-
Notifications
You must be signed in to change notification settings - Fork 295
/
exit_handler.go
71 lines (62 loc) · 2.2 KB
/
exit_handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package helpers
import (
"fmt"
"strings"
"github.com/Checkmarx/kics/pkg/model"
)
var shouldIgnore string
var shouldFail map[string]struct{}
// ResultsExitCode calculate exit code base on severity of results, returns 0 if no results was reported
func ResultsExitCode(summary *model.Summary) int {
// severityArr is needed to make sure 'for' cycle is made in an ordered fashion
severityArr := []model.Severity{"HIGH", "MEDIUM", "LOW", "INFO", "TRACE"}
codeMap := map[model.Severity]int{"HIGH": 50, "MEDIUM": 40, "LOW": 30, "INFO": 20, "TRACE": 0}
exitMap := summary.SeveritySummary.SeverityCounters
for _, severity := range severityArr {
if _, reportSeverity := shouldFail[strings.ToLower(string(severity))]; !reportSeverity {
continue
}
if exitMap[severity] > 0 {
return codeMap[severity]
}
}
return 0
}
// InitShouldIgnoreArg initializes what kind of errors should be used on exit codes
func InitShouldIgnoreArg(arg string) error {
validArgs := []string{"none", "all", "results", "errors"}
for _, validArg := range validArgs {
if strings.EqualFold(validArg, arg) {
shouldIgnore = strings.ToLower(arg)
return nil
}
}
return fmt.Errorf("unknown argument for --ignore-on-exit: %s\nvalid arguments:\n %s", arg, strings.Join(validArgs, "\n "))
}
// InitShouldFailArg initializes which kind of vulnerability severity should changes exit code
func InitShouldFailArg(args []string) error {
possibleArgs := map[string]struct{}{
"high": {},
"medium": {},
"low": {},
"info": {},
}
if len(args) == 0 {
shouldFail = possibleArgs
return nil
}
argsConverted := make(map[string]struct{})
for _, arg := range args {
if _, ok := possibleArgs[strings.ToLower(arg)]; !ok {
validArgs := []string{"high", "medium", "low", "info"}
return fmt.Errorf("unknown argument for --fail-on: %s\nvalid arguments:\n %s", arg, strings.Join(validArgs, "\n "))
}
argsConverted[strings.ToLower(arg)] = struct{}{}
}
shouldFail = argsConverted
return nil
}
// ShowError returns true if should show error, otherwise returns false
func ShowError(kind string) bool {
return strings.EqualFold(shouldIgnore, "none") || (!strings.EqualFold(shouldIgnore, "all") && !strings.EqualFold(shouldIgnore, kind))
}