producers

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 19, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

README

Producers

A producer is a program that parses the output of a tool and converts it into Dracon compatible file that can be used by the enricher and consumers.

Writing Producers

Producers can be written in any language that supports protobufs, we have examples in Golang and Python. They are all structured the same way:

  1. Parse program arguments:
    1. in: the raw tool results file location
    2. out: where to place the Dracon compatible output file location
  2. Parse the in file into Protobufs (LaunchToolResponse)
  3. Add metadata to Protobufs (e.g. git/source-code information)
  4. Write the protobuf bytes to the out file

Producer API

For convenience, there are helper functions in the ./producers pkg/module for Golang/Python.

The WriteDraconOut/write_dracon_out method expects a list of issues to write as the LaunchToolResponse protobuf. Your producer should parse the output of a tool results into Issue protobufs which are then passed into this method.

Documentation

Overview

Package producers provides helper functions for writing Dracon compatible producers that parse tool outputs. Subdirectories in this package have more complete example usages of this package.

Index

Examples

Constants

View Source 
const (

	// EnvDraconStartTime Start Time of Dracon Scan in RFC3339
	EnvDraconStartTime = "DRACON_SCAN_TIME"
	// EnvDraconScanID the ID of the dracon scan
	EnvDraconScanID = "DRACON_SCAN_ID"
)

Variables

View Source 
var (
	InResults string
	OutFile   string
)

Functions

func ParseFlags 

func ParseFlags() error

ParseFlags will parse the input flags for the producer and perform simple validation

Example 
if err := ParseFlags(); err != nil {
	log.Fatal(err)
}

func ParseInFileJSON 

func ParseInFileJSON(structure interface{}) error

ParseInFileJSON provides a generic method to parse a tool's JSON results into a given struct

Example 
type GoSecOut struct {
	Issues []struct {
		Severity   string `json:"severity"`
		Confidence string `json:"confidence"`
		RuleID     string `json:"rule_id"`
		Details    string `json:"details"`
		File       string `json:"file"`
		Code       string `json:"code"`
		Line       string `json:"line"`
		Column     string `json:"column"`
	} `json:"Issues"`
}
var results GoSecOut
if err := ParseInFileJSON(&results); err != nil {
	log.Fatal(err)
}

func WriteDraconOut 

func WriteDraconOut(
	toolName string,
	issues []*v1.Issue,
) error

WriteDraconOut provides a generic method to write the resulting protobuf to the output file

Example 
issues := []*v1.Issue{}
if err := WriteDraconOut(
	"gosec",
	issues,
); err != nil {
	log.Fatal(err)
}

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
types
types
types
types

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.