Separete aggregate violations by target and include target in JSON data

Update how JSON data is reported to include the target to which the problem/violation belongs. This change has two motiviations, both concerning the use case where more than one target is scanned at once. First, it avoids overriding results when two targets contain the same file. Second, it makes it possible to determine exactly which file a problem is for (without the target you may not know which project to look at). Signed-off-by: Eric Cornelissen <[email protected]>
ericcornelissen · Oct 22, 2023 · 1da7252 · 1da7252
1 parent d9d6bf2
commit 1da7252
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 22 deletions.
diff --git a/main.go b/main.go
@@ -74,7 +74,7 @@ func run() int {
 		return exitError
 	}
 
-	violations, hasError := make(map[string][]Violation), false
+	violations, hasError := make(map[string]map[string][]Violation), false
 	for i, target := range targets {
 		if len(targets) > 1 && !(*flagJson) {
 			fmt.Println("Scanning", target)
@@ -92,7 +92,11 @@ func run() int {
 
 			for file, fileViolations := range targetViolations {
 				if len(fileViolations) > 0 {
-					violations[file] = fileViolations
+					if _, ok := violations[target]; !ok {
+						violations[target] = make(map[string][]Violation)
+					}
+
+					violations[target][file] = fileViolations
 				}
 			}
 		} else {
@@ -223,33 +227,35 @@ type jsonOutput struct {
 }
 
 type jsonViolation struct {
+	Target  string `json:"target"`
 	File    string `json:"file"`
 	Job     string `json:"job"`
 	Step    string `json:"step"`
 	Problem string `json:"problem"`
 }
 
-func printJson(rawViolations map[string][]Violation) {
+func printJson(rawViolations map[string]map[string][]Violation) {
 	violations := make([]jsonViolation, 0)
-	for file, fileViolations := range rawViolations {
-		for _, fileViolation := range fileViolations {
-			violations = append(violations, jsonViolation{
-				File:    file,
-				Job:     fileViolation.jobId,
-				Step:    fileViolation.stepId,
-				Problem: fileViolation.problem,
-			})
+	for target, targetViolations := range rawViolations {
+		for file, fileViolations := range targetViolations {
+			for _, fileViolation := range fileViolations {
+				violations = append(violations, jsonViolation{
+					Target:  target,
+					File:    file,
+					Job:     fileViolation.jobId,
+					Step:    fileViolation.stepId,
+					Problem: fileViolation.problem,
+				})
+			}
 		}
 	}
 
-	b, err := json.Marshal(jsonOutput{
-		Violations: violations,
-	})
+	jsonBytes, err := json.Marshal(jsonOutput{Violations: violations})
 	if err != nil {
-		fmt.Printf("Error: %s", err)
-		return
+		fmt.Printf("Could not produce JSON output: %s", err)
+	} else {
+		fmt.Println(string(jsonBytes))
 	}
-	fmt.Println(string(b))
 }
 
 func printViolations(violations map[string][]Violation) {

diff --git a/schema.json b/schema.json
@@ -11,14 +11,17 @@
         "type": "object",
         "additionalProperties": true,
         "properties": {
+          "target": {
+            "type": "string",
+            "description": "The path to the target project that the file is a part of."
+          },
           "file": {
             "type": "string",
             "description": "The workflow or manifest file path."
           },
           "job": {
             "type": "string",
-            "description": "The name or index of a job in the workflow. Missing when the file is a manifest.",
-            "optional": true
+            "description": "The name or index of a job in the workflow. Missing when the file is a manifest."
           },
           "step": {
             "type": "string",
@@ -28,7 +31,13 @@
             "type": "string",
             "description": "The problematic substring."
           }
-        }
+        },
+        "required": [
+          "target",
+          "file",
+          "step",
+          "problem"
+        ]
       }
     }
   }

diff --git a/test/json-output.txtar b/test/json-output.txtar
@@ -1,4 +1,4 @@
-! exec ades -json .github/workflows/workflow.yml
+! exec ades -json .
 cmp stdout stdout.txt
 ! stderr .
 
@@ -16,4 +16,4 @@ jobs:
     - name: Unsafe run
       run: echo 'Hello ${{ inputs.name }}'
 -- stdout.txt --
-{"problems":[{"file":".github/workflows/workflow.yml","job":"Example unsafe job","step":"Unsafe run","problem":"${{ inputs.name }}"}]}
+{"problems":[{"target":".","file":".github/workflows/workflow.yml","job":"Example unsafe job","step":"Unsafe run","problem":"${{ inputs.name }}"}]}