Documentation
¶
Overview ¶
Package scainternal holds helpers shared by `krci sca` verbs (validation, enum sets, render/format dispatch, error-envelope plumbing). Structure mirrors `pkg/cmd/sonar/internal/`.
Index ¶
- Constants
- func BoolYesNo(b bool) string
- func ExpandSeverityFlag(raw []string) []string
- func FormatRisk(r float32) string
- func FormatVulnCounts(m *portal.SCAMetrics, isTTY bool) string
- func HandleError(ios *iostreams.IOStreams, outputFormat string, err error) error
- func InclusiveFromSet(set []string) []string
- func InclusiveSeverities(min string) []string
- func OrDash(s string) string
- func PageCount(total, pageSize int) int
- func PageFooter(noun string, total, pageIndex, pageSize int) string
- func PrintTable(w io.Writer, isTTY bool, headers []string, rows [][]string) error
- func Render[T any](ios *iostreams.IOStreams, outputFormat string, data T, ...) error
- func SeverityMatches(severity string, allowed []string) bool
- func ValidateCodebaseCommand(cmd *cobra.Command, outputFormat, codebase, branch string) error
- func ValidateCodebaseKey(codebase string) error
- func ValidateNonEmptyFlag(name string, changed bool, value string) error
- func ValidateOutputFormat(format string) error
- func ValidatePageBounds(page, pageSize int) error
- func ValidateSeverityCSV(values []string) ([]string, error)
- type TableRenderer
Constants ¶
const BranchFlagUsage = "branch name (maps to the Dep-Track project 'version' field). " +
"Defaults to the project's spec.defaultBranch. " +
"Run 'krci sca list --search=<project>' to discover all recorded versions."
BranchFlagUsage is the verbatim help text for `--branch` across every per-codebase sca verb. Spec Requirement "Codebase + Branch Addressing" mandates this exact string so users always see the same Dep-Track `version` field explanation.
const EmptyPlaceholder = "—"
EmptyPlaceholder is the unicode em-dash used in TTY output for missing values.
const FindingsServerCap = 1000
FindingsServerCap is the maximum number of rows the portal returns from the unpaginated `sca findings` endpoint. Mirrors the server-side ceiling documented in the OpenAPI spec; the help text and truncation footer must stay in sync with it.
const MaxPageSize = 500
MaxPageSize is the upper bound on `--page-size` for every paginated sca verb. Matches the OpenAPI ceiling.
const SchemaVersion = "1"
SchemaVersion is the shared JSON envelope version for every `krci sca *` verb.
const SeverityFlagUsage = "minimum severity to include (inclusive). " +
"One of: critical, high, medium, low, info. Case-insensitive. " +
"'high' returns high+critical; 'medium' returns medium+high+critical; etc. " +
"INFO includes UNASSIGNED."
SeverityFlagUsage is the verbatim help text for `--severity` across the verbs that expose it. Spec design §D4 mandates this exact string: it enumerates the allowed values and explains the inclusive semantics.
Variables ¶
This section is empty.
Functions ¶
func BoolYesNo ¶
BoolYesNo renders a bool as the lowercase "yes" / "no" used by every sca table column.
func ExpandSeverityFlag ¶
ExpandSeverityFlag is the composite helper for run functions: it validates the raw `--severity` flag values (silently ignoring the error — callers are expected to run ValidateSeverityCSV in RunE first) and returns the inclusive "min and above" expansion. nil input returns nil so the caller can skip filtering without a branch on slice length.
func FormatRisk ¶
FormatRisk renders a Dep-Track risk score, using EmptyPlaceholder for zero.
func FormatVulnCounts ¶
func FormatVulnCounts(m *portal.SCAMetrics, isTTY bool) string
FormatVulnCounts renders the C/H/M/L vulnerability counts column. When isTTY is true and there is at least one critical or high finding, the string is highlighted yellow so it visually pops in interactive listings.
func HandleError ¶
HandleError promotes portal.ErrUnauthorized to the "run krci auth login" message; translates portal.ErrUpstreamUnavailable into a user-facing "upstream unavailable (dependency-track)" hint; and — when `-o json` is selected — also writes a structured error envelope to stdout so scripting consumers can read it alongside the exit-1 signal.
func InclusiveFromSet ¶
InclusiveFromSet returns the inclusive severity set derived from an already-validated `--severity` value list. When several thresholds are supplied, it takes the least-severe one ("medium" when "critical,medium" is supplied) so the expansion pulls everything at or above medium — matching the intent of "include all of these severities plus higher ones".
func InclusiveSeverities ¶
InclusiveSeverities returns the severities that should be included when the user supplies `--severity=<min>`. The return set is "min and above": e.g. `HIGH` → `{CRITICAL, HIGH}`; `INFO` → `{CRITICAL, HIGH, MEDIUM, LOW, INFO, UNASSIGNED}`. An unknown min returns nil so callers can treat that as "no filter" (already validated upstream).
severityOrder is in descending severity (CRITICAL first); we walk from the start through `min` inclusive.
func OrDash ¶
OrDash returns s when non-empty, otherwise EmptyPlaceholder. Shared by every sca verb that renders a potentially-empty column value.
func PageCount ¶
PageCount returns the number of pages of pageSize required to hold total items. Always returns at least 1 so footers never read "page 1 of 0".
func PageFooter ¶
PageFooter formats the paging summary printed below a paginated sca table.
func PrintTable ¶
PrintTable is the shared TTY/non-TTY dispatcher for sca verbs that show a plain 2D table.
func Render ¶
func Render[T any](ios *iostreams.IOStreams, outputFormat string, data T, renderTable TableRenderer) error
Render dispatches on the `-o` flag: emit `{schemaVersion, data}` for `-o json`, invoke the TableRenderer for `-o table` (the default), or return a validation error for anything else.
func SeverityMatches ¶
SeverityMatches returns true if severity is in the allowed set. Empty allowed means "no filter" — callers expected to short-circuit before calling. Severity is normalised to upper-case so upstream casing variations don't silently drop rows (allowed is always canonical upper-case).
func ValidateCodebaseCommand ¶
ValidateCodebaseCommand runs the validator chain used by every per-codebase sca verb (get, components, findings): output format → DNS-1123 codebase → non-empty --branch (when explicitly supplied). Unlike sonar, sca never takes --pr, so there is no scope-mutex step.
func ValidateCodebaseKey ¶
ValidateCodebaseKey mirrors sonarinternal.ValidateProjectKey — codebase names by platform convention follow DNS-1123.
func ValidateNonEmptyFlag ¶
ValidateNonEmptyFlag rejects a flag that was explicitly supplied with an empty value. changed is true when the flag was set on the command line.
func ValidateOutputFormat ¶
ValidateOutputFormat rejects `-o` values other than "", "table", or "json". An empty string means "use default" (table) and is always valid.
func ValidatePageBounds ¶
ValidatePageBounds rejects out-of-range --page / --page-size values. Shared between every paginated sca verb so the ceiling is enforced uniformly.
func ValidateSeverityCSV ¶
ValidateSeverityCSV canonicalises the comma-separated / repeatable values in values to upper-case Dep-Track severities. Empty input returns nil. An unknown value returns an error listing the accepted values.
The function returns validated values in input order with duplicates collapsed — this makes the test expectations stable.
Types ¶
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package scatestutil exposes helpers shared by every `krci sca <verb>` test package — primarily a Factory stub wired to in-memory streams and a nil portal client suitable for RunE plumbing tests.
|
Package scatestutil exposes helpers shared by every `krci sca <verb>` test package — primarily a Factory stub wired to in-memory streams and a nil portal client suitable for RunE plumbing tests. |