■ ■ ■ ■ ■ ■
pkg/report/output/output.go
| skipped 59 lines |
| 60 | 60 | | return GetDataflow(report, config, false) |
| 61 | 61 | | case flag.ReportSecurity: |
| 62 | 62 | | return reportSecurity(report, config) |
| | 63 | + | case flag.ReportSaaS: |
| | 64 | + | securityResults, _, dataflow, err := reportSecurity(report, config) |
| | 65 | + | if err != nil { |
| | 66 | + | return nil, nil, nil, err |
| | 67 | + | } |
| | 68 | + | |
| | 69 | + | meta, _ := getMeta(config) |
| | 70 | + | files := getDiscoveredFiles(config) |
| | 71 | + | |
| | 72 | + | return BearerReport{ |
| | 73 | + | Findings: securityResults, |
| | 74 | + | DataTypes: &dataflow.Datatypes, |
| | 75 | + | Components: &dataflow.Components, |
| | 76 | + | Files: files, |
| | 77 | + | Meta: *meta, |
| | 78 | + | }, nil, nil, nil |
| 63 | 79 | | case flag.ReportPrivacy: |
| 64 | 80 | | return getPrivacyReportOutput(report, config) |
| 65 | 81 | | case flag.ReportStats: |
| skipped 1 lines |
| 67 | 83 | | } |
| 68 | 84 | | |
| 69 | 85 | | return nil, nil, nil, fmt.Errorf(`--report flag "%s" is not supported`, config.Report.Report) |
| | 86 | + | } |
| | 87 | + | |
| | 88 | + | func getDiscoveredFiles(config settings.Config) []string { |
| | 89 | + | filesDiscovered, _ := filelist.Discover(config.Scan.Target, config) |
| | 90 | + | files := []string{} |
| | 91 | + | for _, fileDiscovered := range filesDiscovered { |
| | 92 | + | files = append(files, dataflowoutput.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath)) |
| | 93 | + | } |
| | 94 | + | |
| | 95 | + | return files |
| 70 | 96 | | } |
| 71 | 97 | | |
| 72 | 98 | | func GetPrivacyReportCSVOutput(report types.Report, lineOfCodeOutput *gocloc.Result, dataflow *dataflow.DataFlow, config settings.Config) (*string, error) { |
| skipped 137 lines |
| 210 | 236 | | return &tempDir, nil, err |
| 211 | 237 | | } |
| 212 | 238 | | |
| 213 | | - | filesDiscovered, _ := filelist.Discover(config.Scan.Target, config) |
| 214 | | - | files := []string{} |
| 215 | | - | for _, fileDiscovered := range filesDiscovered { |
| 216 | | - | files = append(files, dataflowoutput.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath)) |
| 217 | | - | } |
| | 239 | + | files := getDiscoveredFiles(config) |
| 218 | 240 | | |
| 219 | 241 | | content, _ := ReportJSON(&BearerReport{ |
| 220 | 242 | | Findings: securityResults, |
| skipped 16 lines |
| 237 | 259 | | } |
| 238 | 260 | | |
| 239 | 261 | | func getMeta(config settings.Config) (*Meta, error) { |
| | 262 | + | sha, err := exec.Command("git", "rev-parse", "HEAD").Output() |
| | 263 | + | if err != nil { |
| | 264 | + | log.Error().Msgf("couldn't get git info %s", err) |
| | 265 | + | return nil, err |
| | 266 | + | } |
| | 267 | + | |
| | 268 | + | currentBranch, err := exec.Command("git", "rev-parse", "--abbrev-ref", "HEAD").Output() |
| | 269 | + | if err != nil { |
| | 270 | + | log.Error().Msgf("couldn't get git info %s", err) |
| | 271 | + | return nil, err |
| | 272 | + | } |
| | 273 | + | |
| | 274 | + | defaultBranch, err := exec.Command("git", "rev-parse", "--abbrev-ref", "origin/HEAD").Output() |
| | 275 | + | if err != nil { |
| | 276 | + | log.Error().Msgf("couldn't get git info %s", err) |
| | 277 | + | return nil, err |
| | 278 | + | } |
| | 279 | + | |
| 240 | 280 | | output, err := exec.Command("git", "remote", "get-url", "origin").Output() |
| 241 | 281 | | if err != nil { |
| 242 | 282 | | log.Error().Msgf("couldn't get git info %s", err) |
| skipped 7 lines |
| 250 | 290 | | } |
| 251 | 291 | | |
| 252 | 292 | | return &Meta{ |
| 253 | | - | ID: info.ID, |
| 254 | | - | Host: string(info.Host), |
| 255 | | - | Username: info.Username, |
| 256 | | - | Name: info.Name, |
| 257 | | - | FullName: info.FullName, |
| 258 | | - | URL: info.Raw, |
| 259 | | - | Target: config.Scan.Target, |
| | 293 | + | ID: info.ID, |
| | 294 | + | Host: string(info.Host), |
| | 295 | + | Username: info.Username, |
| | 296 | + | Name: info.Name, |
| | 297 | + | FullName: info.FullName, |
| | 298 | + | URL: info.Raw, |
| | 299 | + | Target: config.Scan.Target, |
| | 300 | + | SHA: strings.TrimSuffix(string(sha), "\n"), |
| | 301 | + | CurrentBranch: strings.TrimSuffix(string(currentBranch), "\n"), |
| | 302 | + | DefaultBranch: strings.TrimPrefix(strings.TrimSuffix(string(defaultBranch), "\n"), "origin/"), |
| 260 | 303 | | }, nil |
| 261 | 304 | | } |
| 262 | 305 | | |
| 263 | 306 | | type Meta struct { |
| 264 | | - | ID string `json:"id" yaml:"id"` |
| 265 | | - | Host string `json:"host" yaml:"host"` |
| 266 | | - | Username string `json:"username" yaml:"username"` |
| 267 | | - | Name string `json:"name" yaml:"name"` |
| 268 | | - | URL string `json:"url" yaml:"url"` |
| 269 | | - | FullName string `json:"full_name" yaml:"full_name"` |
| 270 | | - | Target string `json:"target" yaml:"target"` |
| 271 | | - | SignedID string `json:"signed_id,omitempty" yaml:"signed_id,omitempty"` |
| | 307 | + | ID string `json:"id" yaml:"id"` |
| | 308 | + | Host string `json:"host" yaml:"host"` |
| | 309 | + | Username string `json:"username" yaml:"username"` |
| | 310 | + | Name string `json:"name" yaml:"name"` |
| | 311 | + | URL string `json:"url" yaml:"url"` |
| | 312 | + | FullName string `json:"full_name" yaml:"full_name"` |
| | 313 | + | Target string `json:"target" yaml:"target"` |
| | 314 | + | SHA string `json:"sha" yaml:"sha"` |
| | 315 | + | CurrentBranch string `json:"current_branch" yaml:"current_branch"` |
| | 316 | + | DefaultBranch string `json:"default_branch" yaml:"default_branch"` |
| | 317 | + | SignedID string `json:"signed_id,omitempty" yaml:"signed_id,omitempty"` |
| 272 | 318 | | } |
| 273 | 319 | | |
| 274 | 320 | | type BearerReport struct { |
| skipped 7 lines |
Cédric Fabianski
committed
with
GitHub
1 year ago
1 parent 048156e0