From aee8cf0cc085cd451ddb6f0f89e8c6d1b28bd517 Mon Sep 17 00:00:00 2001 From: "Yusuf A. Hasan Miyan" Date: Tue, 13 Feb 2024 13:09:39 +0400 Subject: [PATCH] fix: push breach json directly to insights --- pkg/lagoon/lagoon.go | 57 +------------------------ pkg/lagoon/lagoon_test.go | 89 +-------------------------------------- pkg/result/breach.go | 54 ++++++++++++------------ pkg/result/remediation.go | 4 +- 4 files changed, 32 insertions(+), 172 deletions(-) diff --git a/pkg/lagoon/lagoon.go b/pkg/lagoon/lagoon.go index 0f13384..04741c1 100644 --- a/pkg/lagoon/lagoon.go +++ b/pkg/lagoon/lagoon.go @@ -126,32 +126,17 @@ func ProcessResultList(w *bufio.Writer, list result.ResultList) error { return nil } - for iR, r := range list.Results { + for _, r := range list.Results { if len(r.Breaches) == 0 { continue } // let's marshal the breaches, they can be attached to the problem in the data field - _, err := json.Marshal(r.Breaches) + breachMapJson, err := json.Marshal(r.Breaches) if err != nil { log.WithError(err).Fatal("Unable to marshal breach information") } - breachMap := map[string]string{} - for iB, b := range r.Breaches { - breachName := fmt.Sprintf("[%d] %s", iR+iB+1, BreachFactName(b)) - value := BreachFactValue(b) - if len(value) > FactMaxValueLength { - value = value[:FactMaxValueLength-12] + "...TRUNCATED" - } - breachMap[breachName] = value - } - - breachMapJson, err := json.Marshal(breachMap) - if err != nil { - log.WithError(err).Fatal("Unable to write problems to Insights Remote") - } - problems = append(problems, Problem{ Identifier: r.Name, Version: "1", @@ -221,44 +206,6 @@ func DeleteProblems() error { return Client.Mutate(context.Background(), &m, variables) } -func BreachFactName(b result.Breach) string { - var name string - if result.BreachGetKeyLabel(b) != "" { - name = fmt.Sprintf("%s: %s", result.BreachGetKeyLabel(b), - result.BreachGetKey(b)) - } else if result.BreachGetKey(b) != "" { - name = result.BreachGetKey(b) - } else if result.BreachGetValueLabel(b) != "" { - name = result.BreachGetValueLabel(b) - } else { - name = b.GetCheckName() + " - " + - string(b.GetCheckType()) - } - return name -} - -func BreachFactValue(b result.Breach) string { - value := result.BreachGetValue(b) - if value == "" { - value = strings.Join(result.BreachGetValues(b), ", ") - } - - label := result.BreachGetValueLabel(b) - if label == "" || BreachFactName(b) == label { - return value - } else { - value = fmt.Sprintf("%s: %s", label, value) - } - - expected := result.BreachGetExpectedValue(b) - if expected == "" { - return value - } else { - value = fmt.Sprintf("expected: %s, %s", expected, value) - } - return value -} - // SeverityTranslation will convert a ShipShape severity rating to a Lagoon rating func SeverityTranslation(ssSeverity config.Severity) ProblemSeverityRating { // Currently supported severity levels in Lagoon diff --git a/pkg/lagoon/lagoon_test.go b/pkg/lagoon/lagoon_test.go index f8a0011..9793652 100644 --- a/pkg/lagoon/lagoon_test.go +++ b/pkg/lagoon/lagoon_test.go @@ -10,7 +10,6 @@ import ( "github.com/salsadigitalauorg/shipshape/pkg/internal" "github.com/salsadigitalauorg/shipshape/pkg/lagoon" - "github.com/salsadigitalauorg/shipshape/pkg/result" "github.com/hasura/go-graphql-client" "github.com/sirupsen/logrus" @@ -190,94 +189,8 @@ func Test_ProblemsToInsightsRemote(t *testing.T) { var problems []lagoon.Problem err := json.Unmarshal([]byte(bodyString), &problems) assert.NoError(t, err) - assert.Equalf(t, tt.args.problems, problems, fmt.Sprintf("Unmarshalled Body not Equal")) + assert.Equalf(t, tt.args.problems, problems, "Unmarshalled Body not Equal") } }) } } - -func TestBreachFactNameAndValue(t *testing.T) { - tests := []struct { - name string - breach result.Breach - expectedName string - expectedValue string - }{ - { - name: "value breach - no label", - breach: &result.ValueBreach{ - CheckName: "illegal file", - CheckType: "file", - Value: "/an/illegal/file", - }, - expectedName: "illegal file - file", - expectedValue: "/an/illegal/file", - }, - { - name: "value breach - label", - breach: &result.ValueBreach{ - CheckName: "illegal file", - CheckType: "file", - ValueLabel: "the illegal file exists", - Value: "/an/illegal/file", - }, - expectedName: "the illegal file exists", - expectedValue: "/an/illegal/file", - }, - { - name: "key-value breach - with value label", - breach: &result.KeyValueBreach{ - CheckName: "illegal file", - CheckType: "file", - Key: "illegal file found", - ValueLabel: "the illegal file exists", - Value: "/an/illegal/file", - }, - expectedName: "illegal file found", - expectedValue: "the illegal file exists: /an/illegal/file", - }, - { - name: "key-value breach - with value and key labels", - breach: &result.KeyValueBreach{ - CheckName: "illegal file", - CheckType: "file", - KeyLabel: "illegal file found in", - Key: "/path/to/dir", - ValueLabel: "illegal file", - Value: "/an/illegal/file", - }, - expectedName: "illegal file found in: /path/to/dir", - expectedValue: "illegal file: /an/illegal/file", - }, - { - name: "value breach - with value and key labels and expected value", - breach: &result.KeyValueBreach{ - CheckName: "update module status", - CheckType: "module-status", - KeyLabel: "disallowed module found", - ValueLabel: "actual", - Value: "enabled", - ExpectedValue: "disabled", - }, - expectedName: "disallowed module found: ", - expectedValue: "expected: disabled, actual: enabled", - }, - { - name: "key-values breach - no label", - breach: &result.KeyValuesBreach{ - CheckName: "illegal files", - CheckType: "file", - Values: []string{"/an/illegal/file", "/another/illegal/file"}, - }, - expectedName: "illegal files - file", - expectedValue: "/an/illegal/file, /another/illegal/file", - }, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - assert.Equal(t, tt.expectedName, lagoon.BreachFactName(tt.breach)) - assert.Equal(t, tt.expectedValue, lagoon.BreachFactValue(tt.breach)) - }) - } -} diff --git a/pkg/result/breach.go b/pkg/result/breach.go index 1b8bfd7..ab82b7a 100644 --- a/pkg/result/breach.go +++ b/pkg/result/breach.go @@ -35,14 +35,14 @@ const ( // // "file foo.ext not found": file is the ValueLabel, foo.ext is the Value type ValueBreach struct { - BreachType - CheckType string - CheckName string - Severity string - ValueLabel string - Value string - ExpectedValue string - Remediation + BreachType `json:"breach-type"` + CheckType string `json:"check-type"` + CheckName string `json:"check-name"` + Severity string `json:"severity"` + ValueLabel string `json:"value-label,omitempty"` + Value string `json:"value"` + ExpectedValue string `json:"expected-value,omitempty"` + Remediation `json:"remediation,omitempty"` } func (b ValueBreach) String() string { @@ -61,16 +61,16 @@ func (b ValueBreach) String() string { // - app could be the ValueLabel // - wordpress is the Value type KeyValueBreach struct { - BreachType - CheckType string - CheckName string - Severity string - KeyLabel string - Key string - ValueLabel string - Value string - ExpectedValue string - Remediation + BreachType `json:"breach-type"` + CheckType string `json:"check-type"` + CheckName string `json:"check-name"` + Severity string `json:"severity"` + KeyLabel string `json:"key-label,omitempty"` + Key string `json:"key,omitempty"` + ValueLabel string `json:"value-label,omitempty"` + Value string `json:"value"` + ExpectedValue string `json:"expected-value,omitempty"` + Remediation `json:"remediation,omitempty"` } func (b KeyValueBreach) String() string { @@ -89,15 +89,15 @@ func (b KeyValueBreach) String() string { // - permissions could be the ValueLabel // - [administer site configuration, import configuration] are the Values type KeyValuesBreach struct { - BreachType - CheckType string - CheckName string - Severity string - KeyLabel string - Key string - ValueLabel string - Values []string - Remediation + BreachType `json:"breach-type"` + CheckType string `json:"check-type"` + CheckName string `json:"check-name"` + Severity string `json:"severity"` + KeyLabel string `json:"key-label,omitempty"` + Key string `json:"key,omitempty"` + ValueLabel string `json:"value-label,omitempty"` + Values []string `json:"values"` + Remediation `json:"remediation,omitempty"` } func (b KeyValuesBreach) String() string { diff --git a/pkg/result/remediation.go b/pkg/result/remediation.go index 2effc3b..4a9c6db 100644 --- a/pkg/result/remediation.go +++ b/pkg/result/remediation.go @@ -10,6 +10,6 @@ const ( ) type Remediation struct { - Status RemediationStatus - Messages []string + Status RemediationStatus `json:",omitempty"` + Messages []string `json:",omitempty"` }