From 6e073da17f7cfb538477ef656e36fd0bde2a29a3 Mon Sep 17 00:00:00 2001 From: andream16 Date: Sun, 15 Dec 2024 17:50:04 +0000 Subject: [PATCH] F Updating examples and components' code to comply with new vulnerability type and storages. --- sdk/component/component.go | 16 ++-- sdk/component/component_test.go | 83 ++----------------- sdk/component/enricher_test.go | 12 +-- sdk/component/examples/enricher/main.go | 6 +- sdk/component/examples/filter/main.go | 6 +- sdk/component/examples/reporter/main.go | 4 +- sdk/component/filter_test.go | 12 +-- .../internal/mocks/component_mock.go | 31 +++---- sdk/component/reporter_test.go | 10 +-- 9 files changed, 54 insertions(+), 126 deletions(-) diff --git a/sdk/component/component.go b/sdk/component/component.go index 50f6cb547..7b7ce6d96 100644 --- a/sdk/component/component.go +++ b/sdk/component/component.go @@ -4,14 +4,10 @@ import ( "context" "github.com/smithy-security/smithy/sdk/component/uuid" + finding "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" ) -type VulnerabilityFinding struct { - ID uint64 - Finding *ocsf.VulnerabilityFinding -} - // Helpers interfaces for common functionalities. type ( // Validator allows validating vulnerability findings by a specified criteria. @@ -23,13 +19,13 @@ type ( // Reader allows reading vulnerability findings from a storage. Reader interface { // Read reads vulnerability findings from a storage. - Read(ctx context.Context, instanceID uuid.UUID) ([]*VulnerabilityFinding, error) + Read(ctx context.Context, instanceID uuid.UUID) ([]*finding.VulnerabilityFinding, error) } // Updater allows updating vulnerability findings in an underlying storage. Updater interface { // Update updates existing vulnerability findings. - Update(ctx context.Context, instanceID uuid.UUID, findings []*VulnerabilityFinding) error + Update(ctx context.Context, instanceID uuid.UUID, findings []*finding.VulnerabilityFinding) error } // Writer allows writing non-existent vulnerability findings in an underlying storage. @@ -72,19 +68,19 @@ type ( Filter interface { // Filter returns filtered findings from the supplied ones applying some criteria. // It returns false if no findings have been filtered out. - Filter(ctx context.Context, findings []*VulnerabilityFinding) ([]*VulnerabilityFinding, bool, error) + Filter(ctx context.Context, findings []*finding.VulnerabilityFinding) ([]*finding.VulnerabilityFinding, bool, error) } // Enricher allows enriching vulnerability findings by some criteria. Enricher interface { // Annotate enriches vulnerability findings by some criteria. - Annotate(ctx context.Context, findings []*VulnerabilityFinding) ([]*VulnerabilityFinding, error) + Annotate(ctx context.Context, findings []*finding.VulnerabilityFinding) ([]*finding.VulnerabilityFinding, error) } // Reporter advertises behaviours for reporting vulnerability findings. Reporter interface { // Report reports vulnerability findings on a specified destination. // i.e. raises them as tickets on your favourite ticketing system. - Report(ctx context.Context, findings []*VulnerabilityFinding) error + Report(ctx context.Context, findings []*finding.VulnerabilityFinding) error } ) diff --git a/sdk/component/component_test.go b/sdk/component/component_test.go index 366f0d283..b72648a5e 100644 --- a/sdk/component/component_test.go +++ b/sdk/component/component_test.go @@ -4,10 +4,10 @@ import ( "context" "testing" - "github.com/google/uuid" "github.com/stretchr/testify/assert" "github.com/smithy-security/smithy/sdk/component" + finding "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" ) @@ -23,101 +23,32 @@ type ( testFilter struct{} ) -func (t testFilter) Read( - ctx context.Context, - instanceID uuid.UUID, -) ([]*ocsf.VulnerabilityFinding, error) { - return nil, nil -} - func (t