fix: paths in json and sarif output

snyk · Jun 3, 2021 · 2a98fc8 · 2a98fc8
1 parent ff20c73
commit 2a98fc8
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 10 deletions.
diff --git a/src/cli/commands/test/iac-local-execution/results-formatter.ts b/src/cli/commands/test/iac-local-execution/results-formatter.ts
@@ -13,6 +13,7 @@ import { IacProjectType } from '../../../../lib/iac/constants';
 import { CustomError } from '../../../../lib/errors';
 import { extractLineNumber } from './extract-line-number';
 import { getErrorStringCode } from './error-utils';
+import { isLocalFolder } from '../../../../lib/detect';
 
 const SEVERITIES = [SEVERITY.LOW, SEVERITY.MEDIUM, SEVERITY.HIGH];
 
@@ -80,8 +81,10 @@ function formatScanResult(
     };
   });
 
-  const targetFilePath = path.resolve(scanResult.filePath, '.');
-
+  const { targetFilePath, projectName, targetFile } = computePaths(
+    scanResult.filePath,
+    options.path,
+  );
   return {
     result: {
       cloudConfigResults: filterPoliciesBySeverity(
@@ -100,8 +103,8 @@ function formatScanResult(
     dependencyCount: 0,
     licensesPolicy: null, // we do not have the concept of license policies
     ignoreSettings: null,
-    targetFile: scanResult.filePath,
-    projectName: path.basename(path.dirname(targetFilePath)),
+    targetFile,
+    projectName,
     org: meta.org,
     policy: '', // we do not have the concept of policy
     isPrivate: true,
@@ -110,6 +113,36 @@ function formatScanResult(
   };
 }
 
+function computePaths(
+  filePath: string,
+  pathArg = '.',
+): { targetFilePath: string; projectName: string; targetFile: string } {
+  const targetFilePath = path.resolve(filePath, '.');
+
+  // the absolute path is needed to compute the full project path
+  const cmdPath = path.resolve(pathArg);
+
+  let projectPath: string;
+  let targetFile: string;
+  if (!isLocalFolder(cmdPath)) {
+    // if the provided path points to a file, then the project starts at the parent folder of that file
+    // and the target file was provided as the path argument
+    projectPath = path.dirname(cmdPath);
+    targetFile = pathArg;
+  } else {
+    // otherwise, the project starts at the provided path
+    // and the target file must be the relative path from the project path to the path of the scanned file
+    projectPath = cmdPath;
+    targetFile = path.relative(projectPath, targetFilePath);
+  }
+
+  return {
+    targetFilePath,
+    projectName: path.basename(projectPath),
+    targetFile,
+  };
+}
+
 function groupMultiDocResults(
   scanResults: IacFileScanResult[],
 ): IacFileScanResult[] {

diff --git a/src/cli/commands/test/iac-local-execution/types.ts b/src/cli/commands/test/iac-local-execution/types.ts
@@ -137,6 +137,7 @@ export type IaCTestFlags = Pick<
   help?: 'help';
   q?: boolean;
   quiet?: boolean;
+  path?: string;
   // This flag is internal and is used merely to route the smoke tests of the old flow.
   // it should be removed together when the GA version completely deprecates the legacy remote processing flow.
   legacy?: boolean;

diff --git a/test/jest/acceptance/iac/file-output.spec.ts b/test/jest/acceptance/iac/file-output.spec.ts
@@ -55,7 +55,11 @@ describe('iac test --json-file-output', () => {
       expectedTargetFilePath: path.resolve(
         './test/fixtures/iac/file-output/nested-folder/sg_open_ssh.tf',
       ),
-      expectedTargetFile: 'nested-folder/sg_open_ssh.tf',
+      expectedTargetFile: path.join(
+        'nested-folder',
+        path.sep,
+        'sg_open_ssh.tf',
+      ),
       expectedProjectName: 'file-output',
       isNested: true,
     },

diff --git a/test/jest/unit/iac-unit-tests/results-formatter.fixtures.ts b/test/jest/unit/iac-unit-tests/results-formatter.fixtures.ts
@@ -38,6 +38,9 @@ const anotherPolicyStub: PolicyMetadata = {
   publicId: 'SNYK-CC-K8S-2',
 };
 
+const relativeFilePath = 'dont-care.yaml';
+const absoluteFilePath = path.resolve(relativeFilePath, '.');
+
 export function generateScanResults(): Array<IacFileScanResult> {
   return [
     {
@@ -47,7 +50,7 @@ export function generateScanResults(): Array<IacFileScanResult> {
       projectType: IacProjectType.K8S,
       engineType: EngineType.Kubernetes,
       fileContent: 'dont-care',
-      filePath: 'dont-care',
+      filePath: relativeFilePath,
       fileType: 'yaml',
     },
     {
@@ -57,7 +60,7 @@ export function generateScanResults(): Array<IacFileScanResult> {
       projectType: IacProjectType.K8S,
       engineType: EngineType.Kubernetes,
       fileContent: 'dont-care',
-      filePath: 'dont-care',
+      filePath: relativeFilePath,
       fileType: 'yaml',
     },
   ];
@@ -69,7 +72,7 @@ export const meta: TestMeta = {
   org: 'org-name',
 };
 
-function generateFormattedResults(withLineNumber: boolean = true) {
+function generateFormattedResults(withLineNumber = true) {
   return {
     result: {
       cloudConfigResults: [
@@ -95,8 +98,8 @@ function generateFormattedResults(withLineNumber: boolean = true) {
     },
     isPrivate: true,
     packageManager: IacProjectType.K8S,
-    targetFile: 'dont-care',
-    targetFilePath: path.resolve('dont-care', '.'),
+    targetFile: relativeFilePath,
+    targetFilePath: absoluteFilePath,
     vulnerabilities: [],
     dependencyCount: 0,
     ignoreSettings: null,