Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/dev' into fix_xray_sarif
Browse files Browse the repository at this point in the history
  • Loading branch information
attiasas committed Sep 27, 2023
2 parents 57e71bd + 7a180ec commit a49e5a4
Show file tree
Hide file tree
Showing 6 changed files with 149 additions and 82 deletions.
18 changes: 9 additions & 9 deletions xray/commands/audit/audit.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,15 +109,15 @@ func (auditCmd *AuditCommand) Run() (err error) {
// Print Scan results on all cases except if errors accrued on SCA scan and no security/license issues found.
printScanResults := !(auditResults.ScaError != nil && xrayutils.IsEmptyScanResponse(auditResults.ExtendedScanResults.XrayResults))
if printScanResults {
err = xrayutils.PrintScanResults(auditResults.ExtendedScanResults,
nil,
auditCmd.OutputFormat(),
auditCmd.IncludeVulnerabilities,
auditCmd.IncludeLicenses,
auditResults.IsMultipleRootProject,
auditCmd.PrintExtendedTable, false, messages,
)
if err != nil {
if err = xrayutils.NewResultsWriter(auditResults.ExtendedScanResults).
SetIsMultipleRootProject(auditResults.IsMultipleRootProject).
SetIncludeVulnerabilities(auditCmd.IncludeVulnerabilities).
SetIncludeLicenses(auditCmd.IncludeLicenses).
SetOutputFormat(auditCmd.OutputFormat()).
SetPrintExtendedTable(auditCmd.PrintExtendedTable).
SetExtraMessages(messages).
SetScanType(services.Dependency).
PrintScanResults(); err != nil {
return
}
}
Expand Down
18 changes: 13 additions & 5 deletions xray/commands/scan/buildscan.go
Original file line number Diff line number Diff line change
Expand Up @@ -128,22 +128,30 @@ func (bsc *BuildScanCommand) runBuildScanAndPrintResults(xrayManager *xray.XrayS

extendedScanResults := &xrutils.ExtendedScanResults{XrayResults: scanResponse}

resultsPrinter := xrutils.NewResultsWriter(extendedScanResults).
SetOutputFormat(bsc.outputFormat).
SetIncludeVulnerabilities(bsc.includeVulnerabilities).
SetIncludeLicenses(false).
SetIsMultipleRootProject(true).
SetPrintExtendedTable(bsc.printExtendedTable).
SetScanType(services.Binary).
SetExtraMessages(nil)

if bsc.outputFormat != xrutils.Table {
// Print the violations and/or vulnerabilities as part of one JSON.
err = xrutils.PrintScanResults(extendedScanResults, nil, bsc.outputFormat, false, false, false, bsc.printExtendedTable, true, nil)
err = resultsPrinter.PrintScanResults()
} else {
// Print two different tables for violations and vulnerabilities (if needed)

// If "No Xray Fail build policy...." error received, no need to print violations
if !noFailBuildPolicy {
err = xrutils.PrintScanResults(extendedScanResults, nil, bsc.outputFormat, false, false, false, bsc.printExtendedTable, true, nil)
if err != nil {
if err = resultsPrinter.PrintScanResults(); err != nil {
return false, err
}
}
if bsc.includeVulnerabilities {
err = xrutils.PrintScanResults(extendedScanResults, nil, bsc.outputFormat, true, false, false, bsc.printExtendedTable, true, nil)
if err != nil {
resultsPrinter.SetIncludeVulnerabilities(true)
if err = resultsPrinter.PrintScanResults(); err != nil {
return false, err
}
}
Expand Down
20 changes: 12 additions & 8 deletions xray/commands/scan/scan.go
Original file line number Diff line number Diff line change
Expand Up @@ -242,14 +242,18 @@ func (scanCmd *ScanCommand) Run() (err error) {
scanErrors = appendErrorSlice(scanErrors, fileProducerErrors)
scanErrors = appendErrorSlice(scanErrors, indexedFileProducerErrors)
extendedScanResults := &xrutils.ExtendedScanResults{XrayResults: flatResults}
err = xrutils.PrintScanResults(extendedScanResults,
scanErrors,
scanCmd.outputFormat,
scanCmd.includeVulnerabilities,
scanCmd.includeLicenses,
true,
scanCmd.printExtendedTable, true, nil,
)