testFilter) Filter( ctx context.Context, - findings []*ocsf.VulnerabilityFinding, -) ([]*ocsf.VulnerabilityFinding, bool, error) { - return nil, false, nil -} - -func (t testFilter) Close(ctx context.Context) error { - return nil -} - -func (t testFilter) Update( - ctx context.Context, - instanceID uuid.UUID, - findings []*ocsf.VulnerabilityFinding, -) error { - return nil -} - -func (t testReporter) Read( - ctx context.Context, - instanceID uuid.UUID, -) ([]*ocsf.VulnerabilityFinding, error) { - return nil, nil -} - -func (t testReporter) Report(ctx context.Context, findings []*ocsf.VulnerabilityFinding) error { - return nil -} - -func (t testReporter) Close(ctx context.Context) error { - return nil -} - -func (t testEnricher) Read( - ctx context.Context, - instanceID uuid.UUID, -) ([]*ocsf.VulnerabilityFinding, error) { - return nil, nil + findings []*finding.VulnerabilityFinding, +) ([]*finding.VulnerabilityFinding, bool, error) { + return nil, true, nil } -func (t testEnricher) Update( - ctx context.Context, - instanceID uuid.UUID, - findings []*ocsf.VulnerabilityFinding, -) error { +func (t testReporter) Report(ctx context.Context, findings []*finding.VulnerabilityFinding) error { return nil } func (t testEnricher) Annotate( ctx context.Context, - findings []*ocsf.VulnerabilityFinding, -) ([]*ocsf.VulnerabilityFinding, error) { + findings []*finding.VulnerabilityFinding, +) ([]*finding.VulnerabilityFinding, error) { return nil, nil } -func (t testEnricher) Close(ctx context.Context) error { - return nil -} - -func (t testScanner) Write( - ctx context.Context, - instanceID uuid.UUID, - findings []*ocsf.VulnerabilityFinding, -) error { - return nil -} - -func (t testScanner) Validate(finding *ocsf.VulnerabilityFinding) error { - return nil -} - func (t testScanner) Transform(ctx context.Context) ([]*ocsf.VulnerabilityFinding, error) { return nil, nil } -func (t testScanner) Close(ctx context.Context) error { - return nil -} - func (t testTarget) Prepare(ctx context.Context) error { return nil } -func (t testTarget) Close(ctx context.Context) error { - return nil -} - func TestImplementations(t *testing.T) { assert.Implements(t, (*component.Target)(nil), testTarget{}) assert.Implements(t, (*component.Scanner)(nil), testScanner{}) diff --git a/sdk/component/enricher_test.go b/sdk/component/enricher_test.go index 08a321c3f..aa29fd2f5 100644 --- a/sdk/component/enricher_test.go +++ b/sdk/component/enricher_test.go @@ -12,7 +12,7 @@ import ( "github.com/smithy-security/smithy/sdk/component" "github.com/smithy-security/smithy/sdk/component/internal/mocks" "github.com/smithy-security/smithy/sdk/component/uuid" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) func runEnricherHelper( @@ -41,8 +41,8 @@ func TestRunEnricher(t *testing.T) { mockCtx = gomock.AssignableToTypeOf(ctx) mockStore = mocks.NewMockStorer(ctrl) mockEnricher = mocks.NewMockEnricher(ctrl) - vulns = make([]*ocsf.VulnerabilityFinding, 0, 2) - enrichedVulns = make([]*ocsf.VulnerabilityFinding, 0, 2) + vulns = make([]*vf.VulnerabilityFinding, 0, 2) + enrichedVulns = make([]*vf.VulnerabilityFinding, 0, 2) ) t.Run("it should run a enricher correctly and enrich out one finding", func(t *testing.T) { @@ -80,7 +80,7 @@ func TestRunEnricher(t *testing.T) { EXPECT(). Annotate(mockCtx, vulns). DoAndReturn( - func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, error) { + func(ctx context.Context, vulns []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, error) { cancel() return enrichedVulns, nil }), @@ -91,7 +91,7 @@ func TestRunEnricher(t *testing.T) { func( ctx context.Context, instanceID uuid.UUID, - vulns []*ocsf.VulnerabilityFinding, + vulns []*vf.VulnerabilityFinding, ) error { <-ctx.Done() return nil @@ -182,7 +182,7 @@ func TestRunEnricher(t *testing.T) { EXPECT(). Annotate(mockCtx, vulns). DoAndReturn( - func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, error) { + func(ctx context.Context, vulns []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, error) { panic(errAnnotation) return enrichedVulns, nil }), diff --git a/sdk/component/examples/enricher/main.go b/sdk/component/examples/enricher/main.go index eb70b948f..7b27fdc5c 100644 --- a/sdk/component/examples/enricher/main.go +++ b/sdk/component/examples/enricher/main.go @@ -6,14 +6,14 @@ import ( "time" "github.com/smithy-security/smithy/sdk/component" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) type sampleEnricher struct{} -func (s sampleEnricher) Annotate(ctx context.Context, findings []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, error) { +func (s sampleEnricher) Annotate(ctx context.Context, findings []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, error) { component.LoggerFromContext(ctx).Info("Annotate.") - return make([]*ocsf.VulnerabilityFinding, 0, 10), nil + return make([]*vf.VulnerabilityFinding, 0, 10), nil } func main() { diff --git a/sdk/component/examples/filter/main.go b/sdk/component/examples/filter/main.go index ba9c4b86e..b2f8fd3d0 100644 --- a/sdk/component/examples/filter/main.go +++ b/sdk/component/examples/filter/main.go @@ -6,14 +6,14 @@ import ( "time" "github.com/smithy-security/smithy/sdk/component" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) type sampleFilter struct{} -func (s sampleFilter) Filter(ctx context.Context, findings []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, bool, error) { +func (s sampleFilter) Filter(ctx context.Context, findings []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, bool, error) { component.LoggerFromContext(ctx).Info("Filter.") - return make([]*ocsf.VulnerabilityFinding, 0, 80), true, nil + return make([]*vf.VulnerabilityFinding, 0, 80), true, nil } func main() { diff --git a/sdk/component/examples/reporter/main.go b/sdk/component/examples/reporter/main.go index ede197ea8..e0008b1f8 100644 --- a/sdk/component/examples/reporter/main.go +++ b/sdk/component/examples/reporter/main.go @@ -6,12 +6,12 @@ import ( "time" "github.com/smithy-security/smithy/sdk/component" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) type sampleReporter struct{} -func (s sampleReporter) Report(ctx context.Context, findings []*ocsf.VulnerabilityFinding) error { +func (s sampleReporter) Report(ctx context.Context, findings []*vf.VulnerabilityFinding) error { component.LoggerFromContext(ctx).Info("Report.") return nil } diff --git a/sdk/component/filter_test.go b/sdk/component/filter_test.go index 5fccc4651..91c9dd079 100644 --- a/sdk/component/filter_test.go +++ b/sdk/component/filter_test.go @@ -11,7 +11,7 @@ import ( "github.com/smithy-security/smithy/sdk/component" "github.com/smithy-security/smithy/sdk/component/internal/mocks" "github.com/smithy-security/smithy/sdk/component/uuid" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) func runFilterHelper( @@ -40,8 +40,8 @@ func TestRunFilter(t *testing.T) { mockCtx = gomock.AssignableToTypeOf(ctx) mockStore = mocks.NewMockStorer(ctrl) mockFilter = mocks.NewMockFilter(ctrl) - vulns = make([]*ocsf.VulnerabilityFinding, 0, 2) - filteredVulns = make([]*ocsf.VulnerabilityFinding, 0, 1) + vulns = make([]*vf.VulnerabilityFinding, 0, 2) + filteredVulns = make([]*vf.VulnerabilityFinding, 0, 1) ) t.Run("it should run a filter correctly and filter out one finding", func(t *testing.T) { @@ -97,7 +97,7 @@ func TestRunFilter(t *testing.T) { mockFilter. EXPECT(). Filter(mockCtx, vulns). - DoAndReturn(func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, bool, error) { + DoAndReturn(func(ctx context.Context, vulns []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, bool, error) { cancel() return