Add optional PropertyBag to all objects

All objects in the sarif report can support a propertyBag called properties Also making the results slice always generated on the creation of report as per the spec
shaopeng-gh · Apr 27, 2021 · 23e9380 · 23e9380
1 parent a0d95c4
commit 23e9380
Show file tree

Hide file tree

Showing 30 changed files with 173 additions and 21 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -5,5 +5,3 @@ env:
   - GO111MODULE=on
 script:
   - make test
-after_success:
-  - bash <(curl -s https://codecov.io/bash)
diff --git a/go.mod b/go.mod
@@ -2,4 +2,7 @@ module github.com/owenrumney/go-sarif
 
 go 1.16
 
-require github.com/stretchr/testify v1.7.0
+require (
+	github.com/stretchr/testify v1.7.0
+	github.com/zclconf/go-cty v1.8.2
+)
diff --git a/go.sum b/go.sum
@@ -1,11 +1,35 @@
+github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4=
+github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI=
+github.com/zclconf/go-cty v1.8.2 h1:u+xZfBKgpycDnTNjPhGiTEYZS5qS/Sb5MqSfm7vzcjg=
+github.com/zclconf/go-cty v1.8.2/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
+golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/sarif/address.go b/sarif/address.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Address struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10541049
+	PropertyBag
 	Index              *uint   `json:"index,omitempty"`
 	AbsoluteAddress    *uint   `json:"absoluteAddress,omitempty"`
 	RelativeAddress    *int    `json:"relativeAddress,omitempty"`

diff --git a/sarif/artifact.go b/sarif/artifact.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Artifact struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10541049
+	PropertyBag
 	Location            *ArtifactLocation `json:"location,omitempty"`
 	ParentIndex         *uint             `json:"parentIndex,omitempty"`
 	Offset              *uint             `json:"offset,omitempty"`

diff --git a/sarif/artifact_change.go b/sarif/artifact_change.go
@@ -1,6 +1,7 @@
 package sarif
 
 type ArtifactChange struct {
+	PropertyBag
 	ArtifactLocation ArtifactLocation `json:"artifactLocation"`
 	Replacements     []*Replacement   `json:"replacements"` //required
 }

diff --git a/sarif/artifact_content.go b/sarif/artifact_content.go
@@ -1,6 +1,7 @@
 package sarif
 
 type ArtifactContent struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10540860
+	PropertyBag
 	Text     *string                   `json:"text,omitempty"`
 	Binary   *string                   `json:"binary,omitempty"`
 	Rendered *MultiformatMessageString `json:"rendered,omitempty"`

diff --git a/sarif/artifact_location.go b/sarif/artifact_location.go
@@ -1,6 +1,7 @@
 package sarif
 
 type ArtifactLocation struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10540865
+	PropertyBag
 	URI         *string  `json:"uri,omitempty"`
 	URIBaseId   *string  `json:"uriBaseId,omitempty"`
 	Index       *uint    `json:"index,omitempty"`

diff --git a/sarif/fix.go b/sarif/fix.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Fix struct {
+	PropertyBag
 	Description     *Message          `json:"description,omitempty"`
 	ArtifactChanges []*ArtifactChange `json:"artifactChanges"` //	required
 }

diff --git a/sarif/invocation.go b/sarif/invocation.go
@@ -4,6 +4,7 @@ import "time"
 
 // Invocation describes the runtime environment of the analysis tool run.
 type Invocation struct {
+	PropertyBag
 	StartTimeUTC        *time.Time        `json:"startTimeUtc,omitempty"`
 	EndTimeUTC          *time.Time        `json:"endTimeUtc,omitempty"`
 	ExecutionSuccessful bool              `json:"executionSuccessful"`

diff --git a/sarif/location.go b/sarif/location.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Location struct {
+	PropertyBag
 	Id               *uint                   `json:"id,omitempty"`
 	PhysicalLocation *PhysicalLocation       `json:"physicalLocation,omitempty"`
 	LogicalLocations []*LogicalLocation      `json:"logicalLocations,omitempty"`
@@ -13,6 +14,10 @@ func NewLocation() *Location {
 	return &Location{}
 }
 
