refactor: move Secret into secrets package (#205)

use go-yaml/yaml v3
Checkmarx · Feb 15, 2024 · 5a7ac9d · 5a7ac9d
1 parent ba811c5
commit 5a7ac9d
Show file tree

Hide file tree

Showing 10 changed files with 30 additions and 30 deletions.
diff --git a/cmd/main.go b/cmd/main.go
@@ -70,7 +70,7 @@ var channels = plugins.Channels{
 }
 
 var report = reporting.Init()
-var secretsChan = make(chan *reporting.Secret)
+var secretsChan = make(chan *secrets.Secret)
 
 func Execute() (int, error) {
 	vConfig.SetEnvPrefix(envPrefix)

diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/stretchr/testify v1.8.1
 	github.com/zricethezav/gitleaks/v8 v8.18.0
 	golang.org/x/time v0.1.0
-	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
@@ -48,5 +48,4 @@ require (
 	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -533,8 +533,6 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
 gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

diff --git a/reporting/report.go b/reporting/report.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 
 	"github.com/checkmarx/2ms/config"
+	"github.com/checkmarx/2ms/secrets"
 	"github.com/rs/zerolog/log"
 )
 
@@ -17,25 +18,14 @@ const (
 )
 
 type Report struct {
-	TotalItemsScanned int                  `json:"totalItemsScanned"`
-	TotalSecretsFound int                  `json:"totalSecretsFound"`
-	Results           map[string][]*Secret `json:"results"`
-}
-
-type Secret struct {
-	ID          string `json:"id"`
-	Source      string `json:"source"`
-	RuleID      string `json:"ruleId"`
-	StartLine   int    `json:"startLine"`
-	EndLine     int    `json:"endLine"`
-	StartColumn int    `json:"startColumn"`
-	EndColumn   int    `json:"endColumn"`
-	Value       string `json:"value"`
+	TotalItemsScanned int                          `json:"totalItemsScanned"`
+	TotalSecretsFound int                          `json:"totalSecretsFound"`
+	Results           map[string][]*secrets.Secret `json:"results"`
 }
 
 func Init() *Report {
 	return &Report{
-		Results: make(map[string][]*Secret),
+		Results: make(map[string][]*secrets.Secret),
 	}
 }
 

diff --git a/reporting/report_test.go b/reporting/report_test.go
@@ -3,6 +3,8 @@ package reporting
 import (
 	"reflect"
 	"testing"
+
+	"github.com/checkmarx/2ms/secrets"
 )
 
 func TestAddSecretToFile(t *testing.T) {
@@ -23,9 +25,9 @@ JPcHeO7M6FohKgcEHX84koQDN98J/L7pFlSoU7WOl6f8BKavIdeSTPS9qQYWdQuT
 4Xgur9w/aLZrLM3DSatR+kL+cVTyDTtgCt9Dc8k48Q==
 -----END RSA PRIVATE KEY-----`)
 
-	results := map[string][]*Secret{}
+	results := map[string][]*secrets.Secret{}
 	report := Report{len(results), 1, results}
-	secret := &Secret{Source: "bla", StartLine: 0, StartColumn: 0, EndLine: 0, EndColumn: 0, Value: secretValue}
+	secret := &secrets.Secret{Source: "bla", StartLine: 0, StartColumn: 0, EndLine: 0, EndColumn: 0, Value: secretValue}
 	source := "directory\\rawStringAsFile.txt"
 
 	report.Results[source] = append(report.Results[source], secret)

diff --git a/reporting/sarif.go b/reporting/sarif.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/checkmarx/2ms/config"
+	"github.com/checkmarx/2ms/secrets"
 )
 
 func writeSarif(report Report, cfg *config.Config) (string, error) {
@@ -74,7 +75,7 @@ func getResults(report Report) []Results {
 	return results
 }
 
-func getLocation(secret *Secret) []Locations {
+func getLocation(secret *secrets.Secret) []Locations {
 	return []Locations{
 		{
 			PhysicalLocation: PhysicalLocation{

diff --git a/reporting/yaml.go b/reporting/yaml.go
@@ -1,7 +1,7 @@
 package reporting
 
 import (
-	"gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v3"
 )
 
 func writeYaml(report Report) (string, error) {

diff --git a/secrets/engine.go b/secrets/engine.go
@@ -10,7 +10,6 @@ import (
 	"text/tabwriter"
 
 	"github.com/checkmarx/2ms/plugins"
-	"github.com/checkmarx/2ms/reporting"
 	"github.com/checkmarx/2ms/secrets/rules"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
@@ -58,15 +57,15 @@ func Init(secretsConfig SecretsConfig) (*Engine, error) {
 	}, nil
 }
 
-func (s *Engine) Detect(item plugins.Item, secretsChannel chan *reporting.Secret, wg *sync.WaitGroup, ignoredIds []string) {
+func (s *Engine) Detect(item plugins.Item, secretsChannel chan *Secret, wg *sync.WaitGroup, ignoredIds []string) {
 	defer wg.Done()
 
 	fragment := detect.Fragment{
 		Raw: item.Content,
 	}
 	for _, value := range s.detector.Detect(fragment) {
 		itemId := getFindingId(item, value)
-		secret := &reporting.Secret{
+		secret := &Secret{
 			ID:          itemId,
 			Source:      item.Source,
 			RuleID:      value.RuleID,
@@ -107,7 +106,7 @@ func getFindingId(item plugins.Item, finding report.Finding) string {
 	return fmt.Sprintf("%x", sha)
 }
 
-func isSecretIgnored(secret *reporting.Secret, ignoredIds *[]string) bool {
+func isSecretIgnored(secret *Secret, ignoredIds *[]string) bool {
 	for _, ignoredId := range *ignoredIds {
 		if secret.ID == ignoredId {
 			return true

diff --git a/secrets/engine_test.go b/secrets/engine_test.go
@@ -6,7 +6,6 @@ import (
 	"testing"
 
 	"github.com/checkmarx/2ms/plugins"
-	"github.com/checkmarx/2ms/reporting"
 	"github.com/checkmarx/2ms/secrets/rules"
 )
 
@@ -123,7 +122,7 @@ func TestSecrets(t *testing.T) {
 		}
 		t.Run(name, func(t *testing.T) {
 			fmt.Printf("Start test %s", name)
-			secretsChan := make(chan *reporting.Secret, 1)
+			secretsChan := make(chan *Secret, 1)
 			wg := &sync.WaitGroup{}
 			wg.Add(1)
 			detector.Detect(plugins.Item{Content: secret.Content}, secretsChan, wg, nil)

diff --git a/secrets/secret.go b/secrets/secret.go
@@ -0,0 +1,12 @@
+package secrets
+
+type Secret struct {
+	ID          string `json:"id"`
+	Source      string `json:"source"`
+	RuleID      string `json:"ruleId"`
+	StartLine   int    `json:"startLine"`
+	EndLine     int    `json:"endLine"`
+	StartColumn int    `json:"startColumn"`
+	EndColumn   int    `json:"endColumn"`
+	Value       string `json:"value"`
+}