fix(fortify): minor fixes (#3946)

* fix(fortify): minor fixes
2025-02-21 19:48:53 +02:00 · 2022-08-09 15:26:07 +02:00 · 2022-08-09 15:26:07 +02:00 · bb85aa1d7a
commit bb85aa1d7a
parent b3f37650a2
5 changed files with 18 additions and 16 deletions
--- a/cmd/fortifyExecuteScan.go
+++ b/cmd/fortifyExecuteScan.go
@ -149,11 +149,11 @@ func determineArtifact(config fortifyExecuteScanOptions, utils fortifyUtils) (ve
 func runFortifyScan(ctx context.Context, config fortifyExecuteScanOptions, sys fortify.System, utils fortifyUtils, telemetryData *telemetry.CustomData, influx *fortifyExecuteScanInflux, auditStatus map[string]string) ([]piperutils.Path, error) {
 	var reports []piperutils.Path
 	log.Entry().Debugf("Running Fortify scan against SSC at %v", config.ServerURL)
-	executable_list := []string{"fortifyupdate", "sourceanalyzer"}
-	for _, exec := range executable_list {
+	executableList := []string{"fortifyupdate", "sourceanalyzer"}
+	for _, exec := range executableList {
 		_, err := execInPath(exec)
 		if err != nil {
-			return reports, fmt.Errorf("ERROR , command not found: %v. Please configure a supported docker image or install Fortify SCA on the system.", exec)
+			return reports, fmt.Errorf("Command not found: %v. Please configure a supported docker image or install Fortify SCA on the system.", exec)
 		}
 	}

@ -561,7 +561,7 @@ func getMinSpotChecksPerCategory(config fortifyExecuteScanOptions, totalCount in
 }

 func getSpotChecksMinAsPerMaximum(spotCheckMax int, spotCheckMin int) int {
-	if spotCheckMax == 0 {
+	if spotCheckMax < 1 {
 		return spotCheckMin
 	}

@ -1118,9 +1118,9 @@ func determinePullRequestMergeGithub(ctx context.Context, config fortifyExecuteS
 			author = prList[0].GetUser().GetLogin()
 		}
 		return number, author, nil
-	} else {
-		log.Entry().Infof("Unable to resolve PR via commit ID: %v", config.CommitID)
 	}
+
+	log.Entry().Infof("Unable to resolve PR via commit ID: %v", config.CommitID)
 	return number, author, err
 }

--- a/cmd/fortifyExecuteScan_generated.go
+++ b/cmd/fortifyExecuteScan_generated.go
@ -66,7 +66,7 @@ type fortifyExecuteScanOptions struct {
 	DeltaMinutes                    int      `json:"deltaMinutes,omitempty"`
 	SpotCheckMinimum                int      `json:"spotCheckMinimum,omitempty"`
 	SpotCheckMinimumUnit            string   `json:"spotCheckMinimumUnit,omitempty" validate:"possible-values=number percentage"`
-	SpotCheckMaximum                int      `json:"SpotCheckMaximum,omitempty"`
+	SpotCheckMaximum                int      `json:"spotCheckMaximum,omitempty"`
 	FprDownloadEndpoint             string   `json:"fprDownloadEndpoint,omitempty"`
 	VersioningModel                 string   `json:"versioningModel,omitempty" validate:"possible-values=major major-minor semantic full"`
 	PythonInstallCommand            string   `json:"pythonInstallCommand,omitempty"`
@ -347,7 +347,7 @@ func addFortifyExecuteScanFlags(cmd *cobra.Command, stepConfig *fortifyExecuteSc
 	cmd.Flags().IntVar(&stepConfig.DeltaMinutes, "deltaMinutes", 5, "The number of minutes for which an uploaded FPR artifact is considered to be recent and healthy, if exceeded an error will be thrown")
 	cmd.Flags().IntVar(&stepConfig.SpotCheckMinimum, "spotCheckMinimum", 1, "The minimum number/percentage of issues that must be audited per category in the `Spot Checks of each Category` folder to avoid an error being thrown")
 	cmd.Flags().StringVar(&stepConfig.SpotCheckMinimumUnit, "spotCheckMinimumUnit", `number`, "The unit for the spotCheckMinimum to apply.")
-	cmd.Flags().IntVar(&stepConfig.SpotCheckMaximum, "SpotCheckMaximum", 0, "The maximum number of issues that must be audited per category in the `Spot Checks of each Category` folder to avoid an error being thrown. Note that this flag depends on the result of spotCheckMinimum. For example if spotCheckMinimum percentage value exceeds spotCheckMaximum then spotCheckMaximum will be considerd else spotCheckMinimum is considered. If zero, this flag will be ignored.")
+	cmd.Flags().IntVar(&stepConfig.SpotCheckMaximum, "spotCheckMaximum", 0, "The maximum number of issues that must be audited per category in the `Spot Checks of each Category` folder to avoid an error being thrown. Note that this flag depends on the result of spotCheckMinimum. For example if spotCheckMinimum percentage value exceeds spotCheckMaximum then spotCheckMaximum will be considerd else spotCheckMinimum is considered. If value is less than one, this flag will be ignored.")
 	cmd.Flags().StringVar(&stepConfig.FprDownloadEndpoint, "fprDownloadEndpoint", `/download/currentStateFprDownload.html`, "Fortify SSC endpoint for FPR downloads")
 	cmd.Flags().StringVar(&stepConfig.VersioningModel, "versioningModel", `major`, "The default project versioning model used for creating the version based on the build descriptor version to report results in SSC, can be one of `'major'`, `'major-minor'`, `'semantic'`, `'full'`")
 	cmd.Flags().StringVar(&stepConfig.PythonInstallCommand, "pythonInstallCommand", `{{.Pip}} install --user .`, "Additional install command that can be run when `buildTool: 'pip'` is used which allows further customizing the execution environment of the scan")
@ -856,7 +856,7 @@ func fortifyExecuteScanMetadata() config.StepData {
 						Default:     `number`,
 					},
 					{
-						Name:        "SpotCheckMaximum",
+						Name:        "spotCheckMaximum",
 						ResourceRef: []config.ResourceReference{},
 						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:        "int",
--- a/cmd/fortifyExecuteScan_test.go
+++ b/cmd/fortifyExecuteScan_test.go
@ -77,13 +77,13 @@ func mockExecinPath(exec string) (string, error) {

