diff --git a/utils/analyticsmetrics.go b/utils/analyticsmetrics.go index 3dbd5cfd..8405e68d 100644 --- a/utils/analyticsmetrics.go +++ b/utils/analyticsmetrics.go @@ -171,3 +171,20 @@ func (ams *AnalyticsMetricsService) CreateXscAnalyticsGeneralEventFinalizeFromAu XscAnalyticsBasicGeneralEvent: basicEvent, } } + +func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeWithTotalScanDuration() { + totalDuration := time.Since(ams.GetStartTime()) + ams.finalizeEvent.TotalScanDuration = totalDuration.String() +} + +func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeStatus(status xscservices.EventStatus) { + ams.finalizeEvent.EventStatus = status +} + +func (ams *AnalyticsMetricsService) AddScanFindingsToXscAnalyticsGeneralEventFinalize(findingsAmount int) { + ams.finalizeEvent.TotalFindings += findingsAmount +} + +func (ams *AnalyticsMetricsService) SetShouldReportEvents(shouldReportEvents bool) { + ams.shouldReportEvents = shouldReportEvents +} diff --git a/utils/results.go b/utils/results.go index 863826da..3a1d8668 100644 --- a/utils/results.go +++ b/utils/results.go @@ -69,37 +69,41 @@ func (r *Results) IsIssuesFound() bool { return false } -// Counts the total amount of findings in the provided results and updates the AnalyticsMetricsService with the amount of the new added findings +// Counts the total number of unique findings in the provided results. +// A unique SCA finding is identified by a unique pair of vulnerability's/violation's issueId and component id or by a result returned from one of JAS scans. func (r *Results) CountScanResultsFindings() int { - findingsCountMap := make(map[string]int) var totalFindings int + totalFindings += getScaResultsUniqueFindingsAmount(&r.ScaResults) - // Counting ScaResults - for _, scaResult := range r.ScaResults { + if r.ExtendedScanResults != nil { + totalFindings += len(r.ExtendedScanResults.SastScanResults) + totalFindings += len(r.ExtendedScanResults.IacScanResults) + totalFindings += len(r.ExtendedScanResults.SecretsScanResults) + } + + return totalFindings +} + +func getScaResultsUniqueFindingsAmount(scaScanResults *[]ScaScanResult) int { + uniqueXrayFindings := datastructures.MakeSet[string]() + + for _, scaResult := range *scaScanResults { for _, xrayResult := range scaResult.XrayResults { // XrayResults may contain Vulnerabilities OR Violations, but not both. Therefore, only one of them will be counted for _, vulnerability := range xrayResult.Vulnerabilities { - findingsCountMap[vulnerability.IssueId] += len(vulnerability.Components) + for compId := range vulnerability.Components { + uniqueXrayFindings.Add(vulnerability.IssueId + compId) + } } for _, violation := range xrayResult.Violations { - findingsCountMap[violation.IssueId] += len(violation.Components) + for compId := range violation.Components { + uniqueXrayFindings.Add(violation.IssueId + compId) + } } } } - - for _, issueIdCount := range findingsCountMap { - totalFindings += issueIdCount - } - - // Counting ExtendedScanResults - if r.ExtendedScanResults != nil { - totalFindings += len(r.ExtendedScanResults.SastScanResults) - totalFindings += len(r.ExtendedScanResults.IacScanResults) - totalFindings += len(r.ExtendedScanResults.SecretsScanResults) - } - - return totalFindings + return uniqueXrayFindings.Size() } type ScaScanResult struct {