make sarif constructor have functional arguments instead of accepting an ever growing list of parameters

Author: northdpole

sarif/sarif.go

@@ -69,43 +69,88 @@ func validateDataSource(dataSource *ocsffindinginfo.DataSource) error {
 	return nil
 }
 
-func NewTransformer(
-	scanResult *sarif.SchemaJson,
-	findingsEcosystem string,
-	clock clockwork.Clock,
-	guidProvider StableUUIDProvider,
-	richDescription bool,
-	dataSource *ocsffindinginfo.DataSource,
-) (*SarifTransformer, error) {
-	if scanResult == nil {
-		return nil, errors.Errorf("method 'NewTransformer called with nil scanResult")
+type Config struct {
+	ScanResult        *sarif.SchemaJson
+	FindingsEcosystem string
+	Clock             clockwork.Clock
+	GuidProvider      StableUUIDProvider
+	RichDescription   bool
+	DataSource        *ocsffindinginfo.DataSource
+}
+
+type TransformerOption func(*Config)
+
+func WithScanResult(scanResult *sarif.SchemaJson) TransformerOption {
+	return func(cfg *Config) {
+		cfg.ScanResult = scanResult
+	}
+}
+
+func WithFindingsEcosystem(findingsEcosystem string) TransformerOption {
+	return func(cfg *Config) {
+		cfg.FindingsEcosystem = findingsEcosystem
+	}
+}
+
+func WithClock(clock clockwork.Clock) TransformerOption {
+	return func(cfg *Config) {
+		cfg.Clock = clock
+	}
+}
+
+func WithGuidProvider(guidProvider StableUUIDProvider) TransformerOption {
+	return func(cfg *Config) {
+		cfg.GuidProvider = guidProvider
+	}
+}
+
+func WithRichDescription() TransformerOption {
+	return func(cfg *Config) {
+		cfg.RichDescription = true
+	}
+}
+
+func WithDataSource(dataSource *ocsffindinginfo.DataSource) TransformerOption {
+	return func(cfg *Config) {
+		cfg.DataSource = dataSource
+	}
+}
+
+func NewTransformer(options ...TransformerOption) (*SarifTransformer, error) {
+	cfg := &Config{}
+	for _, opt := range options {
+		opt(cfg)
 	}
 
-	if clock == nil {
-		clock = clockwork.NewRealClock()
+	if cfg.ScanResult == nil {
+		return nil, errors.Errorf("method 'NewTransformerWithConfig' called with nil scanResult")
 	}
 
-	if utils.IsNil(guidProvider) {
+	if cfg.Clock == nil {
+		cfg.Clock = clockwork.NewRealClock()
+	}
+
+	if utils.IsNil(cfg.GuidProvider) {
 		var err error
-		guidProvider, err = NewBasicStableUUIDProvider()
+		cfg.GuidProvider, err = NewBasicStableUUIDProvider()
 		if err != nil {
 			return nil, errors.Errorf("could not bootstrap stable UUID provider: %w", err)
 		}
 	}
 
-	if err := validateDataSource(dataSource); err != nil {
+	if err := validateDataSource(cfg.DataSource); err != nil {
 		return nil, errors.Errorf("invalid data source provider: %w", err)
 	}
 
 	return &SarifTransformer{
-		clock:             clock,
-		sarifResult:       *scanResult,
-		findingsEcosystem: findingsEcosystem,
-		guidProvider:      guidProvider,
+		clock:             cfg.Clock,
+		sarifResult:       *cfg.ScanResult,
+		findingsEcosystem: cfg.FindingsEcosystem,
+		guidProvider:      cfg.GuidProvider,
 		ruleToTools:       make(map[string]sarif.ReportingDescriptor),
 		taxasByCWEID:      make(map[string]sarif.ReportingDescriptor),
-		richDescription:   richDescription,
-		dataSource:        dataSource,
+		richDescription:   cfg.RichDescription,
+		dataSource:        cfg.DataSource,
 	}, nil
 }
 
@@ -707,3 +752,45 @@ func (s *SarifTransformer) mergeDataSources(
 
 	return dataSource, nil
 }
+
+func (s *SarifTransformer) Compare(sarif1, sarif2 *sarif.SchemaJson) map[string][]string {
+	result := map[string][]string{
+		"exist in first but dont exist in second": {},
+		"exist in second but not in first":        {},
+		"exist in both":                           {},
+	}
+
+	getFindingIDs := func(sarifDoc *sarif.SchemaJson) map[string]struct{} {
+		ids := make(map[string]struct{})
+		if sarifDoc == nil {
+			return ids
+		}
+		for _, run := range sarifDoc.Runs {
+			for _, res := range run.Results {
+				if res.RuleId != nil {
+					ids[*res.RuleId] = struct{}{}
+				}
+			}
+		}
+		return ids
+	}
+
+	ids1 := getFindingIDs(sarif1)
+	ids2 := getFindingIDs(sarif2)
+
+	for id := range ids1 {
+		if _, ok := ids2[id]; ok {
+			result["exist in both"] = append(result["exist in both"], id)
+		} else {
+			result["exist in first but dont exist in second"] = append(result["exist in first but dont exist in second"], id)
+		}
+	}
+
+	for id := range ids2 {
+		if _, ok := ids1[id]; !ok {
+			result["exist in second but not in first"] = append(result["exist in second but not in first"], id)
+		}
+	}
+
+	return result
+}

sarif/sarif_test.go

@@ -490,7 +490,10 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "", clock, nil, true, datasource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(datasource),
 		)
 		require.NoError(t, err)
 		actualIssues, err := transformer.ToOCSF(context.Background())
@@ -777,7 +780,11 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "npm", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithFindingsEcosystem("npm"),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 		actualIssues, err := transformer.ToOCSF(context.Background())
@@ -1078,7 +1085,9 @@ func Test_ParseOut(t *testing.T) {
 		}
 
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 
@@ -1385,7 +1394,10 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 		actualIssues, err := transformer.ToOCSF(context.Background())
@@ -1602,7 +1614,11 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "docker", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithFindingsEcosystem("docker"),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 		actualIssues, err := transformer.ToOCSF(context.Background())
@@ -1944,7 +1960,10 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 
@@ -2227,7 +2246,10 @@ func Test_ParseOut(t *testing.T) {
 			},
 		}
 		transformer, err := sariftransformer.NewTransformer(
-			&sarifOutput, "", clock, nil, true, dataSource,
+			sariftransformer.WithScanResult(&sarifOutput),
+			sariftransformer.WithClock(clock),
+			sariftransformer.WithRichDescription(),
+			sariftransformer.WithDataSource(dataSource),
 		)
 		require.NoError(t, err)
 		actualIssues, err := transformer.ToOCSF(context.Background())