Skip to content

Commit dffd692

Browse files
wwongwwong
committed
View alerts by GHAS alert number prototype
Kinda clunky. Ideally, we'd group the alerts by alert number range to prevent the vertical sprawl.
1 parent 11b362d commit dffd692

File tree

3 files changed

+65
-31
lines changed

3 files changed

+65
-31
lines changed

src/main/kotlin/com/github/adrienpessu/sarifviewer/models/View.kt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,8 @@ data class View(
99
companion object {
1010
val RULE = View("rules", "View by rules")
1111
val LOCATION = View("location", "View by location")
12-
val views = arrayOf(RULE, LOCATION)
12+
val ALERT_NUMBER = View("alert num", "View by GHAS alert number")
13+
val views = arrayOf(RULE, LOCATION, ALERT_NUMBER)
1314
}
1415
}
1516

src/main/kotlin/com/github/adrienpessu/sarifviewer/services/SarifService.kt

Lines changed: 55 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,13 @@ import com.github.adrienpessu.sarifviewer.models.Leaf
99
import com.github.adrienpessu.sarifviewer.models.Root
1010
import com.github.adrienpessu.sarifviewer.models.View
1111
import com.github.adrienpessu.sarifviewer.utils.GitHubInstance
12+
import com.google.common.base.Strings
1213
import com.intellij.openapi.components.Service
1314
import com.intellij.util.alsoIfNull
1415
import java.net.HttpURLConnection
1516
import java.net.URL
17+
import java.util.Comparator
18+
import java.util.TreeMap
1619

1720

1821
@Service(Service.Level.PROJECT)
@@ -28,7 +31,7 @@ class SarifService {
2831
return ids.map { id ->
2932
val sarifFromGitHub = getSarifFromGitHub(github, repositoryFullName, id)
3033
val sarif: SarifSchema210 = objectMapper.readValue(sarifFromGitHub)
31-
sarif.alsoIfNull { SarifSchema210() }
34+
sarif.alsoIfNull { SarifSchema210() }
3235
}
3336
}
3437

@@ -47,7 +50,7 @@ class SarifService {
4750

4851
}
4952

50-
fun analyseSarif(sarif: SarifSchema210, view: View): HashMap<String, MutableList<Leaf>> {
53+
fun analyseSarif(sarif: SarifSchema210, view: View): MutableMap<String, MutableList<Leaf>> {
5154

5255
when (view) {
5356
View.RULE -> {
@@ -69,6 +72,7 @@ class SarifService {
6972
}
7073
return map
7174
}
75+
7276
View.LOCATION -> {
7377
val map = HashMap<String, MutableList<Leaf>>()
7478
try {
@@ -88,37 +92,66 @@ class SarifService {
8892
}
8993
return map
9094
}
95+
96+
View.ALERT_NUMBER -> {
97+
val map = TreeMap<String, MutableList<Leaf>>();
98+
try {
99+
sarif.runs.forEach { run ->
100+
run?.results?.forEach { result ->
101+
val element = leaf(result)
102+
val key = if (Strings.isNullOrEmpty(element.githubAlertNumber)) {
103+
"Missing alert number"
104+
} else {
105+
element.githubAlertNumber
106+
}
107+
if (map.containsKey(key)) {
108+
map[key]?.add(element)
109+
} else {
110+
map[key] = mutableListOf(element)
111+
}
112+
}
113+
}
114+
} catch (e: Exception) {
115+
throw SarifViewerException.INVALID_SARIF
116+
}
117+
return map.toSortedMap(Comparator.comparingInt { k ->
118+
try {
119+
Integer.valueOf(k)
120+
} catch (e: NumberFormatException) {
121+
Integer.MIN_VALUE
122+
}
123+
})
124+
}
125+
91126
else -> {
92127
throw SarifViewerException.INVALID_VIEW
93128
}
94129
}
95-
96-
97130
}
98131

99132
private fun leaf(result: Result): Leaf {
100133
val additionalProperties = result.properties?.additionalProperties ?: mapOf()
101134
val element = Leaf(
102-
leafName = result.message.text ?: "",
103-
address = "${result.locations[0].physicalLocation.artifactLocation.uri}:${result.locations[0].physicalLocation.region.startLine}",
104-
steps = result.codeFlows?.get(0)?.threadFlows?.get(0)?.locations?.map { "${it.location.physicalLocation.artifactLocation.uri}:${it.location.physicalLocation.region.startLine}" }
105-
?: listOf(),
106-
location = result.locations[0].physicalLocation.artifactLocation.uri,
107-
ruleId = result.ruleId,
108-
ruleName = result.rule?.id ?: "",
109-
ruleDescription = result.message.text ?: "",
110-
level = result.level.toString(),
111-
kind = result.kind.toString(),
112-
githubAlertNumber = additionalProperties["github/alertNumber"]?.toString() ?: "",
113-
githubAlertUrl = additionalProperties["github/alertUrl"]?.toString() ?: ""
135+
leafName = result.message.text ?: "",
136+
address = "${result.locations[0].physicalLocation.artifactLocation.uri}:${result.locations[0].physicalLocation.region.startLine}",
137+
steps = result.codeFlows?.get(0)?.threadFlows?.get(0)?.locations?.map { "${it.location.physicalLocation.artifactLocation.uri}:${it.location.physicalLocation.region.startLine}" }
138+
?: listOf(),
139+
location = result.locations[0].physicalLocation.artifactLocation.uri,
140+
ruleId = result.ruleId,
141+
ruleName = result.rule?.id ?: "",
142+
ruleDescription = result.message.text ?: "",
143+
level = result.level.toString(),
144+
kind = result.kind.toString(),
145+
githubAlertNumber = additionalProperties["github/alertNumber"]?.toString() ?: "",
146+
githubAlertUrl = additionalProperties["github/alertUrl"]?.toString() ?: ""
114147
)
115148
return element
116149
}
117150

