From 440cc09f14e3a5198c5a40e08b13345d0d7a0e5c Mon Sep 17 00:00:00 2001 From: sg Date: Fri, 11 Oct 2024 15:12:10 +0100 Subject: [PATCH 1/3] fix bug #414 where the jira consumer would not create issues with zero scanstart time --- components/consumers/jira/utils/utils.go | 5 - pkg/jira/jira/apiutils_test.go | 3 + pkg/templating/template_description.go | 62 ++++---- pkg/templating/template_description_test.go | 149 +++++++++++++++++++- 4 files changed, 187 insertions(+), 32 deletions(-) diff --git a/components/consumers/jira/utils/utils.go b/components/consumers/jira/utils/utils.go index 10ed296b3..e01285b9b 100644 --- a/components/consumers/jira/utils/utils.go +++ b/components/consumers/jira/utils/utils.go @@ -21,11 +21,6 @@ func ProcessMessages(allowDuplicates, allowFP bool, sevThreshold int) ([]documen return nil, 0, err } messages, discarded := ProcessRawMessages(responses, sevThreshold) - if err != nil { - log.Print("Could not Process Raw Messages: ", err) - return nil, 0, err - } - return messages, discarded, nil } log.Print("Parsing Enriched results") diff --git a/pkg/jira/jira/apiutils_test.go b/pkg/jira/jira/apiutils_test.go index 8215004c9..b4137446c 100644 --- a/pkg/jira/jira/apiutils_test.go +++ b/pkg/jira/jira/apiutils_test.go @@ -2,8 +2,10 @@ package jira import ( "testing" + "time" jira "github.com/andygrunwald/go-jira" + "github.com/ocurity/dracon/pkg/jira/document" "github.com/stretchr/testify/require" "github.com/trivago/tgo/tcontainer" ) @@ -65,6 +67,7 @@ func TestMakeDescription(t *testing.T) { require.Equal(t, res, exp) } + func TestMakeSummary(t *testing.T) { res, extra := makeSummary(sampleResult) exp := "bar1:baz2 Unit Test Title" diff --git a/pkg/templating/template_description.go b/pkg/templating/template_description.go index 5e0491cbe..1ba70ef65 100644 --- a/pkg/templating/template_description.go +++ b/pkg/templating/template_description.go @@ -17,6 +17,21 @@ const ( defaultRawFindingTemplate = "Dracon found '{{.Title}}' at '{{.Target}}', severity '{{.Severity}}', rule id: '{{.Type}}', CVSS '{{.Cvss}}' Confidence '{{.Confidence}}' Original Description: {{.Description}}, Cve {{.Cve}}" ) +type ( + enrichedIssue struct { + *v1.EnrichedIssue + ToolName string + ScanStartTime string + ScanID string + ConfidenceText string + SeverityText string + Count uint + FirstFound string + } + + enrichedIssueOption func(*enrichedIssue) error +) + // TemplateStringRaw applies the provided go template to the Raw Issue provided and returns the resulting str func TemplateStringRaw(inputTemplate string, issue *v1.Issue) (*string, error) { if inputTemplate == "" { @@ -36,18 +51,7 @@ func TemplateStringRaw(inputTemplate string, issue *v1.Issue) (*string, error) { return &res, nil } -type enrichedIssue struct { - *v1.EnrichedIssue - ToolName string - ScanStartTime string - ScanID string - ConfidenceText string - SeverityText string - Count uint - FirstFound string -} -type enrichedIssueOption func(*enrichedIssue) error - +// EnrichedIssueWithToolName allows customising the Enriched Issue's ToolName. func EnrichedIssueWithToolName(toolname string) enrichedIssueOption { return func(ei *enrichedIssue) error { if toolname == "" { @@ -58,16 +62,7 @@ func EnrichedIssueWithToolName(toolname string) enrichedIssueOption { } } -func EnrichedIssueWithScanStartTime(startTime time.Time) enrichedIssueOption { - return func(ei *enrichedIssue) error { - if time.Time.IsZero(startTime) { - return errors.New("invalid startTime zero") - } - ei.ScanStartTime = startTime.Format(time.RFC3339) - return nil - } -} - +// EnrichedIssueWithConfidenceText allows customising the Enriched Issue's ConfidenceText. func EnrichedIssueWithConfidenceText(confidence string) enrichedIssueOption { return func(ei *enrichedIssue) error { if confidence == "" { @@ -78,6 +73,7 @@ func EnrichedIssueWithConfidenceText(confidence string) enrichedIssueOption { } } +// EnrichedIssueWithSeverityText allows customising the Enriched Issue's SeverityText. func EnrichedIssueWithSeverityText(severity string) enrichedIssueOption { return func(ei *enrichedIssue) error { if severity == "" { @@ -88,6 +84,7 @@ func EnrichedIssueWithSeverityText(severity string) enrichedIssueOption { } } +// EnrichedIssueWithCount