From c61cdc0486277fa4b80ef8debec7e2a9059c44aa Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Tue, 2 Nov 2021 14:03:01 +0100 Subject: [PATCH] Add missing fields required by GitHub Code Scanning --- main.go | 2 -- sarif/sarif.go | 34 ++++++++++++++++++++++++++++++++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index ddd5499..738ba8a 100644 --- a/main.go +++ b/main.go @@ -18,13 +18,11 @@ func main() { if err != nil { log.Fatal("Error when parsing file: ", err) } - // fmt.Printf("containerScan: %+v", containerScan) sarifReport, err := sarif.FromContainerScan(containerScan) if err != nil { log.Fatal("Could not construct SARIF report from Container Scan input: ", err) } - // fmt.Printf("sarifReport: %+v", sarifReport) sarifWriteErr := sarifReport.WriteTo(*outputPath) if sarifWriteErr != nil { diff --git a/sarif/sarif.go b/sarif/sarif.go index b1c9fd3..3a781e9 100644 --- a/sarif/sarif.go +++ b/sarif/sarif.go @@ -75,6 +75,8 @@ type SarifReportRunResultLocationPhysicalLocationArtifactLocation struct { type SarifReportRunResultLocationPhysicalLocationRegion struct { StartLine *int `json:"startLine,omitempty"` StartColumn *int `json:"startColumn,omitempty"` + EndLine *int `json:"endLine,omitempty"` + EndColumn *int `json:"endColumn,omitempty"` } func FromContainerScan(containerScanReport containerscan.ContainerScan) (SarifReport, error) { @@ -125,7 +127,9 @@ func FromContainerScan(containerScanReport containerscan.ContainerScan) (SarifRe FullDescription: SarifReportRunToolDriverRuleDescription{ Text: vulnerability.Description, }, - HelpUri: &helpUri, + Help: &SarifReportRunToolDriverRuleDescription{ + Text: helpUri, + }, } } sarifRunResult := SarifReportRunResult{ @@ -135,12 +139,20 @@ func FromContainerScan(containerScanReport containerscan.ContainerScan) (SarifRe Text: vulnerability.Description, }, } + //startLine, endLine, startColumn, endColumn + physicalLocationRegion := []int { 1, 1, 1, 1} sarifRunResult.Locations = append(sarifRunResult.Locations, SarifReportRunResultLocation{ PhysicalLocation: SarifReportRunResultLocationPhysicalLocation{ ArtifactLocation: SarifReportRunResultLocationPhysicalLocationArtifactLocation{ Uri: toPathUri(vulnerability.Target), }, + Region: &SarifReportRunResultLocationPhysicalLocationRegion{ + StartLine: &physicalLocationRegion[0], + EndLine: &physicalLocationRegion[1], + StartColumn: &physicalLocationRegion[2], + EndColumn: &physicalLocationRegion[3], + }, }, }) sarifReportRun.Results = append(sarifReportRun.Results, sarifRunResult) @@ -172,7 +184,9 @@ func FromContainerScan(containerScanReport containerscan.ContainerScan) (SarifRe FullDescription: SarifReportRunToolDriverRuleDescription{ Text: bestPracticeViolation.Title, }, - HelpUri: &helpUri, + Help: &SarifReportRunToolDriverRuleDescription{ + Text: helpUri, + }, } } sarifRunResult := SarifReportRunResult{ @@ -182,6 +196,22 @@ func FromContainerScan(containerScanReport containerscan.ContainerScan) (SarifRe Text: bestPracticeViolation.Alerts, }, } + //startLine, endLine, startColumn, endColumn + physicalLocationRegion := []int { 1, 1, 1, 1} + sarifRunResult.Locations = append(sarifRunResult.Locations, + SarifReportRunResultLocation{ + PhysicalLocation: SarifReportRunResultLocationPhysicalLocation{ + ArtifactLocation: SarifReportRunResultLocationPhysicalLocationArtifactLocation{ + Uri: toPathUri("container-image"), + }, + Region: &SarifReportRunResultLocationPhysicalLocationRegion{ + StartLine: &physicalLocationRegion[0], + EndLine: &physicalLocationRegion[1], + StartColumn: &physicalLocationRegion[2], + EndColumn: &physicalLocationRegion[3], + }, + }, + }) sarifReportRun.Results = append(sarifReportRun.Results, sarifRunResult) } sarifReportRun.Tool.Driver = sarifReportRunDriver