From 73dd4574273556fb5d3b27212bc2678b3677ecf8 Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 11:12:23 +0100 Subject: [PATCH 1/6] Add scan metadata to findings in parser-wrapper.js Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/parser-wrapper.js | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index 50a789e305..0077f720f3 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -129,8 +129,19 @@ async function extractParseDefinition(scan) { } } - - +function addScanMetadata(findings, scan) { + const scanMetadata = { + created_at: scan.metadata.creationTimestamp, + name: scan.metadata.name, + namespace: scan.metadata.namespace, + scan_type: scan.spec.scanType, + }; + + return findings.map((finding) => ({ + ...finding, + scan: scanMetadata, + })); +} async function main() { console.log("Starting Parser"); @@ -162,11 +173,13 @@ async function main() { console.log("Adding UUIDs and Dates to the findings"); const findingsWithIdsAndDates = addIdsAndDates(findings); + console.log("Adding scan metadata to the findings"); + const findingsWithMetadata = addScanMetadata(findingsWithIdsAndDates, scan); const crash_on_failed_validation = process.env["CRASH_ON_FAILED_VALIDATION"] === "true" console.log("Validating Findings. Environment variable CRASH_ON_FAILED_VALIDATION is set to %s", crash_on_failed_validation); try { - await validate(findingsWithIdsAndDates); + await validate(findingsWithMetadata); console.log("The Findings were successfully validated") } catch (error) { console.error("The Findings Validation failed with error(s):"); @@ -182,7 +195,7 @@ async function main() { await uploadResultToFileStorageService( resultUploadUrl, - findingsWithIdsAndDates + findingsWithMetadata ); console.log(`Completed parser`); From 7da49c952077535dda1880ba75ba8fa5c8040ea5 Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 11:34:03 +0100 Subject: [PATCH 2/6] Add scan metadata to findings schema Did not set scan to required, since the unit tests can not generate Scan Metadata Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/findings-schema.json | 29 ++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/parser-sdk/nodejs/findings-schema.json b/parser-sdk/nodejs/findings-schema.json index 27860b6237..eae75ca33b 100644 --- a/parser-sdk/nodejs/findings-schema.json +++ b/parser-sdk/nodejs/findings-schema.json @@ -78,6 +78,35 @@ "description": "Full URL with protocol, port, and path if existing.", "type": "string", "nullable": true + }, + "scan": { + "description": "Contains information about the scan that identified the finding. This will always be present", + "type": "object", + "properties": { + "created_at": { + "description": "Date-Time when the scan was created according to ISO8601", + "type": "string", + "format": "date-time" + }, + "name": { + "description": "Name of the scan.", + "type": "string" + }, + "namespace": { + "description": "Namespace in which the scan was run.", + "type": "string" + }, + "scan_type": { + "description": "Type of the scan.", + "type": "string" + } + }, + "required": [ + "created_at", + "name", + "namespace", + "scan_type" + ] } }, "required": [ From 92a0c7312ef923c07f16a1a07fbd9c6dd6cdfc86 Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 13:59:55 +0100 Subject: [PATCH 3/6] Add sample scan metadata for use in tests Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/parser-utils.js | 27 ++++++++++++++++++++++++++- parser-sdk/nodejs/parser-wrapper.js | 14 -------------- 2 files changed, 26 insertions(+), 15 deletions(-) diff --git a/parser-sdk/nodejs/parser-utils.js b/parser-sdk/nodejs/parser-utils.js index 6fd601de41..a02f71222a 100644 --- a/parser-sdk/nodejs/parser-utils.js +++ b/parser-sdk/nodejs/parser-utils.js @@ -21,6 +21,20 @@ function addIdsAndDates(findings) { }); } +function addScanMetadata(findings, scan) { + const scanMetadata = { + created_at: scan.metadata.creationTimestamp, + name: scan.metadata.name, + namespace: scan.metadata.namespace, + scan_type: scan.spec.scanType, + }; + + return findings.map((finding) => ({ + ...finding, + scan: scanMetadata, + })); +} + async function validateAgainstJsonSchema(jsonData) { const jsonSchemaString = await readFile( __dirname + "/findings-schema.json", @@ -36,8 +50,18 @@ async function validateAgainstJsonSchema(jsonData) { } async function addSampleIdsAndDatesAndValidate(jsonData) { + const sampleScan = { + metadata: { + creationTimestamp: new Date().toISOString(), + name: "sample-scan-name", + namespace: "sample-namespace", + }, + spec: { + scanType: "sample-scan-type", + }, + } // add sample IDs and Dates only if the jsonData Array is not empty - const extendedData = addIdsAndDates(jsonData); + const extendedData = addScanMetadata(addIdsAndDates(jsonData),sampleScan); return validateAgainstJsonSchema(extendedData); } @@ -52,5 +76,6 @@ function generateErrorMessage(errors, jsonData) { } module.exports.addIdsAndDates = addIdsAndDates; +module.exports.addScanMetadata = addScanMetadata; module.exports.validate = validateAgainstJsonSchema; module.exports.validateParser = addSampleIdsAndDatesAndValidate; diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index 0077f720f3..cae1c8a33b 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -129,20 +129,6 @@ async function extractParseDefinition(scan) { } } -function addScanMetadata(findings, scan) { - const scanMetadata = { - created_at: scan.metadata.creationTimestamp, - name: scan.metadata.name, - namespace: scan.metadata.namespace, - scan_type: scan.spec.scanType, - }; - - return findings.map((finding) => ({ - ...finding, - scan: scanMetadata, - })); -} - async function main() { console.log("Starting Parser"); let scan = await extractScan(); From cd8dd1469ffe592a52255c5d3ff0ff81c3e39d50 Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 14:00:08 +0100 Subject: [PATCH 4/6] make scan field required to findings schema Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/findings-schema.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/parser-sdk/nodejs/findings-schema.json b/parser-sdk/nodejs/findings-schema.json index eae75ca33b..4c4b6ff5fc 100644 --- a/parser-sdk/nodejs/findings-schema.json +++ b/parser-sdk/nodejs/findings-schema.json @@ -114,7 +114,8 @@ "parsed_at", "severity", "category", - "name" + "name", + "scan" ] } } From 339f39d80361eea9264b0097d0265e4fd59451ed Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 14:02:18 +0100 Subject: [PATCH 5/6] Rename 'jsonData' to 'findings' parameter instead it is more descriptive of the variable Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/parser-utils.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/parser-sdk/nodejs/parser-utils.js b/parser-sdk/nodejs/parser-utils.js index a02f71222a..655b436fe3 100644 --- a/parser-sdk/nodejs/parser-utils.js +++ b/parser-sdk/nodejs/parser-utils.js @@ -35,21 +35,21 @@ function addScanMetadata(findings, scan) { })); } -async function validateAgainstJsonSchema(jsonData) { +async function validateAgainstJsonSchema(findings) { const jsonSchemaString = await readFile( __dirname + "/findings-schema.json", "utf8" ); const jsonSchema = JSON.parse(jsonSchemaString); const validator = ajv.compile(jsonSchema); - const valid = validator(jsonData); + const valid = validator(findings); if (!valid) { - const errorMessage = generateErrorMessage(validator.errors, jsonData); + const errorMessage = generateErrorMessage(validator.errors, findings); throw new Error(errorMessage); } } -async function addSampleIdsAndDatesAndValidate(jsonData) { +async function addSampleIdsAndDatesAndValidate(findings) { const sampleScan = { metadata: { creationTimestamp: new Date().toISOString(), @@ -60,16 +60,16 @@ async function addSampleIdsAndDatesAndValidate(jsonData) { scanType: "sample-scan-type", }, } - // add sample IDs and Dates only if the jsonData Array is not empty - const extendedData = addScanMetadata(addIdsAndDates(jsonData),sampleScan); + // add sample IDs and Dates only if the findings Array is not empty + const extendedData = addScanMetadata(addIdsAndDates(findings),sampleScan); return validateAgainstJsonSchema(extendedData); } -function generateErrorMessage(errors, jsonData) { +function generateErrorMessage(errors, findings) { errors = errors.map((error) => { return { ...error, - invalidValue: jsonpointer.get(jsonData, error.instancePath), + invalidValue: jsonpointer.get(findings, error.instancePath), }; }); return JSON.stringify(errors, null, 2); From c26fa482bb708e6e002bd9ac16cff2fb05a8d201 Mon Sep 17 00:00:00 2001 From: Ilyes Ben Dlala Date: Tue, 18 Feb 2025 14:42:44 +0100 Subject: [PATCH 6/6] Add missing exporting of addScanMetadata function to parser-utils Signed-off-by: Ilyes Ben Dlala --- parser-sdk/nodejs/parser-wrapper.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index cae1c8a33b..7f645dc30b 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -4,7 +4,7 @@ const axios = require("axios"); const { parse } = require("./parser/parser"); -const { validate, addIdsAndDates } = require("./parser-utils"); +const { validate, addIdsAndDates, addScanMetadata } = require("./parser-utils"); const k8s = require("@kubernetes/client-node"); const kc = new k8s.KubeConfig(); @@ -190,3 +190,4 @@ async function main() { main(); module.exports.addIdsAndDates = addIdsAndDates; +module.exports.addScanMetadata = addScanMetadata;