From 356cb16d772c6c2abe6236fef85219e88a2a8746 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 5 Feb 2024 20:55:47 -0700 Subject: [PATCH] Initial commit of AI rendering scaffold --- .vscode/settings.json | 1 + cmd/root.go | 2 +- cmd/scan.go | 3 ++- go.mod | 14 +++++------ go.sum | 37 +++++++++++------------------ models/structs.go | 5 ++-- providers/ossindex/OSSIndex.go | 8 +++---- providers/ossindex/OSSIndex_test.go | 12 +++++----- providers/snyk/client.go | 2 +- providers/snyk/snyk.go | 10 ++++---- providers/snyk/snyk_test.go | 12 +++++----- renderers/ai/ai.go | 18 ++++++++++++++ renderers/ai/ai_test.go | 20 ++++++++++++++++ renderers/rendererfactory.go | 3 +++ renderers/rendererfactory_test.go | 6 ++++- 15 files changed, 96 insertions(+), 57 deletions(-) create mode 100644 renderers/ai/ai.go create mode 100644 renderers/ai/ai_test.go diff --git a/.vscode/settings.json b/.vscode/settings.json index 9378eb2..ba5cb13 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -33,6 +33,7 @@ "kirinlabs", "kisielk", "novulns", + "openai", "OSSINDEX", "packageurl", "Packagist", diff --git a/cmd/root.go b/cmd/root.go index af83919..657fbb4 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -59,5 +59,5 @@ func Execute() { func init() { rootCmd.PersistentFlags().BoolVar(&debug, "debug", false, "displays debug level log messages.") - rootCmd.PersistentFlags().StringVar(&output, "output", "stdout", "how bomber should output findings (json, html, stdout)") + rootCmd.PersistentFlags().StringVar(&output, "output", "stdout", "how bomber should output findings (json, html, ai, stdout)") } diff --git a/cmd/scan.go b/cmd/scan.go index 5a00fa0..0536664 100644 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -55,7 +55,8 @@ var ( func init() { rootCmd.AddCommand(scanCmd) scanCmd.PersistentFlags().StringVar(&scanner.Credentials.Username, "username", "", "the user name for the provider being used.") - scanCmd.PersistentFlags().StringVar(&scanner.Credentials.Token, "token", "", "the API token for the provider being used.") + scanCmd.PersistentFlags().StringVar(&scanner.Credentials.ProviderToken, "token", "", "the API token for the provider being used.") + scanCmd.PersistentFlags().StringVar(&scanner.Credentials.OpenAIToken, "openai-token", "", "an OpenAI API token used for generating AI output.") scanCmd.PersistentFlags().StringVar(&scanner.ProviderName, "provider", "osv", "the vulnerability provider (ossindex, osv).") scanCmd.PersistentFlags().StringVar(&scanner.IgnoreFile, "ignore-file", "", "an optional file containing CVEs to ignore when rendering output.") scanCmd.PersistentFlags().StringVar(&scanner.Severity, "severity", "", "anything equal to or above this severity will be returned with non-zero error code.") diff --git a/go.mod b/go.mod index 581ad4a..7f7d450 100644 --- a/go.mod +++ b/go.mod @@ -5,12 +5,12 @@ go 1.21 toolchain go1.21.3 require ( - github.com/CycloneDX/cyclonedx-go v0.7.2 + github.com/CycloneDX/cyclonedx-go v0.8.0 github.com/briandowns/spinner v1.23.0 github.com/devops-kung-fu/common v0.2.6 github.com/gookit/color v1.5.4 github.com/jarcoal/httpmock v1.3.0 - github.com/jedib0t/go-pretty/v6 v6.4.9 + github.com/jedib0t/go-pretty/v6 v6.5.4 github.com/kirinlabs/HttpRequest v1.1.1 github.com/microcosm-cc/bluemonday v1.0.26 github.com/package-url/packageurl-go v0.1.2 @@ -24,25 +24,25 @@ require ( github.com/kr/pretty v0.3.0 // indirect github.com/rogpeppe/go-internal v1.8.0 // indirect golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b // indirect - golang.org/x/term v0.15.0 // indirect + golang.org/x/term v0.16.0 // indirect ) require ( github.com/aymerick/douceur v0.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.16.0 // indirect - github.com/gomarkdown/markdown v0.0.0-20231115200524-a660076da3fd + github.com/gomarkdown/markdown v0.0.0-20231222211730-1d6d20845b47 github.com/gorilla/css v1.0.1 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/rivo/uniseg v0.4.4 // indirect + github.com/rivo/uniseg v0.4.6 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect - golang.org/x/net v0.19.0 // indirect - golang.org/x/sys v0.15.0 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/sys v0.16.0 // indirect golang.org/x/text v0.14.