Skip to content

Commit

Permalink
Fix influx counter for whitesource
Browse files Browse the repository at this point in the history
  • Loading branch information
@tlefaix
tlefaix committed Oct 15, 2024
1 parent bc8225c commit a0a9aac
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 3 deletions.
6 changes: 3 additions & 3 deletions cmd/whitesourceExecuteScan.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -847,9 +847,9 @@ func checkProjectSecurityViolations(config *ScanOptions, cvssSeverityLimit float
}

severeVulnerabilities, nonSevereVulnerabilities := ws.CountSecurityVulnerabilities(&alerts, cvssSeverityLimit)
influx.whitesource_data.fields.minor_vulnerabilities = nonSevereVulnerabilities
influx.whitesource_data.fields.major_vulnerabilities = severeVulnerabilities
influx.whitesource_data.fields.vulnerabilities = nonSevereVulnerabilities + severeVulnerabilities
influx.whitesource_data.fields.minor_vulnerabilities += nonSevereVulnerabilities
influx.whitesource_data.fields.major_vulnerabilities += severeVulnerabilities
influx.whitesource_data.fields.vulnerabilities += (nonSevereVulnerabilities + severeVulnerabilities)
if nonSevereVulnerabilities > 0 {
log.Entry().Warnf("WARNING: %v Open Source Software Security vulnerabilities with "+
"CVSS score below threshold %.1f detected in project %s.", nonSevereVulnerabilities,
Expand Down
9 changes: 9 additions & 0 deletions cmd/whitesourceExecuteScan_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -729,6 +729,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
assert.Equal(t, 0, severeVulnerabilities)
assert.Equal(t, 0, len(alerts))
assert.Equal(t, 0, len(assessedAlerts))
assert.Equal(t, 0, influx.whitesource_data.fields.minor_vulnerabilities)
assert.Equal(t, 0, influx.whitesource_data.fields.major_vulnerabilities)
assert.Equal(t, 0, influx.whitesource_data.fields.vulnerabilities)
})

t.Run("error - some vulnerabilities", func(t *testing.T) {
Expand All @@ -744,6 +747,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
assert.Equal(t, 1, severeVulnerabilities)
assert.Equal(t, 2, len(alerts))
assert.Equal(t, 0, len(assessedAlerts))
assert.Equal(t, 1, influx.whitesource_data.fields.minor_vulnerabilities)
assert.Equal(t, 1, influx.whitesource_data.fields.major_vulnerabilities)
assert.Equal(t, 2, influx.whitesource_data.fields.vulnerabilities)
})

t.Run("success - assessed vulnerabilities", func(t *testing.T) {
Expand All @@ -759,6 +765,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
assert.Equal(t, 0, severeVulnerabilities)
assert.Equal(t, 0, len(alerts))
assert.Equal(t, 2, len(assessedAlerts))
assert.Equal(t, 0, influx.whitesource_data.fields.minor_vulnerabilities)
assert.Equal(t, 0, influx.whitesource_data.fields.major_vulnerabilities)
assert.Equal(t, 0, influx.whitesource_data.fields.vulnerabilities)
})

t.Run("error - WhiteSource failure", func(t *testing.T) {
Expand Down

0 comments on commit a0a9aac

Please sign in to comment.