allows customising the Enriched Issue's Count. func EnrichedIssueWithCount(count uint) enrichedIssueOption { return func(ei *enrichedIssue) error { if count <= 0 { @@ -98,6 +95,7 @@ func EnrichedIssueWithCount(count uint) enrichedIssueOption { } } +// EnrichedIssueWithScanID allows customising the Enriched Issue's Scan ID. func EnrichedIssueWithScanID(scanID string) enrichedIssueOption { return func(ei *enrichedIssue) error { if scanID == "" { @@ -108,12 +106,26 @@ func EnrichedIssueWithScanID(scanID string) enrichedIssueOption { } } +// EnrichedIssueWithScanStartTime allows customising the Enriched Issue's Scan start time. +func EnrichedIssueWithScanStartTime(startTime time.Time) enrichedIssueOption { + return func(ei *enrichedIssue) error { + st := startTime.Format(time.RFC3339) + if startTime.IsZero() { + return errors.Errorf("invalid startTime zero: %s", st) + } + ei.ScanStartTime = st + return nil + } +} + +// EnrichedIssueWithFirstFound allows customising the Enriched Issue's Scan first found time. func EnrichedIssueWithFirstFound(firstFound time.Time) enrichedIssueOption { return func(ei *enrichedIssue) error { - if time.Time.IsZero(firstFound) { - return errors.New("invalid firstFound zero") + ff := firstFound.Format(time.RFC3339) + if firstFound.IsZero() { + return errors.Errorf("invalid firstFound zero %s", ff) } - ei.FirstFound = firstFound.Format(time.RFC3339) + ei.FirstFound = ff return nil } } diff --git a/pkg/templating/template_description_test.go b/pkg/templating/template_description_test.go index 3d8cb7e0c..76a165552 100644 --- a/pkg/templating/template_description_test.go +++ b/pkg/templating/template_description_test.go @@ -4,9 +4,9 @@ import ( "testing" "time" - "google.golang.org/protobuf/types/known/timestamppb" - + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "google.golang.org/protobuf/types/known/timestamppb" v1 "github.com/ocurity/dracon/api/proto/v1" ) @@ -138,3 +138,148 @@ func Test_TemplateStringEnriched(t *testing.T) { }) } } + +func TestDescriptionOptions(t *testing.T) { + type args struct { + option enrichedIssueOption + } + + acceptableTime, err := time.Parse(time.RFC3339, "2024-10-10T20:06:33Z") + require.NoError(t, err) + + for _, tt := range []struct { + name string + args args + wantErr bool + expectedEnrichedIssue *enrichedIssue + }{ + { + name: "zero startTime returns err", + args: args{ + option: EnrichedIssueWithScanStartTime(time.Time{}), + }, + wantErr: true, + }, + { + name: "non zero startTime returns no err", + args: args{ + option: EnrichedIssueWithScanStartTime(acceptableTime), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + ScanStartTime: acceptableTime.Format(time.RFC3339), + }, + }, + { + name: "zero firstFound returns err", + args: args{ + option: EnrichedIssueWithFirstFound(time.Time{}), + }, + wantErr: true, + }, + { + name: "non zero firstFound returns no err", + args: args{ + option: EnrichedIssueWithFirstFound(acceptableTime), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + FirstFound: acceptableTime.Format(time.RFC3339), + }, + }, + { + name: "empty tool name returns err", + args: args{ + option: EnrichedIssueWithToolName(""), + }, + wantErr: true, + }, + { + name: "valid tool name returns no err", + args: args{ + option: EnrichedIssueWithToolName("some-tool"), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + ToolName: "some-tool", + }, + }, + { + name: "empty confidence text returns err", + args: args{ + option: EnrichedIssueWithConfidenceText(""), + }, + wantErr: true, + }, + { + name: "valid confidence text returns no err", + args: args{ + option: EnrichedIssueWithConfidenceText("conf-text-1"), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + ConfidenceText: "conf-text-1", + }, + }, + { + name: "empty severity text returns err", + args: args{ + option: EnrichedIssueWithSeverityText(""), + }, + wantErr: true, + }, + { + name: "valid severity text returns no err", + args: args{ + option: EnrichedIssueWithSeverityText("severity-text-1"), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + SeverityText: "severity-text-1", + }, + }, + { + name: "0 count returns err", + args: args{ + option: EnrichedIssueWithCount(0), + }, + wantErr: true, + }, + { + name: "positive count text returns no err", + args: args{ + option: EnrichedIssueWithCount(420), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + Count: 420, + }, + }, + { + name: "empty scan ID returns err", + args: args{ + option: EnrichedIssueWithScanID(""), + }, + wantErr: true, + }, + { + name: "valid scan id returns no err", + args: args{ + option: EnrichedIssueWithScanID("scan-1"), + }, + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + ScanID: "scan-1", + }, + }, + } { + t.Run(tt.name, func(t *testing.T) { + var ei enrichedIssue + if err := tt.args.option(&ei); tt.wantErr { + require.Error(t, err) + return + } + assert.Equal(t, tt.expectedEnrichedIssue, &ei) + }) + } +} From b39f73924aef29b22af2ed003b8b0b07bd9b9621 Mon Sep 17 00:00:00 2001 From: andream16 Date: Fri, 11 Oct 2024 15:59:16 +0100 Subject: [PATCH 2/3] Removing unused imports. --- pkg/jira/jira/apiutils_test.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkg/jira/jira/apiutils_test.go b/pkg/jira/jira/apiutils_test.go index b4137446c..bce617b7a 100644 --- a/pkg/jira/jira/apiutils_test.go +++ b/pkg/jira/jira/apiutils_test.go @@ -2,10 +2,8 @@ package jira import ( "testing" - "time" - jira "github.com/andygrunwald/go-jira" - "github.com/ocurity/dracon/pkg/jira/document" + "github.com/andygrunwald/go-jira" "github.com/stretchr/testify/require" "github.com/trivago/tgo/tcontainer" ) @@ -67,7 +65,6 @@ func TestMakeDescription(t *testing.T) { require.Equal(t, res, exp) } - func TestMakeSummary(t *testing.T) { res, extra := makeSummary(sampleResult) exp := "bar1:baz2 Unit Test Title" From b3c4fc4764c64ed21b9ddf9f6f7c93bd4fb9cd89 Mon Sep 17 00:00:00 2001 From: sg Date: Fri, 11 Oct 2024 19:59:16 +0100 Subject: [PATCH 3/3] fix bug 418 typo while checking jira issue count --- pkg/templating/template_description.go | 12 +-- pkg/templating/template_description_test.go | 98 +++++++-------------- 2 files changed, 38 insertions(+), 72 deletions(-) diff --git a/pkg/templating/template_description.go b/pkg/templating/template_description.go index 1ba70ef65..d40b9556d 100644 --- a/pkg/templating/template_description.go +++ b/pkg/templating/template_description.go @@ -87,9 +87,6 @@ func EnrichedIssueWithSeverityText(severity string) enrichedIssueOption { // EnrichedIssueWithCount allows customising the Enriched Issue's Count. func EnrichedIssueWithCount(count uint) enrichedIssueOption { return func(ei *enrichedIssue) error { - if count <= 0 { - return errors.Errorf("invalid count %d", count) - } ei.Count = count return nil } @@ -109,11 +106,10 @@ func EnrichedIssueWithScanID(scanID string) enrichedIssueOption { // EnrichedIssueWithScanStartTime allows customising the Enriched Issue's Scan start time. func EnrichedIssueWithScanStartTime(startTime time.Time) enrichedIssueOption { return func(ei *enrichedIssue) error { - st := startTime.Format(time.RFC3339) if startTime.IsZero() { - return errors.Errorf("invalid startTime zero: %s", st) + return errors.Errorf("invalid startTime zero: %s", startTime.String()) } - ei.ScanStartTime = st + ei.ScanStartTime = startTime.Format(time.RFC3339) return nil } } @@ -121,10 +117,10 @@ func EnrichedIssueWithScanStartTime(startTime time.Time) enrichedIssueOption { // EnrichedIssueWithFirstFound allows customising the Enriched Issue's Scan first found time. func EnrichedIssueWithFirstFound(firstFound time.Time) enrichedIssueOption { return func(ei *enrichedIssue) error { - ff := firstFound.Format(time.RFC3339) if firstFound.IsZero() { - return errors.Errorf("invalid firstFound zero %s", ff) + return errors.Errorf("invalid firstFound zero %s", firstFound.String()) } + ff := firstFound.Format(time.RFC3339) ei.FirstFound = ff return nil } diff --git a/pkg/templating/template_description_test.go b/pkg/templating/template_description_test.go index 76a165552..31de76cf6 100644 --- a/pkg/templating/template_description_test.go +++ b/pkg/templating/template_description_test.go @@ -4,7 +4,6 @@ import ( "testing" "time" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/protobuf/types/known/timestamppb" @@ -140,133 +139,104 @@ func Test_TemplateStringEnriched(t *testing.T) { } func TestDescriptionOptions(t *testing.T) { - type args struct { - option enrichedIssueOption - } - acceptableTime, err := time.Parse(time.RFC3339, "2024-10-10T20:06:33Z") require.NoError(t, err) for _, tt := range []struct { name string - args args + option enrichedIssueOption wantErr bool expectedEnrichedIssue *enrichedIssue }{ { - name: "zero startTime returns err", - args: args{ - option: EnrichedIssueWithScanStartTime(time.Time{}), - }, + name: "zero startTime returns err", + option: EnrichedIssueWithScanStartTime(time.Time{}), wantErr: true, }, { - name: "non zero startTime returns no err", - args: args{ - option: EnrichedIssueWithScanStartTime(acceptableTime), - }, + name: "non zero startTime returns no err", + option: EnrichedIssueWithScanStartTime(acceptableTime), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ ScanStartTime: acceptableTime.Format(time.RFC3339), }, }, { - name: "zero firstFound returns err", - args: args{ - option: EnrichedIssueWithFirstFound(time.Time{}), - }, + name: "zero firstFound returns err", + option: EnrichedIssueWithFirstFound(time.Time{}), wantErr: true, }, { - name: "non zero firstFound returns no err", - args: args{ - option: EnrichedIssueWithFirstFound(acceptableTime), - }, + name: "non zero firstFound returns no err", + option: EnrichedIssueWithFirstFound(acceptableTime), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ FirstFound: acceptableTime.Format(time.RFC3339), }, }, { - name: "empty tool name returns err", - args: args{ - option: EnrichedIssueWithToolName(""), - }, + name: "empty tool name returns err", + option: EnrichedIssueWithToolName(""), wantErr: true, }, { - name: "valid tool name returns no err", - args: args{ - option: EnrichedIssueWithToolName("some-tool"), - }, + name: "valid tool name returns no err", + option: EnrichedIssueWithToolName("some-tool"), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ ToolName: "some-tool", }, }, { - name: "empty confidence text returns err", - args: args{ - option: EnrichedIssueWithConfidenceText(""), - }, + name: "empty confidence text returns err", + option: EnrichedIssueWithConfidenceText(""), wantErr: true, }, { - name: "valid confidence text returns no err", - args: args{ - option: EnrichedIssueWithConfidenceText("conf-text-1"), - }, + name: "valid confidence text returns no err", + option: EnrichedIssueWithConfidenceText("conf-text-1"), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ ConfidenceText: "conf-text-1", }, }, { - name: "empty severity text returns err", - args: args{ - option: EnrichedIssueWithSeverityText(""), - }, + name: "empty severity text returns err", + option: EnrichedIssueWithSeverityText(""), wantErr: true, }, { - name: "valid severity text returns no err", - args: args{ - option: EnrichedIssueWithSeverityText("severity-text-1"), - }, + name: "valid severity text returns no err", + option: EnrichedIssueWithSeverityText("severity-text-1"), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ SeverityText: "severity-text-1", }, }, { - name: "0 count returns err", - args: args{ - option: EnrichedIssueWithCount(0), + name: "0 count returns no err", + option: EnrichedIssueWithCount(0), + wantErr: false, + expectedEnrichedIssue: &enrichedIssue{ + Count: 0, }, - wantErr: true, }, { - name: "positive count text returns no err", - args: args{ - option: EnrichedIssueWithCount(420), - }, + name: "positive count returns no err", + option: EnrichedIssueWithCount(420), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ Count: 420, }, }, { - name: "empty scan ID returns err", - args: args{ - option: EnrichedIssueWithScanID(""), - }, + name: "empty scan ID returns err", + option: EnrichedIssueWithScanID(""), wantErr: true, }, { - name: "valid scan id returns no err", - args: args{ - option: EnrichedIssueWithScanID("scan-1"), - }, + name: "valid scan id returns no err", + option: EnrichedIssueWithScanID("scan-1"), wantErr: false, expectedEnrichedIssue: &enrichedIssue{ ScanID: "scan-1", @@ -275,11 +245,11 @@ func TestDescriptionOptions(t *testing.T) { } { t.Run(tt.name, func(t *testing.T) { var ei enrichedIssue - if err := tt.args.option(&ei); tt.wantErr { + if err := tt.option(&ei); tt.wantErr { require.Error(t, err) return } - assert.Equal(t, tt.expectedEnrichedIssue, &ei) + require.Equal(t, tt.expectedEnrichedIssue, &ei) }) } }