From b69652740aef4636da899137a2863d1d10c0dba5 Mon Sep 17 00:00:00 2001 From: TuanAnh17N Date: Wed, 27 Nov 2024 17:06:43 +0100 Subject: [PATCH] Introduce sastfinding as a new finding type --- dso/model.py | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/dso/model.py b/dso/model.py index 2fae5ec6a..1638646df 100644 --- a/dso/model.py +++ b/dso/model.py @@ -22,6 +22,20 @@ def _as_key( return separator.join(absent_indicator if arg is None else arg for arg in args) +class SastStatus(enum.StrEnum): + NO_LINTER = 'no-linter' + + +class SastSubType(enum.StrEnum): + LOCAL_LINTING = 'local-linting' + CENTRAL_LINTING = 'central-linting' + + +@dataclasses.dataclass +class MatchCondition: + component_name: str + + @dataclasses.dataclass class ScanArtifact: name: str @@ -33,6 +47,7 @@ class ScanArtifact: class Datasource: ARTEFACT_ENUMERATOR = 'artefact-enumerator' BDBA = 'bdba' + SAST_LINT_CHECK = 'sast-lint-check' CHECKMARX = 'checkmarx' CLAMAV = 'clamav' CC_UTILS = 'cc-utils' @@ -53,6 +68,11 @@ def datasource_to_datatypes(datasource: str) -> tuple[str]: Datatype.STRUCTURE_INFO, Datatype.RESCORING, ), + Datasource.SAST_LINT_CHECK: ( + Datatype.ARTEFACT_SCAN_INFO, + Datatype.SAST_FINDING, + Datatype.RESCORING, + ), Datasource.CHECKMARX: ( Datatype.CODECHECKS_AGGREGATED, ), @@ -214,6 +234,7 @@ class Datatype: LICENSE = 'finding/license' VULNERABILITY = 'finding/vulnerability' MALWARE_FINDING = 'finding/malware' + SAST_FINDING = 'finding/sast' DIKI_FINDING = 'finding/diki' CODECHECKS_AGGREGATED = 'codechecks/aggregated' OS_IDS = 'os_ids' @@ -234,6 +255,7 @@ def datatype_to_datasource(datatype: str) -> str: Datatype.DIKI_FINDING: Datasource.DIKI, Datatype.CRYPTO_ASSET: Datasource.CRYPTO, Datatype.FIPS_FINDING: Datasource.CRYPTO, + Datatype.SAST_FINDING: Datasource.SAST_LINT_CHECK, }[datatype] @@ -380,6 +402,16 @@ def key(self) -> str: return self.finding.key +@dataclasses.dataclass(frozen=True) +class SastFinding(Finding): + sast_status: SastStatus + sub_type: SastSubType + + @property + def key(self) -> str: + return _as_key(self.sast_status, self.sub_type) + + @dataclasses.dataclass(frozen=True) class DikiCheck: message: str @@ -533,6 +565,7 @@ class CustomRescoring: | RescoringLicenseFinding | MalwareFindingDetails | CryptoAsset + | SastFinding ) referenced_type: str severity: str @@ -626,6 +659,7 @@ class ArtefactMetadata: | LicenseFinding | VulnerabilityFinding | ClamAVMalwareFinding + | SastFinding | DikiFinding | CodecheckSummary | OsID @@ -652,6 +686,9 @@ def from_dict(raw: dict): ComplianceSnapshotStatuses, MetaRescoringRules, AssetTypes, + SastSubType, + SastStatus, + MatchCondition ], strict=True, ),