fix: listing of files in sass report (#1174)

fix: use single file list rather than recomputing
Bearer · Aug 3, 2023 · 7cf44b7 · 7cf44b7
1 parent ad03bd4
commit 7cf44b7
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 44 deletions.
diff --git a/new/detector/composition/testhelper/testhelper.go b/new/detector/composition/testhelper/testhelper.go
@@ -148,6 +148,7 @@ func (runner *Runner) scanSingleFile(t *testing.T, testDataPath string, fileRela
 			Path: detectorsReportPath,
 		},
 		runner.config,
+		[]files.File{fileRelativePath},
 		nil,
 	)
 

diff --git a/pkg/commands/artifact/run.go b/pkg/commands/artifact/run.go
@@ -61,9 +61,9 @@ type Runner interface {
 	// ReportPath returns the filename of the report
 	ReportPath() string
 	// Scan gathers the findings
-	Scan(ctx context.Context, opts flag.Options) (*basebranchfindings.Findings, error)
+	Scan(ctx context.Context, opts flag.Options) ([]files.File, *basebranchfindings.Findings, error)
 	// Report a writes a report
-	Report(baseBranchFindings *basebranchfindings.Findings) (bool, error)
+	Report(files []files.File, baseBranchFindings *basebranchfindings.Findings) (bool, error)
 	// Close closes runner
 	Close(ctx context.Context) error
 }
@@ -143,9 +143,9 @@ func (r *runner) Close(ctx context.Context) error {
 	return nil
 }
 
-func (r *runner) Scan(ctx context.Context, opts flag.Options) (*basebranchfindings.Findings, error) {
+func (r *runner) Scan(ctx context.Context, opts flag.Options) ([]files.File, *basebranchfindings.Findings, error) {
 	if r.reuseDetection {
-		return nil, nil
+		return nil, nil, nil
 	}
 
 	if !opts.Quiet {
@@ -154,25 +154,25 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) (*basebranchfindin
 
 	targetPath, err := filepath.Abs(opts.Target)
 	if err != nil {
-		return nil, fmt.Errorf("failed to get absolute target: %w", err)
+		return nil, nil, fmt.Errorf("failed to get absolute target: %w", err)
 	}
 
 	repository, err := gitrepository.New(ctx, r.scanSettings, targetPath, opts.DiffBaseBranch)
 	if err != nil {
-		return nil, fmt.Errorf("error opening git repository: %w", err)
+		return nil, nil, fmt.Errorf("error opening git repository: %w", err)
 	}
 
 	if err := repository.FetchBaseIfNotPresent(); err != nil {
-		return nil, fmt.Errorf("error fetching base branch: %w", err)
+		return nil, nil, fmt.Errorf("error fetching base branch: %w", err)
 	}
 
 	fileList, err := filelist.Discover(repository, targetPath, r.goclocResult, r.scanSettings)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	if len(fileList.Files) == 0 {
-		return nil, ErrFileListEmpty
+		return nil, nil, ErrFileListEmpty
 	}
 
 	orchestrator, err := orchestrator.New(
@@ -182,7 +182,7 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) (*basebranchfindin
 		len(fileList.Files),
 	)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 	defer orchestrator.Close()
 
@@ -197,7 +197,7 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) (*basebranchfindin
 		}
 
 		report := types.Report{Path: r.reportPath + ".base", Inputgocloc: r.goclocResult}
-		detections, _, err := reportoutput.GetOutput(report, r.scanSettings, nil)
+		detections, _, err := reportoutput.GetOutput(report, r.scanSettings, fileList.BaseFiles, nil)
 		if err != nil {
 			return err
 		}
@@ -210,14 +210,14 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) (*basebranchfindin
 
 		return nil
 	}); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	if err := orchestrator.Scan(r.reportPath, fileList.Files); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
-	return baseBranchFindings, nil
+	return fileList.Files, baseBranchFindings, nil
 }
 
 // Run performs artifact scanning
@@ -266,7 +266,7 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
 		}
 	}
 
-	baseBranchFindings, err := r.Scan(ctx, opts)
+	files, baseBranchFindings, err := r.Scan(ctx, opts)
 	if err != nil {
 		if errors.Is(err, ErrFileListEmpty) {
 			outputhandler.StdOutLog(err.Error())
@@ -277,7 +277,7 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
 		return fmt.Errorf("scan error: %w", err)
 	}
 