if err = xrutils.NewResultsWriter(extendedScanResults).
SetOutputFormat(scanCmd.outputFormat).
SetIncludeVulnerabilities(scanCmd.includeVulnerabilities).
SetIncludeLicenses(scanCmd.includeLicenses).
SetPrintExtendedTable(scanCmd.printExtendedTable).
SetIsMultipleRootProject(true).
SetScanType(services.Binary).
PrintScanResults(); err != nil {
return
}

if err != nil {
return err
}
Expand Down
12 changes: 6 additions & 6 deletions xray/utils/resultstable.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,13 @@ const (
// In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned.
// Set printExtended to true to print fields with 'extended' tag.
// If the scan argument is set to true, print the scan tables.
func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, printExtended, isBinaryScan bool) error {
func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, printExtended bool, scanType services.ScanType) error {
securityViolationsRows, licenseViolationsRows, operationalRiskViolationsRows, err := prepareViolations(violations, extendedResults, multipleRoots, true, true)
if err != nil {
return err
}
// Print tables, if scan is true; print the scan tables.
if isBinaryScan {
if scanType == services.Binary {
err = coreutils.PrintTable(formats.ConvertToVulnerabilityScanTableRow(securityViolationsRows), "Security Violations", "No security violations were found", printExtended)
if err != nil {
return err
Expand Down Expand Up @@ -182,13 +182,13 @@ func prepareViolations(violations []services.Violation, extendedResults *Extende
// In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child.
// Set printExtended to true to print fields with 'extended' tag.
// If the scan argument is set to true, print the scan tables.
func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, printExtended, isBinaryScan bool) error {
func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, printExtended bool, scanType services.ScanType) error {
vulnerabilitiesRows, err := prepareVulnerabilities(vulnerabilities, extendedResults, multipleRoots, true, true)
if err != nil {
return err
}

if isBinaryScan {
if scanType == services.Binary {
return coreutils.PrintTable(formats.ConvertToVulnerabilityScanTableRow(vulnerabilitiesRows), "Vulnerable Components", "✨ No vulnerable components were found ✨", printExtended)
}
var emptyTableMessage string
Expand Down Expand Up @@ -266,12 +266,12 @@ func sortVulnerabilityOrViolationRows(rows []formats.VulnerabilityOrViolationRow
// In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child.
// Set printExtended to true to print fields with 'extended' tag.
// If the scan argument is set to true, print the scan tables.
func PrintLicensesTable(licenses []services.License, printExtended, isBinaryScan bool) error {
func PrintLicensesTable(licenses []services.License, printExtended bool, scanType services.ScanType) error {
licensesRows, err := PrepareLicenses(licenses)
if err != nil {
return err
}
if isBinaryScan {
if scanType == services.Binary {
return coreutils.PrintTable(formats.ConvertToLicenseScanTableRow(licensesRows), "Licenses", "No licenses were found", printExtended)
}
return coreutils.PrintTable(formats.ConvertToLicenseTableRow(licensesRows), "Licenses", "No licenses were found", printExtended)
Expand Down
2 changes: 1 addition & 1 deletion xray/utils/resultstable_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ func TestPrintViolationsTable(t *testing.T) {
}

for _, test := range tests {
err := PrintViolationsTable(test.violations, &ExtendedScanResults{}, false, true, true)
err := PrintViolationsTable(test.violations, &ExtendedScanResults{}, false, true, services.Binary)
assert.NoError(t, err)
if CheckIfFailBuild([]services.ScanResponse{{Violations: test.violations}}) {
err = NewFailBuildError()
Expand Down
Loading

0 comments on commit a49e5a4

Please sign in to comment.