToSonarQube() (report sonarqube.Report) return report } -func (sq *SonarQube) formatReportStruct(vulnerability *vulnEntity.Vulnerability) (issue *sonarqube.Issue) { - issue = sq.newIssue(vulnerability) +func (sq *SonarQube) formatReportStruct(vuln *vulnerability.Vulnerability) (issue *Issue) { + issue = sq.newIssue(vuln) - convertedVulnerabilityLine, _ := strconv.Atoi(vulnerability.Line) - convertedVulnerabilityColumn, _ := strconv.Atoi(vulnerability.Column) + convertedVulnerabilityLine, _ := strconv.Atoi(vuln.Line) + convertedVulnerabilityColumn, _ := strconv.Atoi(vuln.Column) issue.PrimaryLocation.Range.StartLine = sq.shouldBeGreatherThanZero(convertedVulnerabilityLine) issue.PrimaryLocation.Range.StartColumn = sq.shouldBeGreatherThanZero(convertedVulnerabilityColumn) @@ -66,30 +64,30 @@ func (sq *SonarQube) shouldBeGreatherThanZero(v int) int { return 1 } -func (sq *SonarQube) newIssue(vulnerability *vulnEntity.Vulnerability) *sonarqube.Issue { - return &sonarqube.Issue{ +func (sq *SonarQube) newIssue(vuln *vulnerability.Vulnerability) *Issue { + return &Issue{ EngineID: "horusec", Type: "VULNERABILITY", - Severity: sq.convertHorusecSeverityToSonarQube(vulnerability.Severity), - RuleID: vulnerability.SecurityTool.ToString(), - PrimaryLocation: sonarqube.Location{ - Message: vulnerability.Details, - Filepath: vulnerability.File, + Severity: sq.convertHorusecSeverityToSonarQube(vuln.Severity), + RuleID: vuln.SecurityTool.ToString(), + PrimaryLocation: Location{ + Message: vuln.Details, + Filepath: vuln.File, }, } } -func (sq *SonarQube) convertHorusecSeverityToSonarQube(severity horusecSeverity.Severity) string { +func (sq *SonarQube) convertHorusecSeverityToSonarQube(severity severities.Severity) string { return sq.getSonarQubeSeverityMap()[severity] } -func (sq *SonarQube) getSonarQubeSeverityMap() map[horusecSeverity.Severity]string { - return map[horusecSeverity.Severity]string{ - horusecSeverity.Critical: "BLOCKER", - horusecSeverity.High: "CRITICAL", - horusecSeverity.Medium: "MAJOR", - horusecSeverity.Low: "MINOR", - horusecSeverity.Unknown: "INFO", - horusecSeverity.Info: "INFO", +func (sq *SonarQube) getSonarQubeSeverityMap() map[severities.Severity]string { + return map[severities.Severity]string{ + severities.Critical: "BLOCKER", + severities.High: "CRITICAL", + severities.Medium: "MAJOR", + severities.Low: "MINOR", + severities.Unknown: "INFO", + severities.Info: "INFO", } }