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 7ef343e..06c51d9 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/CycloneDX/cyclonedx-go v0.7.2 h1:kKQ0t1dPOlugSIYVOMiMtFqeXI2wp/f5DBIdfux8gnQ= -github.com/CycloneDX/cyclonedx-go v0.7.2/go.mod h1:K2bA+324+Og0X84fA8HhN2X066K7Bxz4rpMQ4ZhjtSk= +github.com/CycloneDX/cyclonedx-go v0.8.0 h1:FyWVj6x6hoJrui5uRQdYZcSievw3Z32Z88uYzG/0D6M= +github.com/CycloneDX/cyclonedx-go v0.8.0/go.mod h1:K2bA+324+Og0X84fA8HhN2X066K7Bxz4rpMQ4ZhjtSk= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= @@ -8,15 +8,14 @@ github.com/briandowns/spinner v1.23.0 h1:alDF2guRWqa/FOZZYWjlMIx2L6H0wyewPxo/CH4 github.com/briandowns/spinner v1.23.0/go.mod h1:rPG4gmXeN3wQV/TsAY4w8lPdIM6RX3yqeBQJSrbXjuE= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/devops-kung-fu/common v0.2.6 h1:HNL9suXELXHiSg7Ze0VinNkbngrBjovKYWPOckuarKc= github.com/devops-kung-fu/common v0.2.6/go.mod h1:ZLp6W5ewDWxmx45KF/Oj3IfJ3EhRALBkcfqLQnz23OU= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= -github.com/gomarkdown/markdown v0.0.0-20231115200524-a660076da3fd h1:PppHBegd3uPZ3Y/Iax/2mlCFJm1w4Qf/zP1MdW4ju2o= -github.com/gomarkdown/markdown v0.0.0-20231115200524-a660076da3fd/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= +github.com/gomarkdown/markdown v0.0.0-20231222211730-1d6d20845b47 h1:k4Tw0nt6lwro3Uin8eqoET7MDA4JnT8YgbCjc/g5E3k= +github.com/gomarkdown/markdown v0.0.0-20231222211730-1d6d20845b47/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w= github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8= @@ -25,8 +24,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jarcoal/httpmock v1.3.0 h1:2RJ8GP0IIaWwcC9Fp2BmVi8Kog3v2Hn7VXM3fTd+nuc= github.com/jarcoal/httpmock v1.3.0/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/jedib0t/go-pretty/v6 v6.4.9 h1:vZ6bjGg2eBSrJn365qlxGcaWu09Id+LHtrfDWlB2Usc= -github.com/jedib0t/go-pretty/v6 v6.4.9/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= +github.com/jedib0t/go-pretty/v6 v6.5.4 h1:gOGo0613MoqUcf0xCj+h/V3sHDaZasfv152G6/5l91s= +github.com/jedib0t/go-pretty/v6 v6.5.4/go.mod h1:5LQIxa52oJ/DlDSLv0HEkWOFMDGoWkJb9ss5KqPpJBg= github.com/kirinlabs/HttpRequest v1.1.1 h1:eBbFzpRd/Y7vQhRY30frHK3yAJiT1wDlB31Ryzyklc0= github.com/kirinlabs/HttpRequest v1.1.1/go.mod h1:XV38fA4rXZox83tlEV9KIQ7Cdsut319x6NGzVLuRlB8= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= @@ -42,7 +41,6 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= @@ -52,14 +50,13 @@ github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02C github.com/package-url/packageurl-go v0.1.2 h1:0H2DQt6DHd/NeRlVwW4EZ4oEI6Bn40XlNPRqegcxuo4= github.com/package-url/packageurl-go v0.1.2/go.mod h1:uQd4a7Rh3ZsVg5j0lNyAfyxIeGde9yrlhjF78GzeW0c= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/profile v1.6.0/go.mod h1:qBsxPvzyUincmltOk6iyRVxHYg4adc0OFOv72ZdLa18= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/remeh/sizedwaitgroup v1.0.0 h1:VNGGFwNo/R5+MJBf6yrsr110p0m4/OX4S3DCy7Kyl5E= github.com/remeh/sizedwaitgroup v1.0.0/go.mod h1:3j2R4OIe/SeS6YDhICBy22RWjJC5eNCJ1V+9+NVNYlo= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rivo/uniseg v0.4.6 h1:Sovz9sDSwbOz9tgUy8JpT+KgCkPYJEN/oYzlJiYTNLg= +github.com/rivo/uniseg v0.4.6/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= @@ -70,10 +67,6 @@ github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo= @@ -88,15 +81,14 @@ github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavM github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b h1:EqBVA+nNsObCwQoBEHy4wLU0pi7i8a4AL3pbItPdPkE= golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= +golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -104,6 +96,5 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/models/structs.go b/models/structs.go index ab68319..6418618 100644 --- a/models/structs.go +++ b/models/structs.go @@ -65,8 +65,9 @@ type ScannedFile struct { // Credentials the user credentials used by a provider to authenticate to an