forked from buzzcode/veracode-flaws-to-issues
-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathimporter.js
115 lines (101 loc) · 3.87 KB
/
importer.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
//
// do the work of actually importing the flaws
//
const fs = require('fs');
const core = require('@actions/core');
const processPipelineFlaws = require('./pipeline').processPipelineFlaws;
const processPolicyFlaws = require('./policy').processPolicyFlaws;
const label = require('./label');
//
// main driver to handle importing the flaws
//
async function importFlaws(options) {
const resultsFile = options.resultsFile;
const githubOwner = options.githubOwner;
const githubRepo = options.githubRepo;
const githubToken = options.githubToken;
const waitTime = parseInt(options.waitTime);
const source_base_path_1 = options.source_base_path_1;
const source_base_path_2 = options.source_base_path_2;
const source_base_path_3 = options.source_base_path_3;
const commit_hash = options.commit_hash;
const fail_build = options.fail_build;
const isPR = options.isPR
const debug = options.debug
var internal_flaw_count = 0
var flawData;
// basic sanity checking
if(resultsFile === undefined || resultsFile === null)
throw new Error('missing results file')
if(githubOwner === undefined || githubOwner === null)
throw new Error('missing github owner')
if(githubRepo === undefined || githubRepo === null)
throw new Error('missing github repo')
if(githubToken === undefined || githubToken === null)
throw new Error('missing github token')
// validate file exists, and read from it
try {
if(fs.existsSync(resultsFile)) {
console.log(`Processing file: ${resultsFile}`);
flawData = JSON.parse(fs.readFileSync(resultsFile, 'utf8'));
const flawCountFromFile = flawData.length;
if (flawCountFromFile == 0) {
throw `No flaws found in file: ${resultsFile}`;
}
} else {
throw `Unable to locate scan results file: ${resultsFile}`;
}
} catch(err) {
throw new Error(err);
}
// figure out which file type we're dealing with, pipeline or policy
let scanType = '';
if('pipeline_scan' in flawData){
scanType = 'pipeline';
console.log('This is a pipeline scan')
}
else {
scanType = 'policy';
console.log('This is a policy scan')
if('_embedded' in flawData){
console.log('Flaws found to import!')
}
else {
console.log('No flaws found to import!')
return;
throw new Error ('No flaws found to import!');
}
}
console.log(`Importing ${scanType} flaws into ${githubOwner}/${githubRepo}. ${waitTime} seconds between imports (to handle GitHub rate limiting)`);
// create the labels
await label.createLabels(options)
label.buildSeverityXref(); // TODO: cleanup, merge into label init?
// process the flaws
if(scanType == 'pipeline') {
await processPipelineFlaws(options, flawData)
.then (count => {
internal_flaw_count = count
console.log(`Done. ${count} flaws processed.`);
})
} else {
if ( debug == "true" ){
core.info('#### DEBUG START ####')
core.info('importer.js')
console.log("isPr?: "+isPR)
core.info('#### DEBUG END ####')
}
await processPolicyFlaws(options, flawData)
.then (count => {
console.log(`Done. ${count} flaws processed.`);
internal_flaw_count = count
})
}
// add break build functionality
if ( fail_build == "true" ){
if ( internal_flaw_count > 0 ){
console.log('There are Veracode flaws found that require the build to fail, please review generated GitHub issues')
core.setFailed('There are Veracode flaws found that require the build to fail, please review generated GitHub issues')
}
}
}
module.exports = { importFlaws };