+func NewLocationWithPhysicalLocation(physicalLocation *PhysicalLocation) *Location {
+	return NewLocation().WithPhysicalLocation(physicalLocation)
+}
+
 func (l *Location) WithId(id int) *Location {
 	i := uint(id)
 	l.Id = &i

diff --git a/sarif/location_relationship.go b/sarif/location_relationship.go
@@ -1,6 +1,7 @@
 package sarif
 
 type LocationRelationship struct {
+	PropertyBag
 	Target      uint     `json:"target"`
 	Kinds       []string `json:"kinds,omitempty"`
 	Description *Message `json:"description,omitempty"`

diff --git a/sarif/logical_location.go b/sarif/logical_location.go
@@ -1,6 +1,7 @@
 package sarif
 
 type LogicalLocation struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Ref493404505
+	PropertyBag
 	Index              *uint   `json:"index,omitempty"`
 	Name               *string `json:"name,omitempty"`
 	FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`

diff --git a/sarif/message.go b/sarif/message.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Message struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10540897
+	PropertyBag
 	Text      *string  `json:"text,omitempty"`
 	Markdown  *string  `json:"markdown,omitempty"`
 	Id        *string  `json:"id,omitempty"`

diff --git a/sarif/multi_format_message_string.go b/sarif/multi_format_message_string.go
@@ -1,7 +1,8 @@
 package sarif
 
 type MultiformatMessageString struct {
-	Text     string `json:"text"`
+	PropertyBag
+	Text     string  `json:"text"`
 	Markdown *string `json:"markdown,omitempty"`
 }
 

diff --git a/sarif/physical_location.go b/sarif/physical_location.go
@@ -1,6 +1,7 @@
 package sarif
 
 type PhysicalLocation struct {
+	PropertyBag
 	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
 	Region           *Region           `json:"region,omitempty"`
 	ContextRegion    *Region           `json:"contextRegion,omitempty"`

diff --git a/sarif/properties.go b/sarif/properties.go
@@ -0,0 +1,29 @@
+package sarif
+
+type Properties map[string]interface{}
+
+type PropertyBag struct {
+	Properties Properties `json:"properties,omitempty"`
+}
+
+func NewPropertyBag() *PropertyBag {
+	return &PropertyBag{
+		Properties: Properties{},
+	}
+}
+
+func (pb *PropertyBag) Add(key string, value interface{}) {
+	pb.Properties[key] = value
+}
+
+func (pb *PropertyBag) AddString(key, value string) {
+	pb.Add(key, value)
+}
+
+func (pb *PropertyBag) AddBoolean(key string, value bool) {
+	pb.Add(key, value)
+}
+
+func (pb *PropertyBag) AddInteger(key string, value int) {
+	pb.Add(key, value)
+}
diff --git a/sarif/region.go b/sarif/region.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Region struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10541123
+	PropertyBag
 	StartLine      *int             `json:"startLine,omitempty"`
 	StartColumn    *int             `json:"startColumn,omitempty"`
 	EndLine        *int             `json:"endLine,omitempty"`

diff --git a/sarif/replacement.go b/sarif/replacement.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Replacement struct {
+	PropertyBag
 	DeletedRegion   Region           `json:"deletedRegion"`
 	InsertedContent *ArtifactContent `json:"insertedContent,omitempty"`
 }

diff --git a/sarif/reporting_descriptor_reference.go b/sarif/reporting_descriptor_reference.go
@@ -1,6 +1,7 @@
 package sarif
 
 type ReportingDescriptorReference struct {
+	PropertyBag
 	Id            *string                 `json:"id,omitempty"`
 	Index         *uint                   `json:"index,omitempty"`
 	Guid          *string                 `json:"guid,omitempty"`

diff --git a/sarif/result.go b/sarif/result.go
@@ -2,6 +2,7 @@ package sarif
 
 // Result represents the results block in the sarif report
 type Result struct {
+	PropertyBag
 	Guid            *string                         `json:"guid,omitempty"`
 	CorrelationGuid *string                         `json:"correlationGuid,omitempty"`
 	RuleID          *string                         `json:"ruleId,omitempty"`
@@ -75,8 +76,8 @@ func (r *Result) WithLevel(level string) *Result {
 	return r
 }
 
-func (r *Result) WithMessage(message Message) *Result {
-	r.Message = message
+func (r *Result) WithMessage(message *Message) *Result {
+	r.Message = *message
 	return r
 }
 

diff --git a/sarif/run.go b/sarif/run.go
@@ -2,14 +2,22 @@ package sarif
 
 import (
 	"fmt"
+
+	"github.com/zclconf/go-cty/cty"
 )
 
+type RunOption int
+
+const IncludeEmptyResults RunOption = iota
+
 // Run type represents a run of a tool
 type Run struct { // https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10540922
+	PropertyBag
 	Tool        Tool          `json:"tool"`
 	Invocations []*Invocation `json:"invocations,omitempty"`
 	Artifacts   []*Artifact   `json:"artifacts,omitempty"`
-	Results     []*Result     `json:"results,omitempty"` //	can	be	null
+	Results     []*Result     `json:"results"`
+	Properties  Properties    `json:"properties,omitempty"`
 }
 