118151
fun getPullRequests(github: GitHubInstance, repositoryFullName: String, branchName: String = "main"): List<*>? {
119152
val head = "${repositoryFullName.split("/")[0]}:$branchName"
120153
val connection = URL("${github.apiBase}/repos/$repositoryFullName/pulls?state=open&head=$head")
121-
.openConnection() as HttpURLConnection
154+
.openConnection() as HttpURLConnection
122155

123156
connection.apply {
124157
requestMethod = "GET"
@@ -139,14 +172,14 @@ class SarifService {
139172
}
140173

141174
private fun getAnalysisFromGitHub(
142-
github: GitHubInstance,
143-
repositoryFullName: String,
144-
branchName: String = "main"
175+
github: GitHubInstance,
176+
repositoryFullName: String,
177+
branchName: String = "main"
145178
): String {
146179

147180
val s = "${github.apiBase}/repos/$repositoryFullName/code-scanning/analyses?ref=$branchName"
148181
val connection = URL(s)
149-
.openConnection() as HttpURLConnection
182+
.openConnection() as HttpURLConnection
150183

151184
connection.apply {
152185
requestMethod = "GET"
@@ -189,7 +222,7 @@ class SarifService {
189222

190223
private fun getSarifFromGitHub(github: GitHubInstance, repositoryFullName: String, analysisId: Int): String {
191224
val connection = URL("${github.apiBase}/repos/$repositoryFullName/code-scanning/analyses/$analysisId")
192-
.openConnection() as HttpURLConnection
225+
.openConnection() as HttpURLConnection
193226

194227
connection.apply {
195228
requestMethod = "GET"

src/main/kotlin/com/github/adrienpessu/sarifviewer/toolWindow/SarifViewerWindowFactory.kt

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,7 @@ class SarifViewerWindowFactory : ToolWindowFactory {
223223
}
224224

225225
private fun emptyNode(
226-
map: HashMap<String, MutableList<Leaf>>,
226+
map: MutableMap<String, MutableList<Leaf>>,
227227
repositoryFullName: String?
228228
) {
229229
val element = Leaf(
@@ -306,7 +306,7 @@ class SarifViewerWindowFactory : ToolWindowFactory {
306306
toggleLoading()
307307
currentView = selectedItem
308308
clearJSplitPane()
309-
var map = HashMap<String, MutableList<Leaf>>()
309+
var map: MutableMap<String, MutableList<Leaf>> = HashMap()
310310
if (localMode) {
311311
if (cacheSarif?.runs?.isEmpty() == false) {
312312
map = service.analyseSarif(cacheSarif!!, currentView)
@@ -376,7 +376,7 @@ class SarifViewerWindowFactory : ToolWindowFactory {
376376
}
377377

378378
private fun buildContent(
379-
map: HashMap<String, MutableList<Leaf>>
379+
map: Map<String, MutableList<Leaf>>
380380
) {
381381
treeBuilding(map)
382382
}
@@ -419,7 +419,7 @@ class SarifViewerWindowFactory : ToolWindowFactory {
419419
worker.execute()
420420
}
421421

422-
private fun treeBuilding(map: HashMap<String, MutableList<Leaf>>) {
422+
private fun treeBuilding(map: Map<String, MutableList<Leaf>>) {
423423
val root = DefaultMutableTreeNode(project.name)
424424

425425
map.forEach { (key, value) ->
@@ -645,9 +645,9 @@ class SarifViewerWindowFactory : ToolWindowFactory {
645645
github: GitHubInstance,
646646
repositoryFullName: String,
647647
base: String? = null
648-
): HashMap<String, MutableList<Leaf>> {
648+
): MutableMap<String, MutableList<Leaf>> {
649649
val sarifs = service.getSarifFromGitHub(github, repositoryFullName, sarifGitHubRef).filterNotNull()
650-
var map = HashMap<String, MutableList<Leaf>>()
650+
var map: MutableMap<String, MutableList<Leaf>> = HashMap()
651651
val results = sarifs.flatMap { it.runs?.get(0)?.results ?: emptyList() }
652652
if (sarifs.isNotEmpty()) {
653653
if (sarifGitHubRef.startsWith("refs/pull/") && base != null) {
@@ -675,12 +675,12 @@ class SarifViewerWindowFactory : ToolWindowFactory {
675675

676676
private fun extractSarifFromFile(
677677
file: File
678-
): HashMap<String, MutableList<Leaf>> {
678+
): Map<String, MutableList<Leaf>> {
679679
// file to String
680680
val sarifString = file.readText(Charset.defaultCharset())
681681
val sarif = ObjectMapper().readValue(sarifString, SarifSchema210::class.java)
682682
cacheSarif = sarif
683-
var map = HashMap<String, MutableList<Leaf>>()
683+
var map: MutableMap<String, MutableList<Leaf>> = HashMap()
684684
if (sarif.runs?.isEmpty() == false) {
685685
map = service.analyseSarif(sarif, currentView)
686686
}

0 commit comments

Comments
 (0)