correct link for results (#622)

* correct link for results * fixing linter * correct build of constant * fix urls * updating links and identifiers --------- Co-authored-by: Pedro Lopes <[email protected]>
Checkmarx · Nov 28, 2023 · 8f085fa · 8f085fa
1 parent 394630b
commit 8f085fa
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 11 deletions.
diff --git a/internal/commands/result.go b/internal/commands/result.go
@@ -985,8 +985,7 @@ func exportGlSastResults(targetFile string, results *wrappers.ScanResultsCollect
 	if err != nil {
 		return errors.Wrapf(err, "%s: failed to add scan to gl sast report", failedListingResults)
 	}
-	convertCxResultToGlVulnerability(results, glSast)
-
+	convertCxResultToGlVulnerability(results, glSast, summary.BaseURI)
 	resultsJSON, err := json.Marshal(glSast)
 	if err != nil {
 		return errors.Wrapf(err, "%s: failed to serialize gl sast report ", failedListingResults)
@@ -1006,7 +1005,7 @@ func addScanToGlSastReport(summary *wrappers.ResultSummary, glSast *wrappers.GlS
 	}
 
 	glSast.Scan = wrappers.ScanGlReport{}
-	glSast.Schema = "https://gitlab.com/gitlab-org/gitlab/-/raw/master/lib/gitlab/ci/parsers/security/validators/schemas/15.0.0/sast-report-format.jsonn"
+	glSast.Schema = "https://gitlab.com/gitlab-org/gitlab/-/raw/master/lib/gitlab/ci/parsers/security/validators/schemas/15.0.0/sast-report-format.json"
 	glSast.Version = "15.0.0"
 	glSast.Scan.Analyzer.URL = wrappers.AnalyzerURL
 	glSast.Scan.Analyzer.Name = wrappers.VendorName
@@ -1252,15 +1251,15 @@ func convertCxResultsToSarif(results *wrappers.ScanResultsCollection) *wrappers.
 	return sarif
 }
 
-func convertCxResultToGlVulnerability(results *wrappers.ScanResultsCollection, glSast *wrappers.GlSastResultsCollection) {
+func convertCxResultToGlVulnerability(results *wrappers.ScanResultsCollection, glSast *wrappers.GlSastResultsCollection, summaryBaseURI string) {
 	for _, result := range results.Results {
 		if strings.TrimSpace(result.Type) == commonParams.SastType {
-			glSast = parseGlSastVulnerability(result, glSast)
+			glSast = parseGlSastVulnerability(result, glSast, summaryBaseURI)
 		}
 	}
 }
 
-func parseGlSastVulnerability(result *wrappers.ScanResult, glSast *wrappers.GlSastResultsCollection) *wrappers.GlSastResultsCollection {
+func parseGlSastVulnerability(result *wrappers.ScanResult, glSast *wrappers.GlSastResultsCollection, summaryBaseURI string) *wrappers.GlSastResultsCollection {
 	queryName := result.ScanResultData.QueryName
 	fileName := result.ScanResultData.Nodes[0].FileName
 	lineNumber := strconv.FormatUint(uint64(result.ScanResultData.Nodes[0].Line), 10)
@@ -1287,9 +1286,9 @@ func parseGlSastVulnerability(result *wrappers.ScanResult, glSast *wrappers.GlSa
 		},
 		Identifiers: []wrappers.Identifier{
 			{
-				Type:  "similarityId",
-				Name:  "Similarity Id ",
-				URL:   wrappers.AnalyzerURL,
+				Type:  "cxOneScan",
+				Name:  "CxOne Scan",
+				URL:   summaryBaseURI,
 				Value: result.ID,
 			},
 		},
@@ -1310,7 +1309,6 @@ func parseGlSastVulnerability(result *wrappers.ScanResult, glSast *wrappers.GlSa
 			File:      fileName,
 			StartLine: startLine,
 			EndLine:   endLine,
-			Class:     fileName,
 		},
 	})
 	return glSast

diff --git a/internal/wrappers/results-gl-sast.go b/internal/wrappers/results-gl-sast.go
@@ -3,7 +3,7 @@ package wrappers
 const (
 	AnalyzerName = "CxOne"
 	AnalyzerID   = AnalyzerName + "-SAST"
-	AnalyzerURL  = "https://checkmarx.company.com/"
+	AnalyzerURL  = "https://checkmarx.com/"
 	VendorName   = "Checkmarx"
 )