feature/401-github-codeql producer

rename github code scanning to github codeql to better showcase what tool is used

components/producers/github-code-scanning/main.go → components/producers/github-codeQL/main.go

@@ -8,11 +8,11 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/google/go-github/v63/github"
-	"golang.org/x/oauth2"
+	"github.com/google/go-github/v65/github"
 
 	v1 "github.com/ocurity/dracon/api/proto/v1"
 	"github.com/ocurity/dracon/components/producers"
+	wrapper "github.com/ocurity/dracon/pkg/github"
 )
 
 var (
@@ -24,12 +24,24 @@ var (
 
 	// GitHubToken is the GitHub token used to authenticate
 	GitHubToken string
+
+	// Ref is the Ref/branch to get alerts for
+	Ref string
+
+	// Severity, if specified, only code scanning alerts with this severity will be returned. Possible values are: critical, high, medium, low, warning, note, error
+	Severity string
+
+	// toolName is internal
+	toolName string
 )
 
 func main() {
 	flag.StringVar(&RepositoryOwner, "repository-owner", "", "The owner of the GitHub repository")
 	flag.StringVar(&RepositoryName, "repository-name", "", "The name of the GitHub repository")
 	flag.StringVar(&GitHubToken, "github-token", "", "The GitHub token used to authenticate with the API")
+	flag.StringVar(&Ref, "reference", "", "The Ref/branch to get alerts for")
+	flag.StringVar(&Severity, "severity", "", "If specified, only code scanning alerts with this severity will be returned. Possible values are: critical, high, medium, low, warning, note, error")
+	toolName = "CodeQL"
 	if err := producers.ParseFlags(); err != nil {
 		log.Fatal(err)
 	}
@@ -50,22 +62,24 @@ func main() {
 }
 
 func listAlertsForRepo(owner, repo, token string) ([]*github.Alert, error) {
-	ts := oauth2.StaticTokenSource(
-		&oauth2.Token{AccessToken: token},
-	)
-	oAuthClient := oauth2.NewClient(context.Background(), ts)
-	apiClient := github.NewClient(oAuthClient)
-
+	apiClient := wrapper.NewClient(token)
+	var severity *string
+	if Severity != "" {
+		severity = &Severity
+	}
 	opt := &github.AlertListOptions{
-		State: "open",
+		State:    "open",
+		Ref:      Ref,
+		Severity: *severity,
+		ToolName: "CodeQL",
 		ListOptions: github.ListOptions{
 			PerPage: 30,
 		},
 	}
 
 	var allAlerts []*github.Alert
 	for {
-		alerts, resp, err := apiClient.CodeScanning.ListAlertsForRepo(context.Background(), owner, repo, opt)
+		alerts, resp, err := apiClient.ListRepoAlerts(context.Background(), owner, repo, opt)
 		if err != nil {
 			return nil, err
 		}

components/producers/github-code-scanning/main_test.go → components/producers/github-codeQL/main_test.go

@@ -128,3 +128,7 @@ func TestParseGitHubCWEsFromTags(t *testing.T) {
 		})
 	}
 }
+
+func TestListAlertsForRepo(t *testing.T) {
+	require.Fail(t, "unimplemented")
+}