From 3b9c0c657d468dbfcfcc2e462811677c4a67da26 Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Tue, 11 Jul 2023 12:49:34 +0600
Subject: [PATCH 1/3] feat: add the occurrences field

---
 pkg/scan/flat.go   |  2 ++
 pkg/scan/result.go | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/pkg/scan/flat.go b/pkg/scan/flat.go
index 5e7b9d566..00c075ac2 100755
--- a/pkg/scan/flat.go
+++ b/pkg/scan/flat.go
@@ -20,6 +20,7 @@ type FlatResult struct {
 	Warning         bool               `json:"warning"`
 	Status          Status             `json:"status"`
 	Resource        string             `json:"resource"`
+	Occurrences     []Occurrence       `json:"occurrences,omitempty"`
 	Location        FlatRange          `json:"location"`
 }
 
@@ -60,6 +61,7 @@ func (r *Result) Flatten() FlatResult {
 		Severity:        r.rule.Severity,
 		Status:          r.status,
 		Resource:        resMetadata.Reference(),
+		Occurrences:     r.Occurrences(),
 		Warning:         r.IsWarning(),
 		Location: FlatRange{
 			Filename:  rng.GetFilename(),
diff --git a/pkg/scan/result.go b/pkg/scan/result.go
index 0caf9bd4b..2e112bba7 100755
--- a/pkg/scan/result.go
+++ b/pkg/scan/result.go
@@ -336,3 +336,37 @@ func rawToString(raw interface{}) string {
 		return "?"
 	}
 }
+
+type Occurrence struct {
+	Resource  string `json:"resource"`
+	Filename  string `json:"filename"`
+	StartLine int    `json:"start_line"`
+	EndLine   int    `json:"end_line"`
+}
+
+func (r *Result) Occurrences() []Occurrence {
+	var occurrences []Occurrence
+
+	mod := &r.metadata
+	prevFileName := mod.Range().GetFilename()
+
+	for {
+		mod = mod.Parent()
+		if mod == nil {
+			break
+		}
+		parentRange := mod.Range()
+		fileName := parentRange.GetFilename()
+		if fileName == prevFileName {
+			continue
+		}
+		prevFileName = fileName
+		occurrences = append(occurrences, Occurrence{
+			Resource:  mod.Reference(),
+			Filename:  parentRange.GetFilename(),
+			StartLine: parentRange.GetStartLine(),
+			EndLine:   parentRange.GetEndLine(),
+		})
+	}
+	return occurrences
+}

From adca09a7b3490df92b74fae629baca4245db04b6 Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Fri, 14 Jul 2023 13:13:46 +0600
Subject: [PATCH 2/3] include all occurrences

---
 pkg/scan/result.go | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/pkg/scan/result.go b/pkg/scan/result.go
index 2e112bba7..37b9e154a 100755
--- a/pkg/scan/result.go
+++ b/pkg/scan/result.go
@@ -348,7 +348,6 @@ func (r *Result) Occurrences() []Occurrence {
 	var occurrences []Occurrence
 
 	mod := &r.metadata
-	prevFileName := mod.Range().GetFilename()
 
 	for {
 		mod = mod.Parent()
@@ -356,11 +355,6 @@ func (r *Result) Occurrences() []Occurrence {
 			break
 		}
 		parentRange := mod.Range()
-		fileName := parentRange.GetFilename()
-		if fileName == prevFileName {
-			continue
-		}
-		prevFileName = fileName
 		occurrences = append(occurrences, Occurrence{
 			Resource:  mod.Reference(),
 			Filename:  parentRange.GetFilename(),

From bd06b9a52ee763ca250b46615620ce6b68059b4c Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Mon, 17 Jul 2023 18:32:45 +0600
Subject: [PATCH 3/3] add a test

---
 pkg/scan/result_test.go | 56 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 pkg/scan/result_test.go

diff --git a/pkg/scan/result_test.go b/pkg/scan/result_test.go
new file mode 100644
index 000000000..808efbe28
--- /dev/null
+++ b/pkg/scan/result_test.go
@@ -0,0 +1,56 @@
+package scan_test
+
+import (
+	"testing"
+
+	"github.com/aquasecurity/defsec/pkg/scan"
+	"github.com/aquasecurity/defsec/pkg/types"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_Occurrences(t *testing.T) {
+	tests := []struct {
+		name     string
+		factory  func() *scan.Result
+		expected []scan.Occurrence
+	}{
+		{
+			name: "happy",
+			factory: func() *scan.Result {
+				r := scan.Result{}
+				causeResourceMeta := types.NewMetadata(types.NewRange(
+					"main.tf", 1, 13, "", nil,
+				), "module.aws-security-groups[\"db1\"]")
+
+				parentMeta := types.NewMetadata(types.NewRange(
+					"terraform-aws-modules/security-group/aws/main.tf", 191, 227, "", nil,
+				), "aws_security_group_rule.ingress_with_cidr_blocks[0]").WithParent(causeResourceMeta)
+
+				r.OverrideMetadata(types.NewMetadata(types.NewRange(
+					"terraform-aws-modules/security-group/aws/main.tf", 197, 204, "", nil,
+				), "aws_security_group_rule.ingress_with_cidr_blocks").WithParent(parentMeta))
+				return &r
+			},
+			expected: []scan.Occurrence{
+				{
+					Resource:  "aws_security_group_rule.ingress_with_cidr_blocks[0]",
+					Filename:  "terraform-aws-modules/security-group/aws/main.tf",
+					StartLine: 191,
+					EndLine:   227,
+				},
+				{
+					Resource:  "module.aws-security-groups[\"db1\"]",
+					Filename:  "main.tf",
+					StartLine: 1,
+					EndLine:   13,
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			assert.Equal(t, tt.expected, tt.factory().Occurrences())
+		})
+	}
+}