def _create_report(
self,
twistcli_scan_result: Dict[str, Any],
file_path: Path,
file_content: str,
docker_image_name: str,
) -> Dict[str, Any]:
vulnerabilities = [
{
"cveId": vul.get("id"),
"status": vul.get("status", "open"),
"severity": vul.get("severity"),
"packageName": vul.get("packageName"),
"packageVersion": vul.get("packageVersion"),
"link": vul.get("link"),
"cvss": vul.get("cvss"),
"vector": vul.get("vector"),
"description": vul.get("description"),
"riskFactors": vul.get("riskFactors"),
"publishedDate": vul.get("publishedDate")
or (datetime.now() - timedelta(days=vul.get("publishedDays", 0))).isoformat(),
}
for vul in twistcli_scan_result["results"][0].get("vulnerabilities") or []
]
payload = {
"dockerImageName": docker_image_name,
"dockerFilePath": removeprefix(str(file_path), os.getenv("BC_ROOT_DIR", "")),
"dockerFileContent": file_content,
"type": "Image",
"sourceId": bc_integration.repo_id,
"branch": bc_integration.repo_branch,
"sourceType": bc_integration.bc_source.name,
"vulnerabilities": vulnerabilities,
}
return payload
def _create_report(
self,
twistcli_scan_result: Dict[str, Any],
bc_platform_integration: BcPlatformIntegration,
file_path: Path,
file_content: str,
docker_image_name: str,
) -> Dict[str, Any]:
results_dict = self._get_results_dict(twistcli_scan_result)
payload = {
"dockerImageName":
docker_image_name,
"dockerFilePath":
removeprefix(str(file_path), os.getenv("BC_ROOT_DIR", "")),
"dockerFileContent":
file_content,
"type":
"Image",
"sourceId":
bc_platform_integration.repo_id,
"branch":
bc_platform_integration.repo_branch,
"sourceType":
bc_platform_integration.bc_source.name,
"vulnerabilities":
self.get_vulnerabilities_for_report(results_dict),
"packages":
self.get_packages_for_report(results_dict),
}
if bc_platform_integration.cicd_details:
payload["cicdDetails"] = bc_platform_integration.cicd_details
return payload
def _create_report(
self,
twistcli_scan_result: Dict[str, Any],
bc_platform_integration: BcPlatformIntegration,
file_path: Path,
**kwargs: Any,
) -> Dict[str, Any]:
vulnerabilities = [{
"cveId":
vul.get("id"),
"status":
vul.get("status", "open"),
"severity":
vul.get("severity"),
"packageName":
vul.get("packageName"),
"packageVersion":
vul.get("packageVersion"),
"link":
vul.get("link"),
"cvss":
vul.get("cvss"),
"vector":
vul.get("vector"),
"description":
vul.get("description"),
"riskFactors":
vul.get("riskFactors"),
"publishedDate":
vul.get("publishedDate")
or (datetime.now() -
timedelta(days=vul.get("publishedDays", 0))).isoformat(),
} for vul in twistcli_scan_result.get("vulnerabilities") or []]
payload = {
"packageName":
str(file_path.name),
"packageFilePath":
removeprefix(str(file_path), os.getenv("BC_ROOT_DIR", "")),
"type":
"Package",
"sourceId":
bc_platform_integration.repo_id,
"branch":
bc_platform_integration.repo_branch,
"sourceType":
bc_platform_integration.bc_source.name,
"vulnerabilities":
vulnerabilities,
}
return payload
def _create_report(
self,
twistcli_scan_result: Dict[str, Any],
bc_platform_integration: BcPlatformIntegration,
file_path: Path,
**kwargs: Any,
) -> Dict[str, Any]:
payload = {
"packageName": str(file_path.name),
"packageFilePath": removeprefix(str(file_path), os.getenv("BC_ROOT_DIR", "")),
"type": "Package",
"sourceId": bc_platform_integration.repo_id,
"branch": bc_platform_integration.repo_branch,
"sourceType": bc_platform_integration.bc_source.name,
"vulnerabilities": self.get_vulnerabilities_for_report(twistcli_scan_result),
"packages": self.get_packages_for_report(twistcli_scan_result),
}
if bc_platform_integration.cicd_details:
payload["cicdDetails"] = bc_platform_integration.cicd_details
return payload
def test_removeprefix(input_str: str, prefix: str, expected: str) -> None:
assert removeprefix(input_str, prefix) == expected