fix(checkmarxOne): changed json report (#4478)

* fix(checkmarxOne): changed json report

cmd/checkmarxOneExecuteScan.go

@@ -670,7 +670,7 @@ func (c *checkmarxOneExecuteScanHelper) getDetailedResults(scan *checkmarxOne.Sc
 	resultMap["LinesOfCodeScanned"] = scanmeta.LOC
 	resultMap["FilesScanned"] = scanmeta.FileCount
 
-	resultMap["CheckmarxVersion"] = "Cx1 Gap: No API for this"
+	resultMap["ToolVersion"] = "Cx1 Gap: No API for this"
 
 	if scanmeta.IsIncremental {
 		resultMap["ScanType"] = "Incremental"
@@ -1076,7 +1076,7 @@ func (c *checkmarxOneExecuteScanHelper) reportToInflux(results *map[string]inter
 	c.influx.checkmarxOne_data.fields.scan_time = (*results)["ScanTime"].(string)
 	c.influx.checkmarxOne_data.fields.lines_of_code_scanned = (*results)["LinesOfCodeScanned"].(int)
 	c.influx.checkmarxOne_data.fields.files_scanned = (*results)["FilesScanned"].(int)
-	c.influx.checkmarxOne_data.fields.checkmarxOne_version = (*results)["CheckmarxVersion"].(string)
+	c.influx.checkmarxOne_data.fields.tool_version = (*results)["ToolVersion"].(string)
 	c.influx.checkmarxOne_data.fields.scan_type = (*results)["ScanType"].(string)
 	c.influx.checkmarxOne_data.fields.preset = (*results)["Preset"].(string)
 	c.influx.checkmarxOne_data.fields.deep_link = (*results)["DeepLink"].(string)

pkg/checkmarxone/reporting.go

@@ -5,7 +5,6 @@ import (
 	"crypto/sha1"
 	"encoding/json"
 	"fmt"
-	"math"
 	"path/filepath"
 	"strings"
 	"time"
@@ -19,32 +18,32 @@ import (
 )
 
 type CheckmarxOneReportData struct {
-	ToolName             string         `json:"toolName"`
-	ProjectName          string         `json:"projectName"`
-	ProjectID            string         `json:"projectID"`
-	ScanID               string         `json:"scanID"`
-	GroupName            string         `json:"groupName"`
-	GroupPath            string         `json:"groupPath"`
-	DeepLink             string         `json:"deepLink"`
-	Preset               string         `json:"preset"`
-	CheckmarxVersion     string         `json:"checkmarxVersion"`
-	ScanType             string         `json:"scanType"`
-	HighTotal            int            `json:"highTotal"`
-	HighAudited          int            `json:"highAudited"`
-	MediumTotal          int            `json:"mediumTotal"`
-	MediumAudited        int            `json:"mediumAudited"`
-	LowTotal             int            `json:"lowTotal"`
-	LowAudited           int            `json:"lowAudited"`
-	InformationTotal     int            `json:"informationTotal"`
-	InformationAudited   int            `json:"informationAudited"`
-	IsLowPerQueryAudited bool           `json:"isLowPerQueryAudited"`
-	LowPerQuery          *[]LowPerQuery `json:"lowPerQuery"`
+	ToolName        string     `json:"toolName"`
+	ToolVersion     string     `json:"toolVersion"`
+	ProjectName     string     `json:"projectName"`
+	ProjectID       string     `json:"projectID"`
+	ScanID          string     `json:"scanID"`
+	ApplicationName string     `json:"applicationName"`
+	ApplicationID   string     `json:"applicationID"`
+	GroupName       string     `json:"groupName"`
+	GroupID         string     `json:"groupID"`
+	DeepLink        string     `json:"deepLink"`
+	Preset          string     `json:"preset"`
+	ScanType        string     `json:"scanType"`
+	Findings        *[]Finding `json:"findings"`
+}
+
+type Finding struct {
+	ClassificationName string         `json:"classificationName"`
+	Total              int            `json:"total,omitempty"`
+	Audited            *int           `json:"audited,omitempty"`
+	LowPerQuery        *[]LowPerQuery `json:"categories,omitempty"`
 }
 
 type LowPerQuery struct {
-	QueryName string `json:"query"`
-	Audited   int    `json:"audited"`
+	QueryName string `json:"name"`
 	Total     int    `json:"total"`
+	Audited   int    `json:"audited"`
 }
 
