From efdb29d0d4bfafb9f18aca4658cf306e7634e095 Mon Sep 17 00:00:00 2001
From: AndreyLevchenko <levchenko.andrey@gmail.com>
Date: Mon, 15 Nov 2021 20:36:51 +0600
Subject: [PATCH] fix(sarif): fix validation errors (#1376)
---
contrib/sarif.tpl | 5 ++-
integration/testdata/alpine-310.sarif.golden | 34 ++++++++++++---
pkg/report/template.go | 6 +--
pkg/report/writer_internal_test.go | 44 ++++++++++----------
4 files changed, 58 insertions(+), 31 deletions(-)
diff --git a/contrib/sarif.tpl b/contrib/sarif.tpl
index e964cbc706c8..581f89d32994 100644
--- a/contrib/sarif.tpl
+++ b/contrib/sarif.tpl
@@ -75,6 +75,9 @@
"artifactLocation": {
"uri": "{{ toPathUri $filePath }}",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -85,7 +88,7 @@
"columnKind": "utf16CodeUnits",
"originalUriBaseIds": {
"ROOTPATH": {
- "uri": "/"
+ "uri": "file:///"
}
}
}
diff --git a/integration/testdata/alpine-310.sarif.golden b/integration/testdata/alpine-310.sarif.golden
index 667ab6e33cbd..ca76fb3d27d4 100644
--- a/integration/testdata/alpine-310.sarif.golden
+++ b/integration/testdata/alpine-310.sarif.golden
@@ -12,7 +12,7 @@
"rules": [
{
"id": "CVE-2019-1549",
- "name": "OS Package Vulnerability",
+ "name": "OsPackageVulnerability",
"shortDescription": {
"text": "CVE-2019-1549"
},
@@ -33,7 +33,7 @@
},
{
"id": "CVE-2019-1551",
- "name": "OS Package Vulnerability",
+ "name": "OsPackageVulnerability",
"shortDescription": {
"text": "CVE-2019-1551"
},
@@ -54,7 +54,7 @@
},
{
"id": "CVE-2019-1563",
- "name": "OS Package Vulnerability",
+ "name": "OsPackageVulnerability",
"shortDescription": {
"text": "CVE-2019-1563"
},
@@ -75,7 +75,7 @@
},
{
"id": "CVE-2019-1547",
- "name": "OS Package Vulnerability",
+ "name": "OsPackageVulnerability",
"shortDescription": {
"text": "CVE-2019-1547"
},
@@ -109,6 +109,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -125,6 +128,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -141,6 +147,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -157,6 +166,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -173,6 +185,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -189,6 +204,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -205,6 +223,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -221,6 +242,9 @@
"artifactLocation": {
"uri": "testdata/fixtures/images/alpine-310.tar.gz",
"uriBaseId": "ROOTPATH"
+ },
+ "region" : {
+ "startLine": 1
}
}
}]
@@ -228,7 +252,7 @@
"columnKind": "utf16CodeUnits",
"originalUriBaseIds": {
"ROOTPATH": {
- "uri": "/"
+ "uri": "file:///"
}
}
}
diff --git a/pkg/report/template.go b/pkg/report/template.go
index ad5935b394a0..363440b12cd0 100644
--- a/pkg/report/template.go
+++ b/pkg/report/template.go
@@ -106,11 +106,11 @@ func toSarifRuleName(vulnerabilityType string) string {
vulnerability.Debian, vulnerability.DebianOVAL, vulnerability.Fedora, vulnerability.Amazon,
vulnerability.OracleOVAL, vulnerability.SuseCVRF, vulnerability.OpenSuseCVRF, vulnerability.Photon,
vulnerability.CentOS:
- return "OS Package Vulnerability"
+ return "OsPackageVulnerability"
case "npm", "yarn", "nuget", "pipenv", "poetry", "bundler", "cargo", "composer":
- return "Programming Language Vulnerability"
+ return "ProgrammingLanguageVulnerability"
default:
- return "Other Vulnerability"
+ return "OtherVulnerability"
}
}
diff --git a/pkg/report/writer_internal_test.go b/pkg/report/writer_internal_test.go
index 7f46d355e8af..2a465f091265 100644
--- a/pkg/report/writer_internal_test.go
+++ b/pkg/report/writer_internal_test.go
@@ -14,91 +14,91 @@ func TestReportWriter_toSarifRuleName(t *testing.T) {
}{
{
vulnerabilityType: vulnerability.Ubuntu,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.Alpine,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.RedHat,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.RedHatOVAL,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.Debian,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.DebianOVAL,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.Fedora,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.Amazon,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.OracleOVAL,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.SuseCVRF,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.OpenSuseCVRF,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.Photon,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: vulnerability.CentOS,
- sarifRuleName: "OS Package Vulnerability",
+ sarifRuleName: "OsPackageVulnerability",
},
{
vulnerabilityType: "npm",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "yarn",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "nuget",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "pipenv",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "poetry",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "bundler",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "cargo",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "composer",
- sarifRuleName: "Programming Language Vulnerability",
+ sarifRuleName: "ProgrammingLanguageVulnerability",
},
{
vulnerabilityType: "redis",
- sarifRuleName: "Other Vulnerability",
+ sarifRuleName: "OtherVulnerability",
},
}
for _, tc := range tests {