 func failMockExecinPathfortifyupdate(exec string) (string, error) {
 	if exec == "fortifyupdate" {
-		return "", errors.New("ERROR , command not found: fortifyupdate. Please configure a supported docker image or install Fortify SCA on the system.")
+		return "", errors.New("Command not found: fortifyupdate. Please configure a supported docker image or install Fortify SCA on the system.")
 	}
 	return "/fortifyupdate", nil
 }
 func failMockExecinPathsourceanalyzer(exec string) (string, error) {
 	if exec == "sourceanalyzer" {
-		return "", errors.New("ERROR , command not found: sourceanalyzer. Please configure a supported docker image or install Fortify SCA on the system.")
+		return "", errors.New("Command not found: sourceanalyzer. Please configure a supported docker image or install Fortify SCA on the system.")
 	}
 	return "/sourceanalyzer", nil
 }
@ -464,7 +464,7 @@ func TestFailFortifyexecinPath(t *testing.T) {
 		execInPath = failMockExecinPathfortifyupdate
 		config := fortifyExecuteScanOptions{SpotCheckMinimum: 4, MustAuditIssueGroups: "Audit All, Corporate Security Requirements", SpotAuditIssueGroups: "Spot Checks of Each Category"}
 		_, err := runFortifyScan(ctx, config, &ff, &utils, nil, &influx, auditStatus)
-		assert.EqualError(t, err, "ERROR , command not found: fortifyupdate. Please configure a supported docker image or install Fortify SCA on the system.")
+		assert.EqualError(t, err, "Command not found: fortifyupdate. Please configure a supported docker image or install Fortify SCA on the system.")

 	})
 	t.Run("Testing if sourceanalyzer in $PATH or not", func(t *testing.T) {
@ -476,7 +476,7 @@ func TestFailFortifyexecinPath(t *testing.T) {
 		execInPath = failMockExecinPathsourceanalyzer
 		config := fortifyExecuteScanOptions{SpotCheckMinimum: 4, MustAuditIssueGroups: "Audit All, Corporate Security Requirements", SpotAuditIssueGroups: "Spot Checks of Each Category"}
 		_, err := runFortifyScan(ctx, config, &ff, &utils, nil, &influx, auditStatus)
-		assert.EqualError(t, err, "ERROR , command not found: sourceanalyzer. Please configure a supported docker image or install Fortify SCA on the system.")
+		assert.EqualError(t, err, "Command not found: sourceanalyzer. Please configure a supported docker image or install Fortify SCA on the system.")

 	})
 }
@ -747,6 +747,8 @@ func TestGetMinSpotChecksPerCategory(t *testing.T) {
 	testExpectedGetMinSpotChecksPerCategory("percentage", 10, 10, 100, 10)
 	testExpectedGetMinSpotChecksPerCategory("percentage", 10, 10, 200, 10)
 	testExpectedGetMinSpotChecksPerCategory("percentage", 10, 50, 10, 5)
+	testExpectedGetMinSpotChecksPerCategory("percentage", 0, 50, 100, 50)
+	testExpectedGetMinSpotChecksPerCategory("percentage", -10, 50, 100, 50)

 	testExpectedGetMinSpotChecksPerCategory("number", 0, 1, 10, 1)
 	testExpectedGetMinSpotChecksPerCategory("number", 5, 10, 100, 5)
--- a/pkg/fortify/reporting.go
+++ b/pkg/fortify/reporting.go
@ -43,7 +43,7 @@ type FortifyReportData struct {
 }

 type SpotChecksAuditCount struct {
-	Audited int    `json:"spotChecksCategories"`
+	Audited int    `json:"audited"`
 	Total   int    `json:"total"`
 	Type    string `json:"type"`
 }
--- a/resources/metadata/fortifyExecuteScan.yaml
+++ b/resources/metadata/fortifyExecuteScan.yaml
@ -509,7 +509,7 @@ spec:
        possibleValues:
          - number
          - percentage
-      - name: SpotCheckMaximum
+      - name: spotCheckMaximum
        type: int
        description:
          "The maximum number of issues that must be audited per category in the `Spot Checks of each
@ -517,7 +517,7 @@ spec:
          Note that this flag depends on the result of spotCheckMinimum.
          For example if spotCheckMinimum percentage value exceeds spotCheckMaximum then
          spotCheckMaximum will be considerd else spotCheckMinimum is considered.
-          If zero, this flag will be ignored."
+          If value is less than one, this flag will be ignored."
        scope:
          - PARAMETERS
          - STAGES