Skip to content

Commit

Permalink
Merge pull request #74 from snyk-tech-services/feat/add-iac-support
Browse files Browse the repository at this point in the history
Feat/add iac support
  • Loading branch information
aarlaud authored Jul 29, 2021
2 parents 93b5504 + 31a88cc commit a1abb0b
Show file tree
Hide file tree
Showing 6 changed files with 2,009 additions and 542 deletions.
93 changes: 92 additions & 1 deletion lib/snyk-display.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,77 @@ const chalk = require("chalk");

var ROOT = "https://snyk.io";

module.exports = { displayResult: displayResult };
module.exports = {
displayResult: displayResult,
displayIACResult: displayIACResult,
};

function displayIACResult(res, options, originalData) {
debug("options: " + options);

var meta = metaForIACDisplay(res, options, originalData) + "\n\n";

var interIssueSep = `\n\n-----\n`;
var summary = `Tested ${originalData.projectName} ${originalData.targetFile}/${originalData.projectType} for known issues\n`;

// handle errors by extracting their message
if (res instanceof Error) {
return res.message;
}

if (res.length === 0) {
summary += chalk.green("✓ No issues found");

if (options.severityThreshold) {
summary += chalk.yellow(
"\n\nCAUTION! Your severity setting might have hidden some issues below the threshold chosen. Make sure to review the unfiltered results."
);
}

return (
chalk.bold("Testing " + options.path + "...\n") +
meta +
summary +
interIssueSep
);
}

var count = `found ${res.length} issues `;

summary += chalk.red.bold(count);

var sep = "\n\n";

var issues = res;

var body =
(issues || [])
.map(function (issue) {
var res = "";
var name = issue.title;
var severity = issue.severity.toUpperCase();
res += chalk.red(
"✗ " + severity + " severity issue found on " + name + "\n"
);
res += "- issue: " + issue.iacDescription.issue + "\n";
res += "- impact: " + issue.iacDescription.impact + "\n";
res += `- info: ${issue.id} of ${issue.subType}/${issue.type} type\n`;
res += `- resolution: ${issue.iacDescription.resolve} \n`;

res += `- path: ${issue.path.join("=>")}\n`;
res += `- line number: ${issue.lineNumber}`;

return res;
})
.filter(Boolean)
.join(sep) +
sep +
meta +
summary +
interIssueSep;

return chalk.bold("\nTesting " + options.path + "...\n") + body;
}

function displayResult(res, options) {
debug("options: " + options);
Expand Down Expand Up @@ -209,3 +279,24 @@ function metaForDisplay(res, options) {

return meta.join("\n");
}

function metaForIACDisplay(res, options, originalData) {
var meta = [
chalk.bold("Organisation: ") + originalData.org,
// chalk.bold('Package manager: ') +
// (options.packageManager | res.packageManager),
//chalk.bold('Target file: ') + options.file,
//chalk.bold('Open source: ') + (res.isPrivate ? 'no' : 'yes'),
];
if (originalData.filesystemPolicy) {
meta.push("Local Snyk policy found");
if (
originalData.ignoreSettings &&
originalData.ignoreSettings.disregardFilesystemIgnores
) {
meta.push("Local Snyk policy ignores disregarded");
}
}

return meta.join("\n");
}
22 changes: 16 additions & 6 deletions lib/snyk-filter.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ const yaml = require("js-yaml");
const fs = require("fs");
const path = require("path");
const jq = require("node-jq");
const chalk = require("chalk");

var snykDisplay = require("./snyk-display.js");
var customFilters; // = require('../sample-filters/filters.json');
Expand All @@ -23,7 +24,6 @@ function onDataCallback(data, reportCallback) {
const jqFilterString = customFilters.filter;
const jqPassString = customFilters.pass;
const failMsg = customFilters.msg;

data = JSON.parse(data);
if (Array.isArray(data)) {
data.map((dataItem) => {
Expand Down Expand Up @@ -77,7 +77,6 @@ function run(source, reportCallback, filters, cliOptions = null) {
readInputFromStdin(reportCallback);
}
} catch (error) {
console.log("out");
debug("error reading input: " + error);
}
}
Expand All @@ -87,10 +86,16 @@ function processResults(data, filterString, passString, failMsg) {
//.then((filteredData) => aggregate(filteredData))
//.then((processedData) => {reportCallback(processedData)})
.then((processedData) => {
//console.log(processedData);
if (options && options.json) {
console.warn("json output enabled");
console.log(JSON.stringify(processedData, null, 2));
} else if (data.infrastructureAsCodeIssues) {
var response = snykDisplay.displayIACResult(
processedData,
options,
data
);
console.log(response);
} else {
var response = snykDisplay.displayResult(processedData, options);
console.log(response);
Expand All @@ -115,7 +120,6 @@ function filter(data, filterString) {
//const filter = 'select(.vulnerabilities | map( select(.packageName | contains("bson") | not)))';
const filter = filterString;
const options = { input: "json", output: "json" };

jq.run(filter, data, options)
.then((output) => {
resolve(output);
Expand Down Expand Up @@ -150,10 +154,16 @@ function pass(data, passString, passFailMsg) {
jq.run(query, data, options)
.then((output) => {
if (output == 0) {
console.warn("No issues found after custom filtering");
console.warn(
`${chalk.yellow(
data.projectName || data.path
)} - No issues found after custom filtering`
);
resolve(true);
} else {
reject(passFailMsg);
reject(
`${chalk.yellow(data.projectName || data.path)} - ${passFailMsg}`
);
}
})
.catch((err) => {
Expand Down
Loading

0 comments on commit a1abb0b

Please sign in to comment.