From 8acd3c46ae8a78097413e6155cb537fcd1ebb6b2 Mon Sep 17 00:00:00 2001 From: Daniele Santos Date: Wed, 5 Oct 2022 12:17:50 -0400 Subject: [PATCH] adds metadata to result --- go.mod | 1 + go.sum | 2 ++ internal/sarif/sarif.go | 20 +++++++++++++++++--- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index a7976486..2e3d44f6 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,7 @@ module github.com/Shopify/kubeaudit require ( github.com/jetstack/cert-manager v1.6.1 + github.com/mitchellh/mapstructure v1.5.0 github.com/owenrumney/go-sarif/v2 v2.1.2 github.com/sirupsen/logrus v1.9.0 github.com/spf13/cobra v1.5.0 diff --git a/go.sum b/go.sum index 5eb7152b..e3f71960 100644 --- a/go.sum +++ b/go.sum @@ -806,6 +806,8 @@ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:F github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= diff --git a/internal/sarif/sarif.go b/internal/sarif/sarif.go index 07c77174..d35e72d4 100644 --- a/internal/sarif/sarif.go +++ b/internal/sarif/sarif.go @@ -6,11 +6,17 @@ import ( "strings" "github.com/Shopify/kubeaudit" + "github.com/mitchellh/mapstructure" "github.com/owenrumney/go-sarif/v2/sarif" ) const repoURL = "https://github.com/Shopify/kubeaudit" +type FormattedMetadata struct { + Component string + Value string +} + // Create generates new sarif Report or returns an error func Create(kubeauditReport *kubeaudit.Report) (*sarif.Report, error) { // create a new report object @@ -36,12 +42,20 @@ func Create(kubeauditReport *kubeaudit.Report) (*sarif.Report, error) { auditor := strings.ToLower(result.Auditor) + formattedMetadata := FormattedMetadata{} + + err := mapstructure.Decode(result.Metadata, &formattedMetadata) + + if err != nil { + formattedMetadata = FormattedMetadata{Component: "null", Value: "null"} + } + docsURL := "https://github.com/Shopify/kubeaudit/blob/main/docs/auditors/" + auditor + ".md" - helpText := fmt.Sprintf("Type: kubernetes\nAuditor Docs: To find out more about the issue and how to fix it, follow [this link](%s)\nDescription: %s\n\n Note: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", docsURL, allAuditors[auditor]) + helpText := fmt.Sprintf("Type: kubernetes\nAuditor Docs: To find out more about the issue and how to fix it, follow [this link](%s)\nDescription: %s\nMetadata: %s\n\n Note: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", docsURL, allAuditors[auditor], string(metadata)) - helpMarkdown := fmt.Sprintf("**Type**: kubernetes\n**Auditor Docs**: To find out more about the issue and how to fix it, follow [this link](%s)\n**Description:** %s\n\n *Note*: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", - docsURL, allAuditors[auditor]) + helpMarkdown := fmt.Sprintf("**Type**: kubernetes\n**Auditor Docs**: To find out more about the issue and how to fix it, follow [this link](%s)\n**Description:** %s\n **Metadata**: %s\n\n *Note*: These audit results are generated with `kubeaudit`, a command line tool and a Go package that checks for potential security concerns in kubernetes manifest specs. You can read more about it at https://github.com/Shopify/kubeaudit ", + docsURL, allAuditors[auditor], formattedMetadata.Component+"`"+formattedMetadata.Value+"`") // we only add rules to the report based on the result findings run.AddRule(result.Rule).