adds metadata to result

go.mod

@@ -2,6 +2,7 @@ module github.com/Shopify/kubeaudit
 
 require (
 	github.com/jetstack/cert-manager v1.6.1
+	github.com/mitchellh/mapstructure v1.5.0
 	github.com/owenrumney/go-sarif/v2 v2.1.2
 	github.com/sirupsen/logrus v1.9.0
 	github.com/spf13/cobra v1.5.0

go.sum

@@ -806,6 +806,8 @@ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:F
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A=
 github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
 github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=

internal/sarif/sarif.go

@@ -6,11 +6,17 @@ import (
 	"strings"
 
 	"github.com/Shopify/kubeaudit"
+	"github.com/mitchellh/mapstructure"
 	"github.com/owenrumney/go-sarif/v2/sarif"
 )
 
 const repoURL = "https://github.com/Shopify/kubeaudit"
 
+type FormattedMetadata struct {
+	Component string
+	Value     string
+}
+
 // Create generates new sarif Report or returns an error
 func Create(kubeauditReport *kubeaudit.Report) (*sarif.Report, error) {
 	// create a new report object
@@ -36,12 +42,20 @@ func Create(kubeauditReport *kubeaudit.Report) (*sarif.Report, error) {
 
 		auditor := strings.ToLower(result.Auditor)
 
+		formattedMetadata := FormattedMetadata{}
+
+		err := mapstructure.Decode(result.Metadata, &formattedMetadata)
+
+		if err != nil {
+			formattedMetadata = FormattedMetadata{Component: "null", Value: "null"}
+		}
+
 		docsURL := "https://github.com/Shopify/kubeaudit/blob/main/docs/auditors/" + auditor + ".md"
 
-		helpText := fmt.Sprintf("Type: kubernetes\nAuditor Docs: To find out more about the issue and how to fix it, follow [this link](%s)\nDescription: %s\n\n Note: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", docsURL, allAuditors[auditor])
+		helpText := fmt.Sprintf("Type: kubernetes\nAuditor Docs: To find out more about the issue and how to fix it, follow [this link](%s)\nDescription: %s\nMetadata: %s\n\n Note: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", docsURL, allAuditors[auditor], string(metadata))
 
-		helpMarkdown := fmt.Sprintf("**Type**: kubernetes\n**Auditor Docs**: To find out more about the issue and how to fix it, follow [this link](%s)\n**Description:** %s\n\n *Note*: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ",
-			docsURL, allAuditors[auditor])
+		helpMarkdown := fmt.Sprintf("**Type**: kubernetes\n**Auditor Docs**: To find out more about the issue and how to fix it, follow [this link](%s)\n**Description:** %s\n **Metadata**: %s\n\n *Note*: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ",
+			docsURL, allAuditors[auditor], formattedMetadata.Component+"`"+formattedMetadata.Value+"`")
 
 		// we only add rules to the report based on the result findings
 		run.AddRule(result.Rule).