API type Credentials struct { - Username string - Token string + Username string + ProviderToken string + OpenAIToken string } // NewResults defines the high level output of bomber diff --git a/providers/ossindex/OSSIndex.go b/providers/ossindex/OSSIndex.go index d3c3067..cb494b3 100644 --- a/providers/ossindex/OSSIndex.go +++ b/providers/ossindex/OSSIndex.go @@ -44,7 +44,7 @@ func (Provider) Scan(purls []string, credentials *models.Credentials) (packages var coordinates CoordinateRequest coordinates.Coordinates = append(coordinates.Coordinates, p...) req := HttpRequest.NewRequest() - req.SetBasicAuth(credentials.Username, credentials.Token) + req.SetBasicAuth(credentials.Username, credentials.ProviderToken) resp, _ := req.JSON().Post(ossindexURL, coordinates) defer func() { @@ -85,11 +85,11 @@ func validateCredentials(credentials *models.Credentials) (err error) { credentials.Username = os.Getenv("BOMBER_PROVIDER_USERNAME") } - if credentials.Token == "" { - credentials.Token = os.Getenv("BOMBER_PROVIDER_TOKEN") + if credentials.ProviderToken == "" { + credentials.ProviderToken = os.Getenv("BOMBER_PROVIDER_TOKEN") } - if credentials.Username == "" && credentials.Token == "" { + if credentials.Username == "" && credentials.ProviderToken == "" { err = errors.New("bomber requires a username and token to use the OSS Index provider") } return diff --git a/providers/ossindex/OSSIndex_test.go b/providers/ossindex/OSSIndex_test.go index 9f237fe..8d07616 100644 --- a/providers/ossindex/OSSIndex_test.go +++ b/providers/ossindex/OSSIndex_test.go @@ -28,15 +28,15 @@ func Test_validateCredentials(t *testing.T) { os.Unsetenv("BOMBER_PROVIDER_USERNAME") os.Unsetenv("BOMBER_PROVIDER_TOKEN") credentials := models.Credentials{ - Username: "test", - Token: "token", + Username: "test", + ProviderToken: "token", } err = validateCredentials(&credentials) assert.NoError(t, err) credentials.Username = "" - credentials.Token = "" + credentials.ProviderToken = "" err = validateCredentials(&credentials) assert.Error(t, err) @@ -46,7 +46,7 @@ func Test_validateCredentials(t *testing.T) { err = validateCredentials(&credentials) assert.NoError(t, err) assert.Equal(t, "test-env", credentials.Username) - assert.Equal(t, "token-env", credentials.Token) + assert.Equal(t, "token-env", credentials.ProviderToken) //reset env os.Setenv("BOMBER_PROVIDER_USERNAME", username) @@ -61,8 +61,8 @@ func TestProvider_Scan_FakeCredentials(t *testing.T) { httpmock.NewBytesResponder(200, ossTestResponse())) credentials := models.Credentials{ - Username: "test", - Token: "token", + Username: "test", + ProviderToken: "token", } provider := Provider{} diff --git a/providers/snyk/client.go b/providers/snyk/client.go index 8a2c4b5..e802c89 100644 --- a/providers/snyk/client.go +++ b/providers/snyk/client.go @@ -12,7 +12,7 @@ const userAgent = "Bomber" func newClient(c *models.Credentials) *HttpRequest.Request { return HttpRequest.NewRequest().SetHeaders(map[string]string{ - "Authorization": fmt.Sprintf("token %s", c.Token), + "Authorization": fmt.Sprintf("token %s", c.ProviderToken), "User-Agent": userAgent, }) } diff --git a/providers/snyk/snyk.go b/providers/snyk/snyk.go index 86e29ae..fbd1356 100644 --- a/providers/snyk/snyk.go +++ b/providers/snyk/snyk.go @@ -68,15 +68,15 @@ func validateCredentials(credentials *models.Credentials) error { return errors.New("credentials cannot be nil") } - if credentials.Token == "" { - credentials.Token = os.Getenv("SNYK_TOKEN") + if credentials.ProviderToken == "" { + credentials.ProviderToken = os.Getenv("SNYK_TOKEN") } - if credentials.Token == "" { - credentials.Token = os.Getenv("BOMBER_PROVIDER_TOKEN") + if credentials.ProviderToken == "" { + credentials.ProviderToken = os.Getenv("BOMBER_PROVIDER_TOKEN") } - if credentials.Token == "" { + if credentials.ProviderToken == "" { return errors.New("bomber requires a token to use the Snyk provider") } diff --git a/providers/snyk/snyk_test.go b/providers/snyk/snyk_test.go index 63dd4ce..6d97ea8 100644 --- a/providers/snyk/snyk_test.go +++ b/providers/snyk/snyk_test.go @@ -32,7 +32,7 @@ func Test_validateCredentials(t *testing.T) { os.Unsetenv("SNYK_TOKEN") credentials := models.Credentials{ - Token: "token", + ProviderToken: "token", } err := validateCredentials(nil) @@ -41,7 +41,7 @@ func Test_validateCredentials(t *testing.T) { err = validateCredentials(&credentials) assert.NoError(t, err) - credentials.Token = "" + credentials.ProviderToken = "" err = validateCredentials(&credentials) assert.Error(t, err) @@ -49,14 +49,14 @@ func Test_validateCredentials(t *testing.T) { err = validateCredentials(&credentials) assert.NoError(t, err) - assert.Equal(t, "bomber-token", credentials.Token) + assert.Equal(t, "bomber-token", credentials.ProviderToken) os.Setenv("SNYK_TOKEN", "snyk-token") - credentials.Token = "" + credentials.ProviderToken = "" err = validateCredentials(&credentials) assert.NoError(t, err) - assert.Equal(t, "snyk-token", credentials.Token) + assert.Equal(t, "snyk-token", credentials.ProviderToken) //reset env os.Setenv("BOMBER_PROVIDER_TOKEN", bomberToken) @@ -71,7 +71,7 @@ func TestProvider_Scan_FakeCredentials(t *testing.T) { httpmock.RegisterResponder("GET", `=~\/issues`, httpmock.NewBytesResponder(200, issuesResponse)) credentials := models.Credentials{ - Token: "token", + ProviderToken: "token", } provider := Provider{} diff --git a/renderers/ai/ai.go b/renderers/ai/ai.go new file mode 100644 index 0000000..8f45e7c --- /dev/null +++ b/renderers/ai/ai.go @@ -0,0 +1,18 @@ +// Package ai contains functionality to render output using GenAI +package ai + +import ( + "fmt" + + "github.com/devops-kung-fu/bomber/models" +) + +// Renderer contains methods to render AI HTML output format +type Renderer struct{} + +// Render outputs ai generated report +func (Renderer) Render(results models.Results) error { + + fmt.Println("Hello AI") + return nil +} diff --git a/renderers/ai/ai_test.go b/renderers/ai/ai_test.go new file mode 100644 index 0000000..53c14fd --- /dev/null +++ b/renderers/ai/ai_test.go @@ -0,0 +1,20 @@ +// Package ai contains functionality to render output using GenAI +package ai + +import ( + "testing" + + "github.com/devops-kung-fu/common/util" + "github.com/stretchr/testify/assert" + + "github.com/devops-kung-fu/bomber/models" +) + +func TestRenderer_Render(t *testing.T) { + output := util.CaptureOutput(func() { + renderer := Renderer{} + renderer.Render(models.NewResults([]models.Package{}, models.Summary{}, []models.ScannedFile{}, []string{"GPL"}, "0.0.0", "test", "")) + }) + assert.NotNil(t, output) + assert.Contains(t, output, "Hello AI\n") +} diff --git a/renderers/rendererfactory.go b/renderers/rendererfactory.go index 3938196..b93498d 100644 --- a/renderers/rendererfactory.go +++ b/renderers/rendererfactory.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/devops-kung-fu/bomber/models" + "github.com/devops-kung-fu/bomber/renderers/ai" "github.com/devops-kung-fu/bomber/renderers/html" "github.com/devops-kung-fu/bomber/renderers/json" "github.com/devops-kung-fu/bomber/renderers/stdout" @@ -19,6 +20,8 @@ func NewRenderer(output string) (renderer models.Renderer, err error) { renderer = json.Renderer{} case "html": renderer = html.Renderer{} + case "ai": + renderer = ai.Renderer{} default: err = fmt.Errorf("%s is not a valid output type", output) } diff --git a/renderers/rendererfactory_test.go b/renderers/rendererfactory_test.go index 89284ef..6b27450 100644 --- a/renderers/rendererfactory_test.go +++ b/renderers/rendererfactory_test.go @@ -5,6 +5,7 @@ import ( "github.com/stretchr/testify/assert" + "github.com/devops-kung-fu/bomber/renderers/ai" "github.com/devops-kung-fu/bomber/renderers/html" "github.com/devops-kung-fu/bomber/renderers/json" "github.com/devops-kung-fu/bomber/renderers/stdout" @@ -20,10 +21,13 @@ func TestNewRenderer(t *testing.T) { assert.IsType(t, json.Renderer{}, renderer) renderer, err = NewRenderer("html") - assert.NoError(t, err) assert.IsType(t, html.Renderer{}, renderer) + renderer, err = NewRenderer("ai") + assert.NoError(t, err) + assert.IsType(t, ai.Renderer{}, renderer) + _, err = NewRenderer("test") assert.Error(t, err) }