-	reportPassed, err := r.Report(baseBranchFindings)
+	reportPassed, err := r.Report(files, baseBranchFindings)
 	if err != nil {
 		return fmt.Errorf("report error: %w", err)
 	} else {
@@ -307,7 +307,10 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
 	return nil
 }
 
-func (r *runner) Report(baseBranchFindings *basebranchfindings.Findings) (bool, error) {
+func (r *runner) Report(
+	files []files.File,
+	baseBranchFindings *basebranchfindings.Findings,
+) (bool, error) {
 	startTime := time.Now()
 	cacheUsed := r.CacheUsed()
 	reportPassed := true
@@ -329,7 +332,7 @@ func (r *runner) Report(baseBranchFindings *basebranchfindings.Findings) (bool,
 		outputhandler.StdErrLog("Using cached data")
 	}
 
-	detections, dataflow, err := reportoutput.GetOutput(report, r.scanSettings, baseBranchFindings)
+	detections, dataflow, err := reportoutput.GetOutput(report, r.scanSettings, files, baseBranchFindings)
 	if err != nil {
 		return false, err
 	}

diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 
+	"github.com/bearer/bearer/pkg/commands/process/filelist/files"
 	"github.com/bearer/bearer/pkg/commands/process/settings"
 	"github.com/bearer/bearer/pkg/flag"
 	"github.com/bearer/bearer/pkg/report/basebranchfindings"
@@ -24,6 +25,7 @@ var ErrUndefinedFormat = errors.New("undefined output format")
 func GetOutput(
 	report types.Report,
 	config settings.Config,
+	files []files.File,
 	baseBranchFindings *basebranchfindings.Findings,
 ) (any, *dataflow.DataFlow, error) {
 	switch config.Report.Report {
@@ -32,14 +34,14 @@ func GetOutput(
 	case flag.ReportDataFlow:
 		return GetDataflow(report, config, false)
 	case flag.ReportSecurity:
-		return reportSecurity(report, config, baseBranchFindings)
+		return reportSecurity(report, config, files, baseBranchFindings)
 	case flag.ReportSaaS:
-		securityResults, dataflow, err := reportSecurity(report, config, baseBranchFindings)
+		securityResults, dataflow, err := reportSecurity(report, config, files, baseBranchFindings)
 		if err != nil {
 			return nil, nil, err
 		}
 
-		return saas.GetReport(config, securityResults, dataflow, report.Inputgocloc)
+		return saas.GetReport(config, securityResults, dataflow, files)
 	case flag.ReportPrivacy:
 		return getPrivacyReportOutput(report, config)
 	case flag.ReportStats:
@@ -94,6 +96,7 @@ func reportStats(report types.Report, config settings.Config) (*stats.Stats, *da
 func reportSecurity(
 	report types.Report,
 	config settings.Config,
+	files []files.File,
 	baseBranchFindings *basebranchfindings.Findings,
 ) (
 	securityResults *security.Results,
@@ -113,7 +116,7 @@ func reportSecurity(
 	}
 
 	if config.Client != nil && config.Client.Error == nil {
-		saas.SendReport(config, securityResults, report.Inputgocloc, dataflow)
+		saas.SendReport(config, securityResults, files, dataflow)
 	}
 
 	return

diff --git a/pkg/report/output/saas/saas.go b/pkg/report/output/saas/saas.go
@@ -2,7 +2,6 @@ package saas
 
 import (
 	"compress/gzip"
-	"context"
 	"fmt"
 	"os"
 	"os/exec"
@@ -11,8 +10,7 @@ import (
 	"github.com/bearer/bearer/api"
 	"github.com/bearer/bearer/api/s3"
 	"github.com/bearer/bearer/cmd/bearer/build"
-	"github.com/bearer/bearer/pkg/commands/process/filelist"
-	"github.com/bearer/bearer/pkg/commands/process/gitrepository"
+	"github.com/bearer/bearer/pkg/commands/process/filelist/files"
 	"github.com/bearer/bearer/pkg/commands/process/settings"
 	"github.com/bearer/bearer/pkg/report/output/dataflow"
 	saas "github.com/bearer/bearer/pkg/report/output/saas/types"
@@ -21,15 +19,14 @@ import (
 	util "github.com/bearer/bearer/pkg/util/output"
 	pointer "github.com/bearer/bearer/pkg/util/pointers"
 	"github.com/gitsight/go-vcsurl"
-	"github.com/hhatto/gocloc"
 	"github.com/rs/zerolog/log"
 )
 
