Skip to content

Commit

Permalink
snyk: added snyk stats to metadata
Browse files Browse the repository at this point in the history 
Related: https://issues.redhat.com/browse/OSH-347
Reproducer: csmock -t snyk --force -r rhel-8-x86_64 osbuild-106-1.el10+4.src.rpm

Added the stats from snyk results (snyk coverage rate, analyzed files and total of files) to the metadata file.
  • Loading branch information
@jperezdealgaba
jperezdealgaba committed Feb 20, 2024
1 parent 9befcc3 commit f2fbe35
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 1 deletion.
33 changes: 33 additions & 0 deletions py/common/snyk.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# standard imports
import json


def snyk_write_analysis_meta(results, results_file):

Check warning

Code scanning / vcs-diff-lint

snyk_write_analysis_meta: Missing function or method docstring Warning

snyk_write_analysis_meta: Missing function or method docstring
try:
with open(results_file) as snyk_results_file:

Check warning

Code scanning / vcs-diff-lint

snyk_write_analysis_meta: Using open without explicitly specifying an encoding Warning

snyk_write_analysis_meta: Using open without explicitly specifying an encoding
data = json.load(snyk_results_file)
coverage_stats = data["runs"][0]["properties"]["coverage"]
total_files = 0
supported_files = 0
for lang in coverage_stats:
total_files += lang["files"]
if lang["type"] == "SUPPORTED":
supported_files += lang["files"]

coverage_ratio = 0
if total_files > 0:
coverage_ratio = int(supported_files * 100 / total_files)

results.ini_writer.append("snyk-scanned-files-coverage", coverage_ratio)
results.ini_writer.append("snyk-scanned-files-success", supported_files)
results.ini_writer.append("snyk-scanned-files-total", total_files)

return 0

except OSError as e:
results.error(f"snyk-scan: snyk-results.sarif file not found: {e}")
return 1

except KeyError as e:
results.error(f"snyk-scan: error parsing results from snyk-results.sarif file: {e}")
return 1

Check warning

Code scanning / vcs-diff-lint

Final newline missing Warning

Final newline missing
8 changes: 7 additions & 1 deletion py/plugins/snyk.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@

import os

from csmock.common.snyk import snyk_write_analysis_meta

Check warning

Code scanning / vcs-diff-lint

Unable to import 'csmock.common.snyk' Warning

Unable to import 'csmock.common.snyk'


# default URL to download snyk binary executable
SNYK_BIN_URL = "https://static.snyk.io/cli/latest/snyk-linux"
Expand Down Expand Up @@ -204,4 +206,8 @@ def filter_hook(results):
cmd = FILTER_CMD % (src, dst)
return results.exec_cmd(cmd, shell=True)

props.post_process_hooks += [filter_hook]
def write_snyk_stats_metadata(results):
results_file = results.dbgdir_raw + SNYK_OUTPUT
return snyk_write_analysis_meta(results, results_file)

props.post_process_hooks += [write_snyk_stats_metadata, filter_hook]

0 comments on commit f2fbe35

Please sign in to comment.