Merge remote-tracking branch 'upstream/dev' into gradle-dep-tree-upgrade

asafgabai · Oct 2, 2023 · 0c13faf · 0c13faf
2 parents dedfe82 + 02ff30b
commit 0c13faf
Showing 1 changed file with 16 additions and 16 deletions.
diff --git a/xray/utils/resultwriter.go b/xray/utils/resultwriter.go
@@ -115,7 +115,7 @@ func (rw *ResultsWriter) PrintScanResults() error {
 	case Json:
 		return PrintJson(rw.results.getXrayScanResults())
 	case Sarif:
-		sarifFile, err := rw.generateSarifContentFromResults(false)
+		sarifFile, err := GenerateSarifContentFromResults(rw.results, rw.isMultipleRoots, rw.includeLicenses, false)
 		if err != nil {
 			return err
 		}
@@ -172,21 +172,21 @@ func printMessage(message string) {
 	log.Output("💬" + message)
 }
 
-func (rw *ResultsWriter) generateSarifContentFromResults(markdownOutput bool) (sarifStr string, err error) {
+func GenerateSarifContentFromResults(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, markdownOutput bool) (sarifStr string, err error) {
 	report, err := NewReport()
 	if err != nil {
 		return
 	}
-	xrayRun, err := rw.convertXrayResponsesToSarifRun(markdownOutput)
+	xrayRun, err := convertXrayResponsesToSarifRun(extendedResults, isMultipleRoots, includeLicenses, markdownOutput)
 	if err != nil {
 		return
 	}
 
 	report.Runs = append(report.Runs, xrayRun)
-	report.Runs = append(report.Runs, rw.results.ApplicabilityScanResults...)
-	report.Runs = append(report.Runs, rw.results.IacScanResults...)
-	report.Runs = append(report.Runs, rw.results.SecretsScanResults...)
-	report.Runs = append(report.Runs, rw.results.SastScanResults...)
+	report.Runs = append(report.Runs, extendedResults.ApplicabilityScanResults...)
+	report.Runs = append(report.Runs, extendedResults.IacScanResults...)
+	report.Runs = append(report.Runs, extendedResults.SecretsScanResults...)
+	report.Runs = append(report.Runs, extendedResults.SastScanResults...)
 
 	out, err := json.Marshal(report)
 	if err != nil {
@@ -196,13 +196,13 @@ func (rw *ResultsWriter) generateSarifContentFromResults(markdownOutput bool) (s
 	return clientUtils.IndentJson(out), nil
 }
 
-func (rw *ResultsWriter) convertXrayResponsesToSarifRun(markdownOutput bool) (run *sarif.Run, err error) {
-	xrayJson, err := rw.convertXrayScanToSimpleJson(true)
+func convertXrayResponsesToSarifRun(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, markdownOutput bool) (run *sarif.Run, err error) {
+	xrayJson, err := convertXrayScanToSimpleJson(extendedResults, isMultipleRoots, includeLicenses, true)
 	if err != nil {
 		return
 	}
 	xrayRun := sarif.NewRunWithInformationURI("JFrog Xray Sca", "https://jfrog.com/xray/")
-	xrayRun.Tool.Driver.Version = &rw.results.XrayVersion
+	xrayRun.Tool.Driver.Version = &extendedResults.XrayVersion
 	if len(xrayJson.Vulnerabilities) > 0 || len(xrayJson.SecurityViolations) > 0 {
 		if err = extractXrayIssuesToSarifRun(xrayRun, xrayJson, markdownOutput); err != nil {
 			return
@@ -298,26 +298,26 @@ func addResultToSarifRun(issueId, msg, severity string, location *sarif.Location
 	return
 }
 
-func (rw *ResultsWriter) convertXrayScanToSimpleJson(simplifiedOutput bool) (formats.SimpleJsonResults, error) {
-	violations, vulnerabilities, licenses := SplitScanResults(rw.results.XrayResults)
+func convertXrayScanToSimpleJson(extendedResults *ExtendedScanResults, isMultipleRoots, includeLicenses, simplifiedOutput bool) (formats.SimpleJsonResults, error) {
+	violations, vulnerabilities, licenses := SplitScanResults(extendedResults.XrayResults)
 	jsonTable := formats.SimpleJsonResults{}
 	if len(vulnerabilities) > 0 {
-		vulJsonTable, err := PrepareVulnerabilities(vulnerabilities, rw.results, rw.isMultipleRoots, simplifiedOutput)
+		vulJsonTable, err := PrepareVulnerabilities(vulnerabilities, extendedResults, isMultipleRoots, simplifiedOutput)
 		if err != nil {
 			return formats.SimpleJsonResults{}, err
 		}
 		jsonTable.Vulnerabilities = vulJsonTable
 	}
 	if len(violations) > 0 {
-		secViolationsJsonTable, licViolationsJsonTable, opRiskViolationsJsonTable, err := PrepareViolations(violations, rw.results, rw.isMultipleRoots, simplifiedOutput)
+		secViolationsJsonTable, licViolationsJsonTable, opRiskViolationsJsonTable, err := PrepareViolations(violations, extendedResults, isMultipleRoots, simplifiedOutput)
 		if err != nil {
 			return formats.SimpleJsonResults{}, err
 		}
 		jsonTable.SecurityViolations = secViolationsJsonTable
 		jsonTable.LicensesViolations = licViolationsJsonTable
 		jsonTable.OperationalRiskViolations = opRiskViolationsJsonTable
 	}
-	if rw.includeLicenses {
+	if includeLicenses {
 		licJsonTable, err := PrepareLicenses(licenses)
 		if err != nil {
 			return formats.SimpleJsonResults{}, err
@@ -329,7 +329,7 @@ func (rw *ResultsWriter) convertXrayScanToSimpleJson(simplifiedOutput bool) (for
 }
 
 func (rw *ResultsWriter) convertScanToSimpleJson() (formats.SimpleJsonResults, error) {
-	jsonTable, err := rw.convertXrayScanToSimpleJson(false)
+	jsonTable, err := convertXrayScanToSimpleJson(rw.results, rw.isMultipleRoots, rw.includeLicenses, false)
 	if err != nil {
 		return formats.SimpleJsonResults{}, err
 	}