Skip to content

Commit

Permalink
create v2 (owenrumney#32)
Browse files Browse the repository at this point in the history
* create v2

* add documentation

* update v2 documentation

* update run to be complete
  • Loading branch information
owenrumney authored Dec 10, 2021
1 parent ef0908a commit b94bb5a
Show file tree
Hide file tree
Showing 80 changed files with 4,530 additions and 30 deletions.
31 changes: 7 additions & 24 deletions example/example-report.sarif
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
"shortDescription": {
"text": "Resource 'aws_security_group_rule.my-rule' defines a fully open ingress security group rule."
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS006/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -26,6 +27,7 @@
"shortDescription": {
"text": "Resource 'azurerm_managed_disk.source' defines an unencrypted managed disk."
},
"helpUri": "See https://tfsec.dev/docs/azure/AZU003/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -39,6 +41,7 @@
"shortDescription": {
"text": "Resource 'aws_api_gateway_domain_name.outdated_security_policy' defines outdated SSL/TLS policies (not using TLS_1_2)."
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS025/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -52,6 +55,7 @@
"shortDescription": {
"text": "Resource 'aws_security_group_rule.my-rule' should include a description for auditing purposes."
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS018/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -65,6 +69,7 @@
"shortDescription": {
"text": "Resource 'aws_alb_listener.my-alb-listener' uses plain HTTP instead of HTTPS."
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS004/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -78,6 +83,7 @@
"shortDescription": {
"text": "Resource 'aws_db_security_group.my-group' uses EC2 Classic. Use a VPC instead."
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS003/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand All @@ -91,6 +97,7 @@
"shortDescription": {
"text": "Resource 'aws_dynamodb_table.bad_example' is not using KMS CMK for encryption"
},
"helpUri": "See https://tfsec.dev/docs/aws/AWS092/ for more information.",
"help": {
"markdown": "# markdown"
},
Expand Down Expand Up @@ -294,28 +301,4 @@
]
}
]
}in.tf"
},
"region": {
"startLine": 41,
"endLine": 56
}
}
}
]
}
]
}
]
}
"startLine": 41,
"endLine": 56
}
}
}
]
}
]
}
]
}
12 changes: 6 additions & 6 deletions example/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ import (
"os"
"strings"

"github.com/owenrumney/go-sarif/sarif"
"github.com/owenrumney/go-sarif/v2/sarif"
)

// simple structure for the output of tfsec
// TfsecResults is a simple structure for the output of tfsec
type TfsecResults struct {
Results []struct {
RuleID string `json:"rule_id"`
Expand Down Expand Up @@ -44,7 +44,7 @@ func main() {
}

// create a run for tfsec
run := sarif.NewRun("tfsec", "https://tfsec.dev")
run := sarif.NewRunWithInformationURI("tfsec", "https://tfsec.dev")

// for each result, add the
for _, r := range tfsecResults.Results {
Expand All @@ -57,18 +57,18 @@ func main() {
// create a new rule for each rule id
run.AddRule(r.RuleID).
WithDescription(r.Description).
WithHelp(r.Link).
WithHelpURI(r.Link).
WithProperties(pb.Properties).
WithMarkdownHelp("# markdown")

// add the location as a unique artifact
run.AddDistinctArtifact(r.Location.Filename)

// add each of the results with the details of where the issue occurred
run.AddResult(r.RuleID).
run.CreateResultForRule(r.RuleID).
WithLevel(strings.ToLower(r.Severity)).
WithMessage(sarif.NewTextMessage(r.Description)).
WithLocation(
AddLocation(
sarif.NewLocationWithPhysicalLocation(
sarif.NewPhysicalLocation().
WithArtifactLocation(
Expand Down
3 changes: 3 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ module github.com/owenrumney/go-sarif
go 1.16

require (
github.com/owenrumney/go-sarif/v2 v2.0.0
github.com/stretchr/testify v1.7.0
github.com/zclconf/go-cty v1.10.0
)

replace github.com/owenrumney/go-sarif/v2 v2.0.0 => ./v2
1 change: 1 addition & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
Expand Down
9 changes: 9 additions & 0 deletions v2/go.mod
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
module github.com/owenrumney/go-sarif/v2

go 1.16

require (
github.com/owenrumney/go-sarif v1.1.1
github.com/stretchr/testify v1.7.0
github.com/zclconf/go-cty v1.10.0
)
39 changes: 39 additions & 0 deletions v2/go.sum
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/owenrumney/go-sarif v1.1.1 h1:QNObu6YX1igyFKhdzd7vgzmw7XsWN3/6NMGuDzBgXmE=
github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4=
github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI=
github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0=
github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
77 changes: 77 additions & 0 deletions v2/sarif/address.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
package sarif

// Address ...
type Address struct {
PropertyBag
Index *uint `json:"index,omitempty"`
AbsoluteAddress *uint `json:"absoluteAddress,omitempty"`
RelativeAddress *int `json:"relativeAddress,omitempty"`
OffsetFromParent *int `json:"offsetFromParent,omitempty"`
Length *int `json:"length,omitempty"`
Name *string `json:"name,omitempty"`
FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`
Kind *string `json:"kind,omitempty"`
ParentIndex *uint `json:"parentIndex,omitempty"`
}

// NewAddress create a new Address and returns a pointer to it
func NewAddress() *Address {
return &Address{}
}

// WithIndex sets the Index
func (address *Address) WithIndex(index int) *Address {
i := uint(index)
address.Index = &i
return address
}

// WithAbsoluteAddress sets the AbsoluteAddress
func (address *Address) WithAbsoluteAddress(absoluteAddress int) *Address {
i := uint(absoluteAddress)
address.AbsoluteAddress = &i
return address
}

// WithRelativeAddress sets the RelativeAddress
func (address *Address) WithRelativeAddress(relativeAddress int) *Address {
address.RelativeAddress = &relativeAddress
return address
}

// WithOffsetFromParent sets the OffsetFromParent
func (address *Address) WithOffsetFromParent(offsetFromParent int) *Address {
address.OffsetFromParent = &offsetFromParent
return address
}

// WithLength sets the Length
func (address *Address) WithLength(length int) *Address {
address.Length = &length
return address
}

// WithName sets the Name
func (address *Address) WithName(name string) *Address {
address.Name = &name
return address
}

// WithFullyQualifiedName sets the FullyQualifiedName
func (address *Address) WithFullyQualifiedName(fullyQualifiedName string) *Address {
address.FullyQualifiedName = &fullyQualifiedName
return address
}

// WithKind sets the Kind
func (address *Address) WithKind(kind string) *Address {
address.Kind = &kind
return address
}

// WithParentIndex sets the ParentIndex
func (address *Address) WithParentIndex(parentIndex int) *Address {
i := uint(parentIndex)
address.ParentIndex = &i
return address
}
29 changes: 29 additions & 0 deletions v2/sarif/address_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
package sarif

import (
"testing"

"github.com/stretchr/testify/assert"
)

func Test_create_new_simple_address(t *testing.T) {

address := NewAddress().
WithIndex(1).
WithName("google").
WithFullyQualifiedName("https://www.google.com")

assert.Equal(t, `{"index":1,"name":"google","fullyQualifiedName":"https://www.google.com"}`, getJsonString(address))
}

func Test_create_new_absolute_address(t *testing.T) {

address := NewAddress().
WithIndex(1).
WithName("google").
WithAbsoluteAddress(1).
WithKind("url").
WithLength(10)

assert.Equal(t, `{"index":1,"absoluteAddress":1,"length":10,"name":"google","kind":"url"}`, getJsonString(address))
}
Loading

0 comments on commit b94bb5a

Please sign in to comment.