 // NewRun allows the creation of a new Run
@@ -22,6 +30,7 @@ func NewRun(toolName, informationURI string) *Run {
 			},
 		},
 	}
+
 	return run
 }
 
@@ -62,6 +71,10 @@ func (run *Run) AddResult(ruleID string) *Result {
 	return result
 }
 
+func (run *Run) AttachPropertyBag(pb *PropertyBag) {
+	run.Properties = pb.Properties
+}
+
 // GetRuleById finds a rule by a given rule ID and returns a pointer to it
 func (run *Run) GetRuleById(ruleId string) (*Rule, error) {
 	if run.Tool.Driver != nil {
@@ -97,3 +110,7 @@ func (run *Run) DedupeArtifacts() error {
 	run.Artifacts = deduped
 	return nil
 }
+
+func (run *Run) AddProperties(key string, value cty.Value) {
+	run.Properties[key] = value
+}
diff --git a/sarif/sarif.go b/sarif/sarif.go
@@ -20,6 +20,7 @@ var versions = map[Version]string{
 
 // Report is the encapsulating type representing a Sarif Report
 type Report struct {
+	PropertyBag
 	Version string `json:"version"`
 	Schema  string `json:"$schema"`
 	Runs    []*Run `json:"runs"`

diff --git a/sarif/suppression.go b/sarif/suppression.go
@@ -1,6 +1,7 @@
 package sarif
 
 type Suppression struct {
+	PropertyBag
 	Kind          string    `json:"kind"`
 	Status        *string   `json:"status"`
 	Location      *Location `json:"location"`

diff --git a/sarif/tool.go b/sarif/tool.go
@@ -1,13 +1,15 @@
 package sarif
 
 type Tool struct {
+	PropertyBag
 	Driver *Driver `json:"driver"`
 }
 
 type Driver struct {
+	PropertyBag
 	Name           string  `json:"name"`
-	Version        *string  `json:"version,omitempty"`
-	InformationURI *string  `json:"informationUri"`
+	Version        *string `json:"version,omitempty"`
+	InformationURI *string `json:"informationUri"`
 	Rules          []*Rule `json:"rules,omitempty"`
 }
 
@@ -19,11 +21,12 @@ func (driver *Driver) WithVersion(version string) *Driver {
 
 // Rule specifies a Sarif Rule object
 type Rule struct {
+	PropertyBag
 	ID               string                    `json:"id"`
-	Name             *string                    `json:"name,omitempty"`
+	Name             *string                   `json:"name,omitempty"`
 	ShortDescription *MultiformatMessageString `json:"shortDescription"`
 	FullDescription  *MultiformatMessageString `json:"fullDescription,omitempty"`
-	HelpURI          *string                    `json:"helpUri,omitempty"`
+	HelpURI          *string                   `json:"helpUri,omitempty"`
 	Help             *MultiformatMessageString `json:"help,omitempty"`
 	Properties       map[string]string         `json:"properties,omitempty"`
 }

diff --git a/sarif/tool_component_reference.go b/sarif/tool_component_reference.go
@@ -1,6 +1,7 @@
 package sarif
 
 type ToolComponentReference struct {
+	PropertyBag
 	Name  *string `json:"name"`
 	Index *uint   `json:"index"`
 	Guid  *string `json:"guid"`

diff --git a/test/report_stage_test.go b/test/report_stage_test.go
@@ -38,6 +38,12 @@ func (r *reportTest) with_a_run_added(tool, informationUri string) *sarif.Run {
 	return run
 }
 
+func (r *reportTest) with_a_run_with_empty_result_added(tool, informationUri string) *sarif.Run {
+	run := sarif.NewRun(tool, informationUri)
+	r.report.AddRun(run)
+	return run
+}
+
 func (r *reportTest) an_artifact_is_added_to_the_run(run *sarif.Run, filename string) *reportTest {
 	a := run.AddArtifact()
 	a.Location = &sarif.ArtifactLocation{
@@ -46,11 +52,11 @@ func (r *reportTest) an_artifact_is_added_to_the_run(run *sarif.Run, filename st
 	return r
 }
 
-func (r *reportTest) a_result_is_added_to_the_run(run *sarif.Run, ruleId, messageText string) *reportTest {
-	result := run.AddResult(ruleId)
-	result.Message = sarif.Message{
-		Text: &messageText,
-	}
+func (r *reportTest) some_properties_are_added_to_the_run(run *sarif.Run) *reportTest {
+	pb := sarif.NewPropertyBag()
+	pb.AddString("string_property", "this is a string")
+	pb.AddInteger("integer_property", 10)
+	run.AttachPropertyBag(pb)
 	return r
 }