diff --git a/src/iac_scan_runner/results_summary.py b/src/iac_scan_runner/results_summary.py new file mode 100644 index 0000000000000000000000000000000000000000..d13657253caf0012f3cead0ae5167422a88cccdd --- /dev/null +++ b/src/iac_scan_runner/results_summary.py @@ -0,0 +1,63 @@ +import os +import json + + +class ResultsSummary: + def __init__(self): + """ + Initialize new IaC Compatibility matrix + :param matrix: dictionary of available checks for given Iac type + """ + self.outcomes = dict() + + def get_check_outcome(self, check_name: str) -> str: + """ + Returns the list of available scanner check tools for given type of IaC archive + :return: list object conatining string names of checks + """ + return self.outcomes[check_name] + + def set_check_outcome(self, check_name: str, outcome: bool): + """ + Returns the list of available scanner check tools for given type of IaC archive + :return: list object conatining string names of checks + """ + outcomes[check_name] = outcome + + def summarize_outcome(self, check: str, outcome: str) -> bool: + """Summarize the check result to True/False depending on the return tool output + :param check: Name of the considered check of interest + :return: Whether the check passed (True) or failed (False) + """ + if check == "tfsec": + if outcome.find("No problems detected!") > -1: + self.outcomes[check] = True + return True + else: + self.outcomes[check] = False + return False + + if check == "git-leaks": + if outcome.find("No leaks found") > -1: + self.outcomes[check] = True + return True + else: + self.outcomes[check] = False + return False + + if check == "tflint": + if outcome == "": + self.outcomes[check] = True + return True + else: + self.outcomes[check] = False + return False + + def show_outcomes(self): + print(self.outcomes) + + def dump_outcomes(self, file_name: str): + file_path = "json_dumps/" + file_name + ".json" + + with open(file_path, "w") as fp: + json.dump(self.outcomes, fp) diff --git a/src/iac_scan_runner/scan_runner.py b/src/iac_scan_runner/scan_runner.py index 8bce7f7a11ba53c9ffd846c2a6c94086127a5f0d..0400571665a6d40e6efd76728a59dc55962b5c49 100644 --- a/src/iac_scan_runner/scan_runner.py +++ b/src/iac_scan_runner/scan_runner.py @@ -6,6 +6,7 @@ import iac_scan_runner.vars as env from fastapi import UploadFile from iac_scan_runner.compatibility import Compatibility +from iac_scan_runner.results_summary import ResultsSummary from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck from iac_scan_runner.checks.bandit import BanditCheck @@ -90,6 +91,7 @@ class ScanRunner: } self.checker = Compatibility(init_dict) + self.results_summary = ResultsSummary() self.iac_checks = { opera_tosca_parser.name: opera_tosca_parser, @@ -173,6 +175,7 @@ class ScanRunner: print(selected_check) check_output = check.run(self.iac_dir) print("compatible------") + if scan_response_type == ScanResponseType.json: scan_output[selected_check] = check_output.to_dict() else: @@ -181,6 +184,11 @@ class ScanRunner: write_string_to_file( check.name, dir_name, scan_output[check.name]["output"] ) + self.results_summary.summarize_outcome( + selected_check, scan_output[check.name]["output"] + ) + self.results_summary.show_outcomes() + self.results_summary.dump_outcomes(str(ts)) else: for iac_check in self.iac_checks.values():