/
sarif.go
158 lines (136 loc) · 3.07 KB
/
sarif.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
package scan
import (
"fmt"
"time"
"github.com/leaktk/gitleaks7/v2/config"
)
// Sarif ...
type Sarif struct {
Schema string `json:"$schema"`
Version string `json:"version"`
Runs []Runs `json:"runs"`
}
// ShortDescription ...
type ShortDescription struct {
Text string `json:"text"`
}
// FullDescription ...
type FullDescription struct {
Text string `json:"text"`
}
// Rules ...
type Rules struct {
ID string `json:"id"`
Name string `json:"name"`
}
// Driver ...
type Driver struct {
Name string `json:"name"`
SemanticVersion string `json:"semanticVersion"`
Rules []Rules `json:"rules"`
}
// Tool ...
type Tool struct {
Driver Driver `json:"driver"`
}
// Message ...
type Message struct {
Text string `json:"text"`
}
// ArtifactLocation ...
type ArtifactLocation struct {
URI string `json:"uri"`
}
// Region ...
type Region struct {
StartLine int `json:"startLine"`
Snippet Snippet `json:"snippet"`
}
// Snippet ...
type Snippet struct {
Text string `json:"text"`
}
// PhysicalLocation ...
type PhysicalLocation struct {
ArtifactLocation ArtifactLocation `json:"artifactLocation"`
Region Region `json:"region"`
}
// Locations ...
type Locations struct {
PhysicalLocation PhysicalLocation `json:"physicalLocation"`
}
// Results ...
type Results struct {
Message Message `json:"message"`
RuleId string `json:"ruleId"`
Properties ResultProperties `json:"properties"`
Locations []Locations `json:"locations"`
}
// ResultProperties ...
type ResultProperties struct {
Commit string `json:"commit"`
Offender string `json:"offender"`
Date time.Time `json:"date"`
Author string `json:"author"`
Email string `json:"email"`
CommitMessage string `json:"commitMessage"`
Repo string `json:"repo"`
}
// Runs ...
type Runs struct {
Tool Tool `json:"tool"`
Results []Results `json:"results"`
}
func configToRules(cfg config.Config) []Rules {
var rules []Rules
for _, rule := range cfg.Rules {
rules = append(rules, Rules{
ID: rule.Description,
Name: rule.Description,
})
}
return rules
}
func leaksToResults(leaks []Leak) []Results {
results := make([]Results, 0)
for _, leak := range leaks {
results = append(results, Results{
Message: Message{
Text: fmt.Sprintf("%s secret detected", leak.Rule),
},
RuleId: leak.Rule,
Properties: ResultProperties{
Commit: leak.Commit,
Offender: leak.Offender,
Date: leak.Date,
Author: leak.Author,
Email: leak.Email,
CommitMessage: leak.Message,
Repo: leak.Repo,
},
Locations: leakToLocation(leak),
})
}
return results
}
func leakToLocation(leak Leak) []Locations {
uri := leak.File
if leak.LeakURL != "" {
uri = leak.LeakURL
}
return []Locations{
{
PhysicalLocation: PhysicalLocation{
ArtifactLocation: ArtifactLocation{
URI: uri,
},
Region: Region{
StartLine: leak.LineNumber,
Snippet: Snippet{
Text: leak.Line,
},
},
},
},
}
}