Skip to content
Snippets Groups Projects
Commit 4a5a4274 authored by penenadpi's avatar penenadpi Committed by Anze Luzar
Browse files

Aggregating scan results into JSON file

Within this commit we're applying the following changes:
- ResultsSummary class for dumping individual scan results into JSON
- Utilities for writing results
parent 7db02b4d
No related branches found
No related tags found
No related merge requests found
import os
import json
class ResultsSummary:
def __init__(self):
"""
Initialize new IaC Compatibility matrix
:param matrix: dictionary of available checks for given Iac type
"""
self.outcomes = dict()
def get_check_outcome(self, check_name: str) -> str:
"""
Returns the list of available scanner check tools for given type of IaC archive
:return: list object conatining string names of checks
"""
return self.outcomes[check_name]
def set_check_outcome(self, check_name: str, outcome: bool):
"""
Returns the list of available scanner check tools for given type of IaC archive
:return: list object conatining string names of checks
"""
outcomes[check_name] = outcome
def summarize_outcome(self, check: str, outcome: str) -> bool:
"""Summarize the check result to True/False depending on the return tool output
:param check: Name of the considered check of interest
:return: Whether the check passed (True) or failed (False)
"""
if check == "tfsec":
if outcome.find("No problems detected!") > -1:
self.outcomes[check] = True
return True
else:
self.outcomes[check] = False
return False
if check == "git-leaks":
if outcome.find("No leaks found") > -1:
self.outcomes[check] = True
return True
else:
self.outcomes[check] = False
return False
if check == "tflint":
if outcome == "":
self.outcomes[check] = True
return True
else:
self.outcomes[check] = False
return False
def show_outcomes(self):
print(self.outcomes)
def dump_outcomes(self, file_name: str):
file_path = "json_dumps/" + file_name + ".json"
with open(file_path, "w") as fp:
json.dump(self.outcomes, fp)
...@@ -6,6 +6,7 @@ import iac_scan_runner.vars as env ...@@ -6,6 +6,7 @@ import iac_scan_runner.vars as env
from fastapi import UploadFile from fastapi import UploadFile
from iac_scan_runner.compatibility import Compatibility from iac_scan_runner.compatibility import Compatibility
from iac_scan_runner.results_summary import ResultsSummary
from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck
from iac_scan_runner.checks.bandit import BanditCheck from iac_scan_runner.checks.bandit import BanditCheck
...@@ -90,6 +91,7 @@ class ScanRunner: ...@@ -90,6 +91,7 @@ class ScanRunner:
} }
self.checker = Compatibility(init_dict) self.checker = Compatibility(init_dict)
self.results_summary = ResultsSummary()
self.iac_checks = { self.iac_checks = {
opera_tosca_parser.name: opera_tosca_parser, opera_tosca_parser.name: opera_tosca_parser,
...@@ -173,6 +175,7 @@ class ScanRunner: ...@@ -173,6 +175,7 @@ class ScanRunner:
print(selected_check) print(selected_check)
check_output = check.run(self.iac_dir) check_output = check.run(self.iac_dir)
print("compatible------") print("compatible------")
if scan_response_type == ScanResponseType.json: if scan_response_type == ScanResponseType.json:
scan_output[selected_check] = check_output.to_dict() scan_output[selected_check] = check_output.to_dict()
else: else:
...@@ -181,6 +184,11 @@ class ScanRunner: ...@@ -181,6 +184,11 @@ class ScanRunner:
write_string_to_file( write_string_to_file(
check.name, dir_name, scan_output[check.name]["output"] check.name, dir_name, scan_output[check.name]["output"]
) )
self.results_summary.summarize_outcome(
selected_check, scan_output[check.name]["output"]
)
self.results_summary.show_outcomes()
self.results_summary.dump_outcomes(str(ts))
else: else:
for iac_check in self.iac_checks.values(): for iac_check in self.iac_checks.values():
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment