Skip to content

Commit

Permalink
use results context
Browse files Browse the repository at this point in the history
  • Loading branch information
attiasas committed Dec 22, 2024
1 parent f11f066 commit 552b5c7
Show file tree
Hide file tree
Showing 7 changed files with 17 additions and 83 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@
## 📗 Scan Summary

---
- Frogbot scanned for violations and vulnerabilities and found 9 issues
- Frogbot scanned for violations and vulnerabilities and found 13 issues

| Scan Category | Status | Security Issues |
| --------------------- | :-----------------------------------: | ----------------------------------- |
| **Software Composition Analysis** | ✅ Done | 6 Issues Found: ❗️ 1 Critical, 🔴 2 High, 🟠 1 Medium, 🟡 1 Low, ⚪️ 1 Unknown |
| **Software Composition Analysis** | ✅ Done | 9 Issues Found: ❗️ 2 Critical, 🔴 3 High, 🟠 2 Medium, 🟡 1 Low, ⚪️ 1 Unknown |
| **Contextual Analysis** | ✅ Done | - |
| **Static Application Security Testing (SAST)** | ✅ Done | 3 Issues Found: 🔴 2 High, 🟡 1 Low |
| **Static Application Security Testing (SAST)** | ✅ Done | 4 Issues Found: 🔴 3 High, 🟡 1 Low |
| **Secrets** | ✅ Done | - |
| **Infrastructure as Code (IaC)** | ℹ️ Not Scanned | - |
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@

## 📗 Scan Summary
- Frogbot scanned for violations and vulnerabilities and found 9 issues
- Frogbot scanned for violations and vulnerabilities and found 13 issues

| Scan Category | Status | Security Issues |
| --------------------- | :-----------------------------------: | ----------------------------------- |
| **Software Composition Analysis** | ✅ Done | <details><summary><b>6 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallCritical.svg" alt=""/> 1 Critical<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 2 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallMedium.svg" alt=""/> 1 Medium<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallUnknown.svg" alt=""/> 1 Unknown<br></details> |
| **Software Composition Analysis** | ✅ Done | <details><summary><b>9 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallCritical.svg" alt=""/> 2 Critical<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 3 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallMedium.svg" alt=""/> 2 Medium<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallUnknown.svg" alt=""/> 1 Unknown<br></details> |
| **Contextual Analysis** | ✅ Done | - |
| **Static Application Security Testing (SAST)** | ✅ Done | <details><summary><b>3 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 2 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br></details> |
| **Static Application Security Testing (SAST)** | ✅ Done | <details><summary><b>4 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 3 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br></details> |
| **Secrets** | ✅ Done | - |
| **Infrastructure as Code (IaC)** | ℹ️ Not Scanned | - |
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@
## 📗 Scan Summary

---
- Frogbot scanned for violations and found 9 issues
- Frogbot scanned for violations and found 4 issues

| Scan Category | Status | Security Issues |
| --------------------- | :-----------------------------------: | ----------------------------------- |
| **Software Composition Analysis** | ✅ Done | 6 Issues Found: ❗️ 1 Critical, 🔴 2 High, 🟠 1 Medium, 🟡 1 Low, ⚪️ 1 Unknown |
| **Software Composition Analysis** | ✅ Done | 3 Issues Found: ❗️ 1 Critical, 🔴 1 High, 🟠 1 Medium |
| **Contextual Analysis** | ✅ Done | - |
| **Static Application Security Testing (SAST)** | ✅ Done | 3 Issues Found: 🔴 2 High, 🟡 1 Low |
| **Static Application Security Testing (SAST)** | ✅ Done | 1 Issues Found: 🔴 1 High |
| **Secrets** | ✅ Done | - |
| **Infrastructure as Code (IaC)** | ℹ️ Not Scanned | - |
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@

## 📗 Scan Summary
- Frogbot scanned for violations and found 9 issues
- Frogbot scanned for violations and found 4 issues

| Scan Category | Status | Security Issues |
| --------------------- | :-----------------------------------: | ----------------------------------- |
| **Software Composition Analysis** | ✅ Done | <details><summary><b>6 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallCritical.svg" alt=""/> 1 Critical<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 2 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallMedium.svg" alt=""/> 1 Medium<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallUnknown.svg" alt=""/> 1 Unknown<br></details> |
| **Software Composition Analysis** | ✅ Done | <details><summary><b>3 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallCritical.svg" alt=""/> 1 Critical<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 1 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallMedium.svg" alt=""/> 1 Medium<br></details> |
| **Contextual Analysis** | ✅ Done | - |
| **Static Application Security Testing (SAST)** | ✅ Done | <details><summary><b>3 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 2 High<br><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallLow.svg" alt=""/> 1 Low<br></details> |
| **Static Application Security Testing (SAST)** | ✅ Done | <details><summary><b>1 Issues Found</b></summary><img src="https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/smallHigh.svg" alt=""/> 1 High<br></details> |
| **Secrets** | ✅ Done | - |
| **Infrastructure as Code (IaC)** | ℹ️ Not Scanned | - |
5 changes: 3 additions & 2 deletions utils/outputwriter/outputcontent_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -234,9 +234,9 @@ func TestScanSummaryContent(t *testing.T) {

