mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Adding stdout and verbose flags and refactor how the report is saved
This commit is contained in:
parent
103c429df5
commit
a8b633f124
2 changed files with 61 additions and 20 deletions
10
README.md
10
README.md
|
@ -302,6 +302,16 @@ file. The output format is controlled by the `-fmt` flag, and the output file is
|
||||||
$ gosec -fmt=json -out=results.json *.go
|
$ gosec -fmt=json -out=results.json *.go
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Results will be reported to stdout as well as to the provided output file by `-stdout` flag. The `-verbose` flag overrides the
|
||||||
|
output format when stdout the results while saving them in the output file
|
||||||
|
```bash
|
||||||
|
# Write output in json format to results.json as well as stdout
|
||||||
|
$ gosec -fmt=json -out=results.json -stdout *.go
|
||||||
|
|
||||||
|
# Overrides the output format to 'text' when stdout the results, while writing it to results.json
|
||||||
|
$ gosec -fmt=json -out=results.json -stdout -verbose=text *.go
|
||||||
|
```
|
||||||
|
|
||||||
**Note:** gosec generates the [generic issue import format](https://docs.sonarqube.org/latest/analysis/generic-issue/) for SonarQube, and a report has to be imported into SonarQube using `sonar.externalIssuesReportPaths=path/to/gosec-report.json`.
|
**Note:** gosec generates the [generic issue import format](https://docs.sonarqube.org/latest/analysis/generic-issue/) for SonarQube, and a report has to be imported into SonarQube using `sonar.externalIssuesReportPaths=path/to/gosec-report.json`.
|
||||||
|
|
||||||
## Development
|
## Development
|
||||||
|
|
|
@ -117,6 +117,12 @@ var (
|
||||||
// print version and quit with exit code 0
|
// print version and quit with exit code 0
|
||||||
flagVersion = flag.Bool("version", false, "Print version and quit with exit code 0")
|
flagVersion = flag.Bool("version", false, "Print version and quit with exit code 0")
|
||||||
|
|
||||||
|
// stdout the results as well as write it in the output file
|
||||||
|
flagStdOut = flag.Bool("stdout", false, "Stdout the results as well as write it in the output file")
|
||||||
|
|
||||||
|
// overrides the output format when stdout the results while saving them in the output file
|
||||||
|
flagVerbose = flag.String("verbose", "", "Overrides the output format when stdout the results while saving them in the output file.\nValid options are: json, yaml, csv, junit-xml, html, sonarqube, golint, sarif or text")
|
||||||
|
|
||||||
// exlude the folders from scan
|
// exlude the folders from scan
|
||||||
flagDirsExclude arrayFlags
|
flagDirsExclude arrayFlags
|
||||||
|
|
||||||
|
@ -187,30 +193,45 @@ func loadRules(include, exclude string) rules.RuleList {
|
||||||
return rules.Generate(filters...)
|
return rules.Generate(filters...)
|
||||||
}
|
}
|
||||||
|
|
||||||
func saveOutput(filename, format string, color bool, paths []string, issues []*gosec.Issue, metrics *gosec.Metrics, errors map[string][]gosec.Error) error {
|
func getRootPaths(paths []string) []string {
|
||||||
rootPaths := []string{}
|
rootPaths := []string{}
|
||||||
for _, path := range paths {
|
for _, path := range paths {
|
||||||
rootPath, err := gosec.RootPath(path)
|
rootPath, err := gosec.RootPath(path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to get the root path of the projects: %s", err)
|
logger.Fatal(fmt.Errorf("failed to get the root path of the projects: %s", err))
|
||||||
}
|
}
|
||||||
rootPaths = append(rootPaths, rootPath)
|
rootPaths = append(rootPaths, rootPath)
|
||||||
}
|
}
|
||||||
if filename != "" {
|
return rootPaths
|
||||||
outfile, err := os.Create(filename)
|
}
|
||||||
if err != nil {
|
|
||||||
return err
|
func getPrintedFormat(format string, verbose string) string {
|
||||||
}
|
var fileFormat = format
|
||||||
defer outfile.Close() // #nosec G307
|
if format != "" && verbose != "" {
|
||||||
err = report.CreateReport(outfile, format, color, rootPaths, issues, metrics, errors)
|
fileFormat = verbose
|
||||||
if err != nil {
|
}
|
||||||
return err
|
return fileFormat
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
err := report.CreateReport(os.Stdout, format, color, rootPaths, issues, metrics, errors)
|
func printReport(format string, color bool, rootPaths []string, issues []*gosec.Issue, metrics *gosec.Metrics, errors map[string][]gosec.Error) error {
|
||||||
if err != nil {
|
|
||||||
return err
|
err := report.CreateReport(os.Stdout, format, color, rootPaths, issues, metrics, errors)
|
||||||
}
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func saveReport(filename, format string, color bool, rootPaths []string, issues []*gosec.Issue, metrics *gosec.Metrics, errors map[string][]gosec.Error) error {
|
||||||
|
|
||||||
|
outfile, err := os.Create(filename)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer outfile.Close() // #nosec G307
|
||||||
|
err = report.CreateReport(outfile, format, color, rootPaths, issues, metrics, errors)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -291,7 +312,7 @@ func main() {
|
||||||
|
|
||||||
// Color flag is allowed for text format
|
// Color flag is allowed for text format
|
||||||
var color bool
|
var color bool
|
||||||
if *flagFormat == "text" {
|
if *flagFormat == "text" || *flagVerbose == "text" {
|
||||||
color = true
|
color = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -363,8 +384,18 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create output report
|
// Create output report
|
||||||
if err := saveOutput(*flagOutput, *flagFormat, color, flag.Args(), issues, metrics, errors); err != nil {
|
rootPaths := getRootPaths(flag.Args())
|
||||||
logger.Fatal(err)
|
|
||||||
|
if *flagOutput == "" || *flagStdOut {
|
||||||
|
var fileFormat = getPrintedFormat(*flagOutput, *flagVerbose)
|
||||||
|
if err := printReport(fileFormat, color, rootPaths, issues, metrics, errors); err != nil {
|
||||||
|
logger.Fatal((err))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if *flagOutput != "" {
|
||||||
|
if err := saveReport(*flagOutput, *flagFormat, color, rootPaths, issues, metrics, errors); err != nil {
|
||||||
|
logger.Fatal(err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Finalize logging
|
// Finalize logging
|
||||||
|
|
Loading…
Reference in a new issue