filteredVulns, true, nil }), @@ -108,7 +108,7 @@ func TestRunFilter(t *testing.T) { func( ctx context.Context, instanceID uuid.UUID, - vulns []*ocsf.VulnerabilityFinding, + vulns []*vf.VulnerabilityFinding, ) error { <-ctx.Done() return nil @@ -196,7 +196,7 @@ func TestRunFilter(t *testing.T) { mockFilter. EXPECT(). Filter(mockCtx, vulns). - DoAndReturn(func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) ([]*ocsf.VulnerabilityFinding, bool, error) { + DoAndReturn(func(ctx context.Context, vulns []*vf.VulnerabilityFinding) ([]*vf.VulnerabilityFinding, bool, error) { panic(errFilter) return filteredVulns, true, nil }), diff --git a/sdk/component/internal/mocks/component_mock.go b/sdk/component/internal/mocks/component_mock.go index 5cf22ca4b..c71da19b0 100644 --- a/sdk/component/internal/mocks/component_mock.go +++ b/sdk/component/internal/mocks/component_mock.go @@ -13,10 +13,11 @@ import ( context "context" reflect "reflect" - component "github.com/smithy-security/smithy/sdk/component" + gomock "go.uber.org/mock/gomock" + uuid "github.com/smithy-security/smithy/sdk/component/uuid" + vulnerability_finding "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" v1 "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" - gomock "go.uber.org/mock/gomock" ) // MockValidator is a mock of Validator interface. @@ -82,10 +83,10 @@ func (m *MockReader) EXPECT() *MockReaderMockRecorder { } // Read mocks base method. -func (m *MockReader) Read(ctx context.Context, instanceID uuid.UUID) ([]*component.VulnerabilityFinding, error) { +func (m *MockReader) Read(ctx context.Context, instanceID uuid.UUID) ([]*vulnerability_finding.VulnerabilityFinding, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Read", ctx, instanceID) - ret0, _ := ret[0].([]*component.VulnerabilityFinding) + ret0, _ := ret[0].([]*vulnerability_finding.VulnerabilityFinding) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -121,7 +122,7 @@ func (m *MockUpdater) EXPECT() *MockUpdaterMockRecorder { } // Update mocks base method. -func (m *MockUpdater) Update(ctx context.Context, instanceID uuid.UUID, findings []*component.VulnerabilityFinding) error { +func (m *MockUpdater) Update(ctx context.Context, instanceID uuid.UUID, findings []*vulnerability_finding.VulnerabilityFinding) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Update", ctx, instanceID, findings) ret0, _ := ret[0].(error) @@ -249,10 +250,10 @@ func (mr *MockStorerMockRecorder) Close(arg0 any) *gomock.Call { } // Read mocks base method. -func (m *MockStorer) Read(ctx context.Context, instanceID uuid.UUID) ([]*component.VulnerabilityFinding, error) { +func (m *MockStorer) Read(ctx context.Context, instanceID uuid.UUID) ([]*vulnerability_finding.VulnerabilityFinding, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Read", ctx, instanceID) - ret0, _ := ret[0].([]*component.VulnerabilityFinding) + ret0, _ := ret[0].([]*vulnerability_finding.VulnerabilityFinding) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -264,7 +265,7 @@ func (mr *MockStorerMockRecorder) Read(ctx, instanceID any) *gomock.Call { } // Update mocks base method. -func (m *MockStorer) Update(ctx context.Context, instanceID uuid.UUID, findings []*component.VulnerabilityFinding) error { +func (m *MockStorer) Update(ctx context.Context, instanceID uuid.UUID, findings []*vulnerability_finding.VulnerabilityFinding) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Update", ctx, instanceID, findings) ret0, _ := ret[0].(error) @@ -368,10 +369,10 @@ func (m *MockScanner) EXPECT() *MockScannerMockRecorder { } // Transform mocks base method. -func (m *MockScanner) Transform(ctx context.Context) ([]*component.VulnerabilityFinding, error) { +func (m *MockScanner) Transform(ctx context.Context) ([]*v1.VulnerabilityFinding, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Transform", ctx) - ret0, _ := ret[0].