From 7ac59492d971000d6baa009cf34467a722465ffe Mon Sep 17 00:00:00 2001 From: attiasas Date: Wed, 25 Sep 2024 18:51:50 +0300 Subject: [PATCH] continue --- utils/results/conversion/convertor_test.go | 21 ++++++++++++------- .../conversion/sarifparser/sarifparser.go | 4 ++-- .../sarifparser/sarifparser_test.go | 2 +- utils/validations/test_validate_sarif.go | 1 + .../validations/test_validate_simple_json.go | 3 ++- 5 files changed, 20 insertions(+), 11 deletions(-) diff --git a/utils/results/conversion/convertor_test.go b/utils/results/conversion/convertor_test.go index 3aa560a4..ae247d27 100644 --- a/utils/results/conversion/convertor_test.go +++ b/utils/results/conversion/convertor_test.go @@ -2,7 +2,6 @@ package conversion import ( "fmt" - "os" "path/filepath" "testing" @@ -47,13 +46,21 @@ func getAuditValidationParams() validations.ValidationParams { func getDockerScanValidationParams(unique bool) validations.ValidationParams { params := validations.ValidationParams{ ExactResultsMatch: true, - Vulnerabilities: 11, - Applicable: 3, - NotApplicable: 3, - NotCovered: 1, - Undetermined: 1, Secrets: 3, } + if unique { + params.Vulnerabilities = 11 + params.Applicable = 3 + params.NotApplicable = 3 + params.NotCovered = 1 + params.Undetermined = 1 + } else { + params.Vulnerabilities = 14 + params.Applicable = 5 + params.NotApplicable = 4 + params.NotCovered = 1 + params.Undetermined = 1 + } return params } @@ -135,7 +142,7 @@ func validateSimpleJsonConversion(t *testing.T, expectedResults formats.SimpleJs return } validationParams.Actual = actualResults - + validations.ValidateCommandSimpleJsonOutput(t, validationParams) } diff --git a/utils/results/conversion/sarifparser/sarifparser.go b/utils/results/conversion/sarifparser/sarifparser.go index a648e1c4..33e70919 100644 --- a/utils/results/conversion/sarifparser/sarifparser.go +++ b/utils/results/conversion/sarifparser/sarifparser.go @@ -34,7 +34,7 @@ const ( maxPossibleCve = 10.0 // #nosec G101 -- Not credentials. - binarySecretScannerToolName = "JFrog Binary Secrets Scanner" + BinarySecretScannerToolName = "JFrog Binary Secrets Scanner" ScaScannerToolName = "JFrog Xray Scanner" ) @@ -424,7 +424,7 @@ func patchRunsToPassIngestionRules(cmdType utils.CommandType, subScanType utils. patched := sarifutils.CopyRunMetadata(run) if cmdType.IsTargetBinary() && subScanType == utils.SecretsScan { // Patch the tool name in case of binary scan - sarifutils.SetRunToolName(binarySecretScannerToolName, patched) + sarifutils.SetRunToolName(BinarySecretScannerToolName, patched) } if patched.Tool.Driver != nil { patched.Tool.Driver.Rules = patchRules(cmdType, subScanType, run.Tool.Driver.Rules...) diff --git a/utils/results/conversion/sarifparser/sarifparser_test.go b/utils/results/conversion/sarifparser/sarifparser_test.go index e98a5f9f..6cc29dd2 100644 --- a/utils/results/conversion/sarifparser/sarifparser_test.go +++ b/utils/results/conversion/sarifparser/sarifparser_test.go @@ -404,7 +404,7 @@ func TestPatchRunsToPassIngestionRules(t *testing.T) { expectedResults: []*sarif.Run{ { Tool: sarif.Tool{ - Driver: sarifutils.CreateDummyDriver(binarySecretScannerToolName, &sarif.ReportingDescriptor{ + Driver: sarifutils.CreateDummyDriver(BinarySecretScannerToolName, &sarif.ReportingDescriptor{ ID: "rule", ShortDescription: sarif.NewMultiformatMessageString("[Secret in Binary found] "), }), diff --git a/utils/validations/test_validate_sarif.go b/utils/validations/test_validate_sarif.go index f6b8968d..aab6425f 100644 --- a/utils/validations/test_validate_sarif.go +++ b/utils/validations/test_validate_sarif.go @@ -47,6 +47,7 @@ func ValidateSarifIssuesCount(t *testing.T, params ValidationParams, report *sar iac := sarifutils.GetResultsLocationCount(sarifutils.GetRunsByToolName(report, IacToolName)...) vulnerabilities += iac secrets := sarifutils.GetResultsLocationCount(sarifutils.GetRunsByToolName(report, SecretsToolName)...) + secrets += sarifutils.GetResultsLocationCount(sarifutils.GetRunsByToolName(report, sarifparser.BinarySecretScannerToolName)...) vulnerabilities += secrets sast := sarifutils.GetResultsLocationCount(sarifutils.GetRunsByToolName(report, SastToolName)...) vulnerabilities += sast diff --git a/utils/validations/test_validate_simple_json.go b/utils/validations/test_validate_simple_json.go index 16b42cf1..908ebe29 100644 --- a/utils/validations/test_validate_simple_json.go +++ b/utils/validations/test_validate_simple_json.go @@ -66,9 +66,10 @@ func ValidateSimpleJsonIssuesCount(t *testing.T, params ValidationParams, result } } } + vulnerabilitiesCount := len(results.Vulnerabilities) + len(results.Secrets) + len(results.Sast) + len(results.Iacs) ValidateContent(t, params.ExactResultsMatch, - CountValidation[int]{Expected: params.Vulnerabilities, Actual: len(results.Vulnerabilities), Msg: GetValidationCountErrMsg("vulnerabilities", "simple-json", params.ExactResultsMatch, params.Vulnerabilities, len(results.Vulnerabilities))}, + CountValidation[int]{Expected: params.Vulnerabilities, Actual: vulnerabilitiesCount, Msg: GetValidationCountErrMsg("vulnerabilities", "simple-json", params.ExactResultsMatch, params.Vulnerabilities, vulnerabilitiesCount)}, CountValidation[int]{Expected: params.Sast, Actual: len(results.Sast), Msg: GetValidationCountErrMsg("sast", "simple-json", params.ExactResultsMatch, params.Sast, len(results.Sast))}, CountValidation[int]{Expected: params.Iac, Actual: len(results.Iacs), Msg: GetValidationCountErrMsg("IaC", "simple-json", params.ExactResultsMatch, params.Iac, len(results.Iacs))}, CountValidation[int]{Expected: params.Secrets, Actual: len(results.Secrets), Msg: GetValidationCountErrMsg("secrets", "simple-json", params.ExactResultsMatch, params.Secrets, len(results.Secrets))},