 func GetReport(
 	config settings.Config,
 	securityResults *map[string][]security.Result,
 	dataflow *dataflow.DataFlow,
-	goclocResult *gocloc.Result,
+	files []files.File,
 ) (saas.BearerReport, *dataflow.DataFlow, error) {
 	var meta *saas.Meta
 	meta, err := getMeta(config)
@@ -39,14 +36,14 @@ func GetReport(
 		}
 	}
 
-	files := getDiscoveredFiles(config, goclocResult)
+	filenames := getDiscoveredFiles(config, files)
 
 	return saas.BearerReport{
 		Findings:   securityResults,
 		DataTypes:  dataflow.Datatypes,
 		Components: dataflow.Components,
 		Errors:     dataflow.Errors,
-		Files:      files,
+		Files:      filenames,
 		Meta:       *meta,
 		// Dependencies: dataflow.Dependencies,
 	}, dataflow, nil
@@ -99,7 +96,7 @@ func getMeta(config settings.Config) (*saas.Meta, error) {
 func SendReport(
 	config settings.Config,
 	securityResults *map[string][]security.Result,
-	goclocResult *gocloc.Result,
+	files []files.File,
 	dataflow *dataflow.DataFlow,
 ) {
 	var meta *saas.Meta
@@ -111,7 +108,7 @@ func SendReport(
 		return
 	}
 
-	tmpDir, filename, err := createBearerGzipFileReport(config, meta, securityResults, goclocResult, dataflow)
+	tmpDir, filename, err := createBearerGzipFileReport(config, meta, securityResults, files, dataflow)
 	if err != nil {
 		config.Client.Error = pointer.String("Could not compress report.")
 		log.Debug().Msgf("error creating report %s", err)
@@ -148,26 +145,21 @@ func sendReportToBearer(client *api.API, meta *saas.Meta, filename *string) erro
 	return nil
 }
 
-func getDiscoveredFiles(config settings.Config, goclocResult *gocloc.Result) []string {
-	repository, err := gitrepository.New(context.TODO(), config, config.Scan.Target, config.Scan.DiffBaseBranch)
-	if err != nil {
-		log.Debug().Msgf("failed to open git repository: %s", err)
-	}
+func getDiscoveredFiles(config settings.Config, files []files.File) []string {
+	filenames := make([]string, len(files))
 
-	fileList, _ := filelist.Discover(repository, config.Scan.Target, goclocResult, config)
-	files := []string{}
-	for _, fileDiscovered := range fileList.Files {
-		files = append(files, file.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath))
+	for i, fileDiscovered := range files {
+		filenames[i] = file.GetFullFilename(config.Scan.Target, fileDiscovered.FilePath)
 	}
 
-	return files
+	return filenames
 }
 
 func createBearerGzipFileReport(
 	config settings.Config,
 	meta *saas.Meta,
 	securityResults *security.Results,
-	goclocResult *gocloc.Result,
+	files []files.File,
 	dataflow *dataflow.DataFlow,
 ) (*string, *string, error) {
 	tempDir, err := os.MkdirTemp("", "reports")
@@ -180,13 +172,13 @@ func createBearerGzipFileReport(
 		return &tempDir, nil, err
 	}
 
-	files := getDiscoveredFiles(config, goclocResult)
+	filenames := getDiscoveredFiles(config, files)
 
 	content, _ := util.ReportJSON(&saas.BearerReport{
 		Findings:   securityResults,
 		DataTypes:  dataflow.Datatypes,
 		Components: dataflow.Components,
-		Files:      files,
+		Files:      filenames,
 		Meta:       *meta,
 	})
-Original file line number
+Diff line change
@@ Expand Up @@
     			Path: detectorsReportPath,
     		},
     		runner.config,
+    		[]files.File{fileRelativePath},
     		nil,
     	)
@@ Expand Down @@