 func CreateCustomReport(data *map[string]interface{}, insecure, neutral []string) reporting.ScanReport {
@@ -66,7 +65,7 @@ func CreateCustomReport(data *map[string]interface{}, insecure, neutral []string
 			{Description: "Report creation time", Details: fmt.Sprint((*data)["ReportCreationTime"])},
 			{Description: "Lines of code scanned", Details: fmt.Sprint((*data)["LinesOfCodeScanned)"])},
 			{Description: "Files scanned", Details: fmt.Sprint((*data)["FilesScanned)"])},
-			{Description: "Checkmarx version", Details: fmt.Sprint((*data)["CheckmarxVersion"])},
+			{Description: "Tool version", Details: fmt.Sprint((*data)["ToolVersion"])},
 			{Description: "Deep link", Details: deepLink},
 		},
 		Overview:   []reporting.OverviewRow{},
@@ -138,33 +137,38 @@ func CreateCustomReport(data *map[string]interface{}, insecure, neutral []string
 
 func CreateJSONHeaderReport(data *map[string]interface{}) CheckmarxOneReportData {
 	checkmarxReportData := CheckmarxOneReportData{
-		ToolName:         `checkmarxone`,
-		ProjectName:      fmt.Sprint((*data)["ProjectName"]),
-		GroupName:        fmt.Sprint((*data)["Group"]),
-		GroupPath:        fmt.Sprint((*data)["GroupFullPathOnReportDate"]),
-		DeepLink:         fmt.Sprint((*data)["DeepLink"]),
-		Preset:           fmt.Sprint((*data)["Preset"]),
-		CheckmarxVersion: fmt.Sprint((*data)["CheckmarxVersion"]),
-		ScanType:         fmt.Sprint((*data)["ScanType"]),
-		ProjectID:        fmt.Sprint((*data)["ProjectId"]),
-		ScanID:           fmt.Sprint((*data)["ScanId"]),
+		ToolName:    `CheckmarxOne`,
+		ProjectName: fmt.Sprint((*data)["ProjectName"]),
+		GroupID:     fmt.Sprint((*data)["Group"]),
+		GroupName:   fmt.Sprint((*data)["GroupFullPathOnReportDate"]),
+		DeepLink:    fmt.Sprint((*data)["DeepLink"]),
+		Preset:      fmt.Sprint((*data)["Preset"]),
+		ToolVersion: fmt.Sprint((*data)["ToolVersion"]),
+		ScanType:    fmt.Sprint((*data)["ScanType"]),
+		ProjectID:   fmt.Sprint((*data)["ProjectId"]),
+		ScanID:      fmt.Sprint((*data)["ScanId"]),
 	}
 