([]*component.VulnerabilityFinding) + ret0, _ := ret[0].([]*v1.VulnerabilityFinding) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -407,10 +408,10 @@ func (m *MockFilter) EXPECT() *MockFilterMockRecorder { } // Filter mocks base method. -func (m *MockFilter) Filter(ctx context.Context, findings []*component.VulnerabilityFinding) ([]*component.VulnerabilityFinding, bool, error) { +func (m *MockFilter) Filter(ctx context.Context, findings []*vulnerability_finding.VulnerabilityFinding) ([]*vulnerability_finding.VulnerabilityFinding, bool, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Filter", ctx, findings) - ret0, _ := ret[0].([]*component.VulnerabilityFinding) + ret0, _ := ret[0].([]*vulnerability_finding.VulnerabilityFinding) ret1, _ := ret[1].(bool) ret2, _ := ret[2].(error) return ret0, ret1, ret2 @@ -447,10 +448,10 @@ func (m *MockEnricher) EXPECT() *MockEnricherMockRecorder { } // Annotate mocks base method. -func (m *MockEnricher) Annotate(ctx context.Context, findings []*component.VulnerabilityFinding) ([]*component.VulnerabilityFinding, error) { +func (m *MockEnricher) Annotate(ctx context.Context, findings []*vulnerability_finding.VulnerabilityFinding) ([]*vulnerability_finding.VulnerabilityFinding, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Annotate", ctx, findings) - ret0, _ := ret[0].([]*component.VulnerabilityFinding) + ret0, _ := ret[0].([]*vulnerability_finding.VulnerabilityFinding) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -486,7 +487,7 @@ func (m *MockReporter) EXPECT() *MockReporterMockRecorder { } // Report mocks base method. -func (m *MockReporter) Report(ctx context.Context, findings []*component.VulnerabilityFinding) error { +func (m *MockReporter) Report(ctx context.Context, findings []*vulnerability_finding.VulnerabilityFinding) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Report", ctx, findings) ret0, _ := ret[0].(error) diff --git a/sdk/component/reporter_test.go b/sdk/component/reporter_test.go index 2171fc7d4..0b8ad0804 100644 --- a/sdk/component/reporter_test.go +++ b/sdk/component/reporter_test.go @@ -11,7 +11,7 @@ import ( "github.com/smithy-security/smithy/sdk/component" "github.com/smithy-security/smithy/sdk/component/internal/mocks" "github.com/smithy-security/smithy/sdk/component/uuid" - ocsf "github.com/smithy-security/smithy/sdk/gen/ocsf_schema/v1" + vf "github.com/smithy-security/smithy/sdk/component/vulnerability-finding" ) func runReporterHelper( @@ -40,7 +40,7 @@ func TestRunReporter(t *testing.T) { mockCtx = gomock.AssignableToTypeOf(ctx) mockStore = mocks.NewMockStorer(ctrl) mockReporter = mocks.NewMockReporter(ctrl) - vulns = make([]*ocsf.VulnerabilityFinding, 0) + vulns = make([]*vf.VulnerabilityFinding, 0) ) t.Run("it should run a reporter correctly", func(t *testing.T) { @@ -69,14 +69,14 @@ func TestRunReporter(t *testing.T) { mockStore. EXPECT(). Read(mockCtx, instanceID). - DoAndReturn(func(ctx context.Context, instanceID uuid.UUID) ([]*ocsf.VulnerabilityFinding, error) { + DoAndReturn(func(ctx context.Context, instanceID uuid.UUID) ([]*vf.VulnerabilityFinding, error) { cancel() return vulns, nil }), mockReporter. EXPECT(). Report(mockCtx, vulns). - DoAndReturn(func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) error { + DoAndReturn(func(ctx context.Context, vulns []*vf.VulnerabilityFinding) error { <-ctx.Done() return nil }), @@ -138,7 +138,7 @@ func TestRunReporter(t *testing.T) { mockReporter. EXPECT(). Report(mockCtx, vulns). - DoAndReturn(func(ctx context.Context, vulns []*ocsf.VulnerabilityFinding) error { + DoAndReturn(func(ctx context.Context, vulns []*vf.VulnerabilityFinding) error { panic(errReporting) return nil }),