feat(output): add reviewdog output format for security report (#1028)

* feat(output): add reviewdog output format for security report

* chore: update snapshots

* fix(output): add leading newline to message

docs/_data/bearer_scan.yaml

@@ -43,7 +43,8 @@ options:
       usage: Disable the cache and runs the detections again
     - name: format
       shorthand: f
-      usage: Specify report format (json, yaml, sarif, gitlab-sast)
+      usage: |
+        Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
     - name: help
       shorthand: h
       default_value: "false"
@@ -64,6 +65,9 @@ options:
         Specify the comma-separated ids of the rules you would like to run. Skips all other rules.
     - name: output
       usage: Specify the output path for the report.
+    - name: parallel
+      default_value: "4"
+      usage: Specify the amount of parallelism to use during the scan
     - name: quiet
       default_value: "false"
       usage: Suppress non-essential messages

e2e/flags/.snapshots/TestMetadataFlags-help-scan

@@ -11,7 +11,7 @@ Examples:
 
 Report Flags
       --exclude-fingerprint strings   Specify the comma-separated fingerprints of the findings you would like to exclude from the report.
-  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast)
+  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
       --output string                 Specify the output path for the report.
       --report string                 Specify the type of report (security, privacy, dataflow). (default "security")
       --severity string               Specify which severities are included in the report. (default "critical,high,medium,low,warning")

e2e/flags/.snapshots/TestMetadataFlags-scan-help

@@ -11,7 +11,7 @@ Examples:
 
 Report Flags
       --exclude-fingerprint strings   Specify the comma-separated fingerprints of the findings you would like to exclude from the report.
-  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast)
+  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
       --output string                 Specify the output path for the report.
       --report string                 Specify the type of report (security, privacy, dataflow). (default "security")
       --severity string               Specify which severities are included in the report. (default "critical,high,medium,low,warning")

e2e/flags/.snapshots/TestReportFlagsShouldFail-invalid-context-flag

@@ -12,7 +12,7 @@ Examples:
 
 Report Flags
       --exclude-fingerprint strings   Specify the comma-separated fingerprints of the findings you would like to exclude from the report.
-  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast)
+  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
       --output string                 Specify the output path for the report.
       --report string                 Specify the type of report (security, privacy, dataflow). (default "security")
       --severity string               Specify which severities are included in the report. (default "critical,high,medium,low,warning")

e2e/flags/.snapshots/TestReportFlagsShouldFail-invalid-format-flag

@@ -1,6 +1,6 @@
 
 --
-Error: flag error: report flags error: invalid format argument; supported values: json, yaml, sarif, gitlab-sast
+Error: flag error: report flags error: invalid format argument; supported values: json, yaml, sarif, gitlab-sast, rdjson
 Usage:
    scan [flags] <path>
 Aliases:
@@ -12,7 +12,7 @@ Examples:
 
 Report Flags
       --exclude-fingerprint strings   Specify the comma-separated fingerprints of the findings you would like to exclude from the report.
-  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast)
+  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
       --output string                 Specify the output path for the report.
       --report string                 Specify the type of report (security, privacy, dataflow). (default "security")
       --severity string               Specify which severities are included in the report. (default "critical,high,medium,low,warning")
@@ -42,5 +42,5 @@ General Flags
       --no-color                Disable color in output
 
 
-flag error: report flags error: invalid format argument; supported values: json, yaml, sarif, gitlab-sast
+flag error: report flags error: invalid format argument; supported values: json, yaml, sarif, gitlab-sast, rdjson
 

e2e/flags/.snapshots/TestReportFlagsShouldFail-invalid-report-flag

@@ -12,7 +12,7 @@ Examples:
 
 Report Flags
       --exclude-fingerprint strings   Specify the comma-separated fingerprints of the findings you would like to exclude from the report.
-  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast)
+  -f, --format string                 Specify report format (json, yaml, sarif, gitlab-sast, rdjson)
       --output string                 Specify the output path for the report.
       --report string                 Specify the type of report (security, privacy, dataflow). (default "security")
       --severity string               Specify which severities are included in the report. (default "critical,high,medium,low,warning")

pkg/commands/artifact/run.go

@@ -28,6 +28,7 @@ import (
 	"github.com/bearer/bearer/pkg/github_api"
 	reportoutput "github.com/bearer/bearer/pkg/report/output"
 	"github.com/bearer/bearer/pkg/report/output/gitlab"
+	rdo "github.com/bearer/bearer/pkg/report/output/reviewdog"
 	"github.com/bearer/bearer/pkg/report/output/sarif"
 	"github.com/bearer/bearer/pkg/report/output/security"
 	"github.com/bearer/bearer/pkg/report/output/stats"
@@ -365,6 +366,17 @@ func (r *runner) Report(config settings.Config, report types.Report) (bool, erro
 			return false, fmt.Errorf("error generating JSON report %s", err)
 		}
 
+		logger.Msg(*content)
+	case flag.FormatReviewDog:
+		sastContent, err := rdo.ReportReviewdog(detections.(*map[string][]security.Result))
+		if err != nil {
+			return false, fmt.Errorf("error generating reviewdog report %s", err)
+		}
+		content, err := reportoutput.ReportJSON(sastContent)
+		if err != nil {
+			return false, fmt.Errorf("error generating JSON report %s", err)
+		}
+
 		logger.Msg(*content)
 	case flag.FormatGitLabSast:
 

pkg/flag/report_flags.go

@@ -7,6 +7,7 @@ import (
 )
 
 var (
+	FormatReviewDog  = "rdjson"
 	FormatGitLabSast = "gitlab-sast"
 	FormatSarif      = "sarif"
 	FormatJSON       = "json"
@@ -23,7 +24,7 @@ var (
 	DefaultSeverity = "critical,high,medium,low,warning"
 )
 
-var ErrInvalidFormat = errors.New("invalid format argument; supported values: json, yaml, sarif, gitlab-sast")
+var ErrInvalidFormat = errors.New("invalid format argument; supported values: json, yaml, sarif, gitlab-sast, rdjson")
 var ErrInvalidReport = errors.New("invalid report argument; supported values: security, privacy")
 var ErrInvalidSeverity = errors.New("invalid severity argument; supported values: critical, high, medium, low, warning")
 
@@ -33,7 +34,7 @@ var (
 		ConfigName: "report.format",
 		Shorthand:  "f",
 		Value:      FormatEmpty,
-		Usage:      "Specify report format (json, yaml, sarif, gitlab-sast)",
+		Usage:      "Specify report format (json, yaml, sarif, gitlab-sast, rdjson)",
 	}
 	ReportFlag = Flag{
 		Name:       "report",
@@ -120,7 +121,7 @@ func (f *ReportFlagGroup) ToOptions() (ReportOptions, error) {
 	case FormatYAML:
 	case FormatJSON:
 	case FormatEmpty:
-	case FormatSarif, FormatGitLabSast:
+	case FormatSarif, FormatGitLabSast, FormatReviewDog:
 		if report != ReportSecurity {
 			return ReportOptions{}, ErrInvalidFormat
 		}