-	checkmarxReportData.HighAudited = (*data)["High"].(map[string]int)["Issues"] - (*data)["High"].(map[string]int)["NotFalsePositive"]
-	checkmarxReportData.HighTotal = (*data)["High"].(map[string]int)["Issues"]
-
-	checkmarxReportData.MediumAudited = (*data)["Medium"].(map[string]int)["Issues"] - (*data)["Medium"].(map[string]int)["NotFalsePositive"]
-	checkmarxReportData.MediumTotal = (*data)["Medium"].(map[string]int)["Issues"]
-
-	checkmarxReportData.LowAudited = (*data)["Low"].(map[string]int)["Confirmed"] + (*data)["Low"].(map[string]int)["NotExploitable"]
-	checkmarxReportData.LowTotal = (*data)["Low"].(map[string]int)["Issues"]
-
-	checkmarxReportData.InformationAudited = (*data)["Information"].(map[string]int)["Confirmed"] + (*data)["Information"].(map[string]int)["NotExploitable"]
-	checkmarxReportData.InformationTotal = (*data)["Information"].(map[string]int)["Issues"]
-
-	lowPerQueryList := []LowPerQuery{}
-	checkmarxReportData.IsLowPerQueryAudited = true
+	findings := []Finding{}
+	// High
+	highFindings := Finding{}
+	highFindings.ClassificationName = "High"
+	highFindings.Total = (*data)["High"].(map[string]int)["Issues"]
+	highAudited := (*data)["High"].(map[string]int)["Issues"] - (*data)["High"].(map[string]int)["NotFalsePositive"]
+	highFindings.Audited = &highAudited
+	findings = append(findings, highFindings)
+	// Medium
+	mediumFindings := Finding{}
+	mediumFindings.ClassificationName = "Medium"
+	mediumFindings.Total = (*data)["Medium"].(map[string]int)["Issues"]
+	mediumAudited := (*data)["Medium"].(map[string]int)["Issues"] - (*data)["Medium"].(map[string]int)["NotFalsePositive"]
+	mediumFindings.Audited = &mediumAudited
+	findings = append(findings, mediumFindings)
+	// Low
+	lowFindings := Finding{}
+	lowFindings.ClassificationName = "Low"
 	if _, ok := (*data)["LowPerQuery"]; ok {
+		lowPerQueryList := []LowPerQuery{}
 		lowPerQueryMap := (*data)["LowPerQuery"].(map[string]map[string]int)
 		for queryName, resultsLowQuery := range lowPerQueryMap {
 			audited := resultsLowQuery["Confirmed"] + resultsLowQuery["NotExploitable"]
@@ -173,14 +177,18 @@ func CreateJSONHeaderReport(data *map[string]interface{}) CheckmarxOneReportData
 			lowPerQuery.QueryName = queryName
 			lowPerQuery.Audited = audited
 			lowPerQuery.Total = total
-			lowAuditedRequiredPerQuery := int(math.Ceil(0.10 * float64(total)))
-			if audited < lowAuditedRequiredPerQuery && audited < 10 {
-				checkmarxReportData.IsLowPerQueryAudited = false
-			}
 			lowPerQueryList = append(lowPerQueryList, lowPerQuery)
 		}
+		lowFindings.LowPerQuery = &lowPerQueryList
+		findings = append(findings, lowFindings)
+	} else {
+		lowFindings.Total = (*data)["Low"].(map[string]int)["Issues"]
+		lowAudited := (*data)["Low"].(map[string]int)["Confirmed"] + (*data)["Low"].(map[string]int)["NotExploitable"]
+		lowFindings.Audited = &lowAudited
+		findings = append(findings, lowFindings)
 	}
-	checkmarxReportData.LowPerQuery = &lowPerQueryList
+
+	checkmarxReportData.Findings = &findings
 
 	return checkmarxReportData
 }

pkg/checkmarxone/reporting_test.go

@@ -14,7 +14,7 @@ func TestCreateJSONReport(t *testing.T) {
 	resultMap["GroupFullPathOnReportDate"] = `test-group-path`
 	resultMap["DeepLink"] = `https://cx1.sap/projects/f5702f86-b396-417f-82e2-4949a55d5382/scans?branch=master&page=1&id=21e40b36-0dd7-48e5-9768-da1a8f36c907`
 	resultMap["Preset"] = `Checkmarx Default`
-	resultMap["CheckmarxVersion"] = `v1`
+	resultMap["ToolVersion"] = `v1`
 	resultMap["ScanType"] = `Incremental`
 	resultMap["ProjectId"] = `f5702f86-b396-417f-82e2-4949a55d5382`
 	resultMap["ScanId"] = `21e40b36-0dd7-48e5-9768-da1a8f36c907`
@@ -64,39 +64,22 @@ func TestCreateJSONReport(t *testing.T) {
 	assert.Equal(t, "21e40b36-0dd7-48e5-9768-da1a8f36c907", reportingData.ScanID)
 	assert.Equal(t, "ssba", reportingData.ProjectName)
 	assert.Equal(t, "f5702f86-b396-417f-82e2-4949a55d5382", reportingData.ProjectID)
-	assert.Equal(t, "test-group", reportingData.GroupName)
-	assert.Equal(t, "test-group-path", reportingData.GroupPath)
-	assert.Equal(t, "checkmarxone", reportingData.ToolName)
+	assert.Equal(t, "test-group", reportingData.GroupID)
+	assert.Equal(t, "test-group-path", reportingData.GroupName)
+	assert.Equal(t, "CheckmarxOne", reportingData.ToolName)
 	assert.Equal(t, "https://cx1.sap/projects/f5702f86-b396-417f-82e2-4949a55d5382/scans?branch=master&page=1&id=21e40b36-0dd7-48e5-9768-da1a8f36c907", reportingData.DeepLink)
 	assert.Equal(t, "Checkmarx Default", reportingData.Preset)
-	assert.Equal(t, "v1", reportingData.CheckmarxVersion)
+	assert.Equal(t, "v1", reportingData.ToolVersion)
 	assert.Equal(t, "Incremental", reportingData.ScanType)
 
