Break down counts by severity in default formatter (#863)

* Break down counts by severity in default formatter
aquasecurity · Jul 13, 2021 · 44fe4bc · 44fe4bc
1 parent 476fbff
commit 44fe4bc
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 3 deletions.
diff --git a/internal/app/tfsec/formatters/default.go b/internal/app/tfsec/formatters/default.go
@@ -104,6 +104,7 @@ func printResult(res result.Result, i int, includePassedChecks bool) {
 }
 
 func printStatistics() {
+
 	metrics.Add(metrics.FilesLoaded, parser.CountFiles())
 
 	_ = tml.Printf("  <blue>times</blue>\n  ------------------------------------------\n")
@@ -116,8 +117,9 @@ func printStatistics() {
 	} {
 		_ = tml.Printf("  <blue>%-20s</blue> %s\n", operation, times[operation].String())
 	}
-	counts := metrics.CountSummary()
+
 	_ = tml.Printf("\n  <blue>counts</blue>\n  ------------------------------------------\n")
+	counts := metrics.CountSummary()
 	for _, name := range []metrics.Count{
 		metrics.FilesLoaded,
 		metrics.BlocksLoaded,
@@ -128,6 +130,17 @@ func printStatistics() {
 	} {
 		_ = tml.Printf("  <blue>%-20s</blue> %d\n", name, counts[name])
 	}
+
+	_ = tml.Printf("\n  <blue>results</blue>\n  ------------------------------------------\n")
+	for _, sev := range []severity.Severity{
+		severity.Critical,
+		severity.High,
+		severity.Medium,
+		severity.Low,
+	} {
+		count := metrics.CountSeverity(sev)
+		_ = tml.Printf("  <blue>%-20s</blue> %d\n", strings.ToLower(string(sev)), count)
+	}
 }
 
 // highlight the lines of code which caused a problem, if available

diff --git a/internal/app/tfsec/metrics/metrics.go b/internal/app/tfsec/metrics/metrics.go
@@ -1,6 +1,10 @@
 package metrics
 
-import "time"
+import (
+	"time"
+
+	"github.com/aquasecurity/tfsec/pkg/severity"
+)
 
 var recordedTimes []*Timer
 
@@ -27,7 +31,7 @@ func Start(op Operation) *Timer {
 }
 
 func (t *Timer) Stop() {
-	t.duration = time.Now().Sub(t.started)
+	t.duration = time.Since(t.started)
 	recordedTimes = append(recordedTimes, t)
 }
 
@@ -63,3 +67,17 @@ func TimerSummary() map[Operation]time.Duration {
 func CountSummary() map[Count]int {
 	return counts
 }
+
+var severities = map[severity.Severity]int{}
+
+func AddResult(s severity.Severity) {
+	severities[s]++
+}
+
+func CountSeverity(sev severity.Severity) int {
+	val, ok := severities[sev]
+	if !ok {
+		return 0
+	}
+	return val
+}
diff --git a/internal/app/tfsec/scanner/scanner.go b/internal/app/tfsec/scanner/scanner.go
@@ -79,6 +79,7 @@ func (scanner *Scanner) Scan(blocks []block.Block) []result.Result {
 								ruleResult.Severity = r.DefaultSeverity
 							}
 							if scanner.includeIgnored || (!scanner.checkRangeIgnored(ruleResult.RuleID, ruleResult.Range, checkBlock) && !checkInList(ruleResult.RuleID, scanner.excludedRuleIDs)) {
+								metrics.AddResult(ruleResult.Severity)
 								results = append(results, ruleResult)
 							} else {
 								// rule was ignored