■ ■ ■ ■ ■ ■
pkg/report/output/output.go
| skipped 59 lines |
60 | 60 | | return GetDataflow(report, config, false) |
61 | 61 | | case flag.ReportSecurity: |
62 | 62 | | return reportSecurity(report, config) |
| 63 | + | case flag.ReportSaaS: |
| 64 | + | securityResults, _, dataflow, err := reportSecurity(report, config) |
| 65 | + | if err != nil { |
| 66 | + | return nil, nil, nil, err |
| 67 | + | } |
| 68 | + | |
| 69 | + | meta, _ := getMeta(config) |
| 70 | + | files := getDiscoveredFiles(config) |
| 71 | + | |
| 72 | + | return BearerReport{ |
| 73 | + | Findings: securityResults, |
| 74 | + | DataTypes: &dataflow.Datatypes, |
| 75 | + | Components: &dataflow.Components, |
| 76 | + | Files: files, |
| 77 | + | Meta: *meta, |
| 78 | + | }, nil, nil, nil |
63 | 79 | | case flag.ReportPrivacy: |
64 | 80 | | return getPrivacyReportOutput(report, config) |
65 | 81 | | case flag.ReportStats: |
| skipped 1 lines |
67 | 83 | | } |
68 | 84 | | |
69 | 85 | | return nil, nil, nil, fmt.Errorf(`--report flag "%s" is not supported`, config.Report.Report) |
| 86 | + | } |
| 87 | + | |
| 88 | + | func getDiscoveredFiles(config settings.Config) []string { |
| 89 | + | filesDiscovered, _ := filelist.Discover(config.Scan.Target, config) |
| 90 | + | files := []string{} |
| 91 | + | for _, fileDiscovered := range filesDiscovered { |
| 92 | + | files = append(files, dataflowoutput.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath)) |
| 93 | + | } |
| 94 | + | |
| 95 | + | return files |
70 | 96 | | } |
71 | 97 | | |
72 | 98 | | func GetPrivacyReportCSVOutput(report types.Report, lineOfCodeOutput *gocloc.Result, dataflow *dataflow.DataFlow, config settings.Config) (*string, error) { |
| skipped 137 lines |
210 | 236 | | return &tempDir, nil, err |
211 | 237 | | } |
212 | 238 | | |
213 | | - | filesDiscovered, _ := filelist.Discover(config.Scan.Target, config) |
214 | | - | files := []string{} |
215 | | - | for _, fileDiscovered := range filesDiscovered { |
216 | | - | files = append(files, dataflowoutput.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath)) |
217 | | - | } |
| 239 | + | files := getDiscoveredFiles(config) |
218 | 240 | | |
219 | 241 | | content, _ := ReportJSON(&BearerReport{ |
220 | 242 | | Findings: securityResults, |
| skipped 16 lines |
237 | 259 | | } |
238 | 260 | | |
239 | 261 | | func getMeta(config settings.Config) (*Meta, error) { |
| 262 | + | sha, err := exec.Command("git", "rev-parse", "HEAD").Output() |
| 263 | + | if err != nil { |
| 264 | + | log.Error().Msgf("couldn't get git info %s", err) |
| 265 | + | return nil, err |
| 266 | + | } |
| 267 | + | |
| 268 | + | currentBranch, err := exec.Command("git", "rev-parse", "--abbrev-ref", "HEAD").Output() |
| 269 | + | if err != nil { |
| 270 | + | log.Error().Msgf("couldn't get git info %s", err) |
| 271 | + | return nil, err |
| 272 | + | } |
| 273 | + | |
| 274 | + | defaultBranch, err := exec.Command("git", "rev-parse", "--abbrev-ref", "origin/HEAD").Output() |
| 275 | + | if err != nil { |
| 276 | + | log.Error().Msgf("couldn't get git info %s", err) |
| 277 | + | return nil, err |
| 278 | + | } |
| 279 | + | |
240 | 280 | | output, err := exec.Command("git", "remote", "get-url", "origin").Output() |
241 | 281 | | if err != nil { |
242 | 282 | | log.Error().Msgf("couldn't get git info %s", err) |
| skipped 7 lines |
250 | 290 | | } |
251 | 291 | | |
252 | 292 | | return &Meta{ |
253 | | - | ID: info.ID, |
254 | | - | Host: string(info.Host), |
255 | | - | Username: info.Username, |
256 | | - | Name: info.Name, |
257 | | - | FullName: info.FullName, |
258 | | - | URL: info.Raw, |
259 | | - | Target: config.Scan.Target, |
| 293 | + | ID: info.ID, |
| 294 | + | Host: string(info.Host), |
| 295 | + | Username: info.Username, |
| 296 | + | Name: info.Name, |
| 297 | + | FullName: info.FullName, |
| 298 | + | URL: info.Raw, |
| 299 | + | Target: config.Scan.Target, |
| 300 | + | SHA: strings.TrimSuffix(string(sha), "\n"), |
| 301 | + | CurrentBranch: strings.TrimSuffix(string(currentBranch), "\n"), |
| 302 | + | DefaultBranch: strings.TrimPrefix(strings.TrimSuffix(string(defaultBranch), "\n"), "origin/"), |
260 | 303 | | }, nil |
261 | 304 | | } |
262 | 305 | | |
263 | 306 | | type Meta struct { |
264 | | - | ID string `json:"id" yaml:"id"` |
265 | | - | Host string `json:"host" yaml:"host"` |
266 | | - | Username string `json:"username" yaml:"username"` |
267 | | - | Name string `json:"name" yaml:"name"` |
268 | | - | URL string `json:"url" yaml:"url"` |
269 | | - | FullName string `json:"full_name" yaml:"full_name"` |
270 | | - | Target string `json:"target" yaml:"target"` |
271 | | - | SignedID string `json:"signed_id,omitempty" yaml:"signed_id,omitempty"` |
| 307 | + | ID string `json:"id" yaml:"id"` |
| 308 | + | Host string `json:"host" yaml:"host"` |
| 309 | + | Username string `json:"username" yaml:"username"` |
| 310 | + | Name string `json:"name" yaml:"name"` |
| 311 | + | URL string `json:"url" yaml:"url"` |
| 312 | + | FullName string `json:"full_name" yaml:"full_name"` |
| 313 | + | Target string `json:"target" yaml:"target"` |
| 314 | + | SHA string `json:"sha" yaml:"sha"` |
| 315 | + | CurrentBranch string `json:"current_branch" yaml:"current_branch"` |
| 316 | + | DefaultBranch string `json:"default_branch" yaml:"default_branch"` |
| 317 | + | SignedID string `json:"signed_id,omitempty" yaml:"signed_id,omitempty"` |
272 | 318 | | } |
273 | 319 | | |
274 | 320 | | type BearerReport struct { |
| skipped 7 lines |