✨ Add score to SARIF for all results (#1694)

laurentsimon · web-flow · commit d192c8e3aca1 · 2022-03-02T17:06:47.000-08:00
* add score

* fix unit tests
diff --git a/pkg/sarif.go b/pkg/sarif.go
@@ -510,14 +510,18 @@ func filterOutDetailType(details []checker.CheckDetail, t checker.DetailType) []
 	return ret
 }
 
+func messageWithScore(msg string, score int) string {
+	return fmt.Sprintf("score is %d: %s", score, msg)
+}
+
 func createDefaultLocationMessage(check *checker.CheckResult, score int) string {
 	details := filterOutDetailType(check.Details2, checker.DetailInfo)
 	s, b := detailsToString(details, log.WarnLevel)
 	if b {
 		// Warning: GitHub UX needs a single `\n` to turn it into a `<br>`.
-		return fmt.Sprintf("score is %d: %s:\n%s", score, check.Reason, s)
+		return messageWithScore(fmt.Sprintf("%s:\n%s", check.Reason, s), score)
 	}
-	return fmt.Sprintf("score is %d: %s", score, check.Reason)
+	return messageWithScore(check.Reason, score)
 }
 
 // AsSARIF outputs ScorecardResult in SARIF 2.1.0 format.
@@ -603,7 +607,8 @@ func (r *ScorecardResult) AsSARIF(showDetails bool, logLevel log.Level,
 		} else {
 			for _, loc := range locs {
 				// Use the location's message (check's detail's message) as message.
-				cr := createSARIFCheckResult(RuleIndex, sarifCheckID, loc.Message.Text, &loc)
+				msg := messageWithScore(loc.Message.Text, check.Score)
+				cr := createSARIFCheckResult(RuleIndex, sarifCheckID, msg, &loc)
 				run.Results = append(run.Results, cr)
 			}
 		}
diff --git a/pkg/testdata/check1.sarif b/pkg/testdata/check1.sarif
@@ -47,7 +47,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 5: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
diff --git a/pkg/testdata/check2.sarif b/pkg/testdata/check2.sarif
@@ -47,7 +47,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
diff --git a/pkg/testdata/check3.sarif b/pkg/testdata/check3.sarif
@@ -104,7 +104,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -128,7 +128,7 @@
                "ruleId": "CheckName2ID",
                "ruleIndex": 1,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
diff --git a/pkg/testdata/check4.sarif b/pkg/testdata/check4.sarif
@@ -104,7 +104,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -128,7 +128,7 @@
                "ruleId": "CheckName2ID",
                "ruleIndex": 1,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
diff --git a/pkg/testdata/check7.sarif b/pkg/testdata/check7.sarif
@@ -104,7 +104,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 0: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
diff --git a/pkg/testdata/check8.sarif b/pkg/testdata/check8.sarif
@@ -76,7 +76,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 5: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -103,7 +103,7 @@
                "ruleId": "CheckNameID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 5: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -130,7 +130,7 @@
                "ruleId": "CheckName5ID",
                "ruleIndex": 1,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 8: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -157,7 +157,7 @@
                "ruleId": "CheckName5ID",
                "ruleIndex": 1,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 8: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -229,7 +229,7 @@
                "ruleId": "CheckName6ID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 9: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {
@@ -301,7 +301,7 @@
                "ruleId": "CheckName4ID",
                "ruleIndex": 0,
                "message": {
-                  "text": "warn message\nClick Remediation section below to solve this issue"
+                  "text": "score is 5: warn message\nClick Remediation section below to solve this issue"
                },
                "locations": [
                   {

Original file line number	Diff line number	Diff line change
`@@ -510,14 +510,18 @@ func filterOutDetailType(details []checker.CheckDetail, t checker.DetailType) []`
`510`	`510`	`return ret`
`511`	`511`	`}`
`512`	`512`
	`513`	`+func messageWithScore(msg string, score int) string {`
	`514`	`+ return fmt.Sprintf("score is %d: %s", score, msg)`
	`515`	`+}`
	`516`	`+`
`513`	`517`	`func createDefaultLocationMessage(check *checker.CheckResult, score int) string {`
`514`	`518`	`details := filterOutDetailType(check.Details2, checker.DetailInfo)`
`515`	`519`	`s, b := detailsToString(details, log.WarnLevel)`
`516`	`520`	`if b {`
`517`	`521`	// Warning: GitHub UX needs a single `\n` to turn it into a `<br>`.
`518`		`- return fmt.Sprintf("score is %d: %s:\n%s", score, check.Reason, s)`
	`522`	`+ return messageWithScore(fmt.Sprintf("%s:\n%s", check.Reason, s), score)`
`519`	`523`	`}`
`520`		`- return fmt.Sprintf("score is %d: %s", score, check.Reason)`
	`524`	`+ return messageWithScore(check.Reason, score)`
`521`	`525`	`}`
`522`	`526`
`523`	`527`	`// AsSARIF outputs ScorecardResult in SARIF 2.1.0 format.`
`@@ -603,7 +607,8 @@ func (r *ScorecardResult) AsSARIF(showDetails bool, logLevel log.Level,`
`603`	`607`	`} else {`
`604`	`608`	`for _, loc := range locs {`
`605`	`609`	`// Use the location's message (check's detail's message) as message.`
`606`		`- cr := createSARIFCheckResult(RuleIndex, sarifCheckID, loc.Message.Text, &loc)`
	`610`	`+ msg := messageWithScore(loc.Message.Text, check.Score)`
	`611`	`+ cr := createSARIFCheckResult(RuleIndex, sarifCheckID, msg, &loc)`
`607`	`612`	`run.Results = append(run.Results, cr)`
`608`	`613`	`}`
`609`	`614`	`}`
Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,7 @@`
`47`	`47`	`"ruleId": "CheckNameID",`
`48`	`48`	`"ruleIndex": 0,`
`49`	`49`	`"message": {`
`50`		`- "text": "warn message\nClick Remediation section below to solve this issue"`
	`50`	`+ "text": "score is 5: warn message\nClick Remediation section below to solve this issue"`
`51`	`51`	`},`
`52`	`52`	`"locations": [`
`53`	`53`	`{`
Original file line number	Diff line number	Diff line change
`@@ -104,7 +104,7 @@`
`104`	`104`	`"ruleId": "CheckNameID",`
`105`	`105`	`"ruleIndex": 0,`
`106`	`106`	`"message": {`
`107`		`- "text": "warn message\nClick Remediation section below to solve this issue"`
	`107`	`+ "text": "score is 0: warn message\nClick Remediation section below to solve this issue"`
`108`	`108`	`},`
`109`	`109`	`"locations": [`
`110`	`110`	`{`