testCases := []struct {
name string
context results.ResultContext
includeSecrets bool
scanStatus formats.ScanStatus
context results.ResultContext
issues issues.ScansIssuesCollection
cases []OutputTestCase
}{
Expand All @@ -261,7 +261,7 @@ func TestScanSummaryContent(t *testing.T) {
name: "Vulnerabilities",
issues: testIssues,
scanStatus: testScanStatus,
context: results.ResultContext{GitRepoHttpsCloneUrl: "url", IncludeVulnerabilities: true},
context: results.ResultContext{IncludeVulnerabilities: true},
cases: []OutputTestCase{
{
name: "Standard output",
Expand Down Expand Up @@ -338,6 +338,7 @@ func TestScanSummaryContent(t *testing.T) {
t.Run(tc.name+"_"+test.name, func(t *testing.T) {
expectedOutput := GetExpectedTestOutput(t, test)
tc.issues.ScanStatus = tc.scanStatus
tc.issues.ResultContext = tc.context
output := ScanSummaryContent(tc.issues, tc.context, tc.includeSecrets, test.writer)
assert.Equal(t, expectedOutput, output)
})
Expand Down
5 changes: 0 additions & 5 deletions utils/scandetails.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,11 +70,6 @@ func (sc *ScanDetails) SetResultsContext(httpCloneUrl string, watches []string,
return sc
}

// func (sc *ScanDetails) SetXrayGraphScanParams(httpCloneUrl string, watches []string, jfrogProjectKey string, includeVulnerabilities, includeLicenses bool) *ScanDetails {
// sc.XrayGraphScanParams = createXrayScanParams(httpCloneUrl, watches, jfrogProjectKey, includeVulnerabilities, includeLicenses)
// return sc
// }

func (sc *ScanDetails) SetFixableOnly(fixable bool) *ScanDetails {
sc.fixableOnly = fixable
return sc
Expand Down
66 changes: 2 additions & 64 deletions utils/scandetails_test.go
Original file line number Diff line number Diff line change
@@ -1,73 +1,11 @@
package utils

import (
"github.com/stretchr/testify/assert"
"path/filepath"
"testing"
)

func TestCreateResultsContext(t *testing.T) {
testCases := []struct {
name string
httpCloneUrl string
watches []string
jfrogProjectKey string
includeVulnerabilities bool
includeLicenses bool
}{
{
name: "Violations and Vulnerabilities",
httpCloneUrl: "http://localhost:8080/my-user/my-project.git",
watches: []string{"watch-1", "watch-2"},
jfrogProjectKey: "project",
includeVulnerabilities: true,
includeLicenses: true,
},
{
name: "Violations - Project key",
httpCloneUrl: "",
watches: nil,
jfrogProjectKey: "project",
includeVulnerabilities: false,
includeLicenses: true,
},
{
name: "Violations - Watches",
httpCloneUrl: "",
watches: []string{"watch-1", "watch-2"},
jfrogProjectKey: "",
includeVulnerabilities: false,
includeLicenses: false,
},
{
name: "Violations - GitInfoContext",
httpCloneUrl: "http://localhost:8080/my-user/my-project.git",
watches: nil,
jfrogProjectKey: "",
includeVulnerabilities: false,
includeLicenses: false,
},
{
name: "Vulnerabilities",
httpCloneUrl: "",
watches: nil,
jfrogProjectKey: "",
includeVulnerabilities: true,
includeLicenses: true,
},
}
for _, testCase := range testCases {
t.Run(testCase.name, func(t *testing.T) {
scanDetails := &ScanDetails{}
scanDetails.SetResultsContext(testCase.httpCloneUrl, testCase.watches, testCase.jfrogProjectKey, testCase.includeVulnerabilities, testCase.includeLicenses)
assert.Equal(t, testCase.httpCloneUrl, scanDetails.XscGitInfoContext.GitRepoHttpsCloneUrl)
assert.Equal(t, testCase.watches, scanDetails.Watches)
assert.Equal(t, testCase.jfrogProjectKey, scanDetails.ProjectKey)
assert.Equal(t, testCase.includeVulnerabilities, scanDetails.IncludeVulnerabilities)
assert.Equal(t, testCase.includeLicenses, scanDetails.IncludeLicenses)
})
}
}
"github.com/stretchr/testify/assert"
)

func TestGetFullPathWorkingDirs(t *testing.T) {
sampleProject := Project{
Expand Down

0 comments on commit 552b5c7

Please sign in to comment.