-	assert.Equal(t, 10, reportingData.HighTotal)
-	assert.Equal(t, 0, reportingData.HighAudited)
-	assert.Equal(t, 4, reportingData.MediumTotal)
-	assert.Equal(t, 4, reportingData.MediumAudited)
-	assert.Equal(t, 2, reportingData.LowTotal)
-	assert.Equal(t, 2, reportingData.LowAudited)
-	assert.Equal(t, 5, reportingData.InformationTotal)
-	assert.Equal(t, 0, reportingData.InformationAudited)
-	assert.Equal(t, false, reportingData.IsLowPerQueryAudited)
-	assert.Equal(t, 2, len(*reportingData.LowPerQuery))
-	if (*reportingData.LowPerQuery)[0].QueryName == "Low_Query_Name_1" {
-		assert.Equal(t, "Low_Query_Name_1", (*reportingData.LowPerQuery)[0].QueryName)
-		assert.Equal(t, 0, (*reportingData.LowPerQuery)[0].Audited)
-		assert.Equal(t, 4, (*reportingData.LowPerQuery)[0].Total)
-		assert.Equal(t, "Low_Query_Name_2", (*reportingData.LowPerQuery)[1].QueryName)
-		assert.Equal(t, 5, (*reportingData.LowPerQuery)[1].Audited)
-		assert.Equal(t, 5, (*reportingData.LowPerQuery)[1].Total)
-	} else {
-		assert.Equal(t, "Low_Query_Name_1", (*reportingData.LowPerQuery)[1].QueryName)
-		assert.Equal(t, 0, (*reportingData.LowPerQuery)[1].Audited)
-		assert.Equal(t, 4, (*reportingData.LowPerQuery)[1].Total)
-		assert.Equal(t, "Low_Query_Name_2", (*reportingData.LowPerQuery)[0].QueryName)
-		assert.Equal(t, 5, (*reportingData.LowPerQuery)[0].Audited)
-		assert.Equal(t, 5, (*reportingData.LowPerQuery)[0].Total)
-	}
+	lowList := (*reportingData.Findings)[2].LowPerQuery
+	assert.Equal(t, 2, len(*lowList))
+	assert.Equal(t, "Low_Query_Name_1", (*lowList)[0].QueryName)
+	assert.Equal(t, 0, (*lowList)[0].Audited)
+	assert.Equal(t, 4, (*lowList)[0].Total)
+	assert.Equal(t, "Low_Query_Name_2", (*lowList)[1].QueryName)
+	assert.Equal(t, 5, (*lowList)[1].Audited)
+	assert.Equal(t, 5, (*lowList)[1].Total)
 
 	lowPerQuery = map[string]map[string]int{}
 	submap = map[string]int{}
@@ -112,28 +95,4 @@ func TestCreateJSONReport(t *testing.T) {
 	lowPerQuery["Low_Query_Name_2"] = submap
 
 	resultMap["LowPerQuery"] = lowPerQuery
-	reportingData = CreateJSONHeaderReport(&resultMap)
-	assert.Equal(t, true, reportingData.IsLowPerQueryAudited)
-
-	lowPerQuery = map[string]map[string]int{}
-	submap = map[string]int{}
-	submap["Issues"] = 200
-	submap["Confirmed"] = 3
-	submap["NotExploitable"] = 2
-	lowPerQuery["Low_Query_Name_1"] = submap
-
-	resultMap["LowPerQuery"] = lowPerQuery
-	reportingData = CreateJSONHeaderReport(&resultMap)
-	assert.Equal(t, false, reportingData.IsLowPerQueryAudited)
-
-	lowPerQuery = map[string]map[string]int{}
-	submap = map[string]int{}
-	submap["Issues"] = 200
-	submap["Confirmed"] = 5
-	submap["NotExploitable"] = 5
-	lowPerQuery["Low_Query_Name_1"] = submap
-
-	resultMap["LowPerQuery"] = lowPerQuery
-	reportingData = CreateJSONHeaderReport(&resultMap)
-	assert.Equal(t, true, reportingData.IsLowPerQueryAudited)
 }

resources/metadata/checkmarxOneExecuteScan.yaml

@@ -469,7 +469,7 @@ spec:
               - name: group_full_path_on_report_date
               - name: scan_start
               - name: scan_time
-              - name: checkmarxOne_version
+              - name: tool_version
               - name: scan_type
               - name: preset
               - name: deep_link