SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions

Merge pull request #647 from gocsaf/pmd-diagnostic

Browse source 
csaf_checker: Always generate report
This commit is contained in:
JanHoefelmeyer 2025-06-25 15:33:47 +02:00 committed by GitHub
commit d5778f0755
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 13 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

22
cmd/csaf_checker/processor.go
View file

@ -251,14 +251,16 @@ func (p *processor) run(domains []string) (*Report, error) {
p.reset() p.reset()
if !p.checkProviderMetadata(d) { if !p.checkProviderMetadata(d) {
// We cannot build a report if the provider metadata cannot be parsed. // We need to fail the domain if the PMD cannot be parsed.
log.Printf("Could not parse the Provider-Metadata.json of: %s\n", d) p.badProviderMetadata.use()
continue message := fmt.Sprintf("Could not parse the Provider-Metadata.json of: %s", d)
p.badProviderMetadata.error(message)
} }
if err := p.checkDomain(d); err != nil { if err := p.checkDomain(d); err != nil {
log.Printf("Failed to find valid provider-metadata.json for domain %s: %v. "+ p.badProviderMetadata.use()
"Continuing with next domain.", d, err) message := fmt.Sprintf("Failed to find valid provider-metadata.json for domain %s: %v. ", d, err)
continue p.badProviderMetadata.error(message)
} }
domain := &Domain{Name: d} domain := &Domain{Name: d}
@ -269,8 +271,10 @@ func (p *processor) run(domains []string) (*Report, error) {
} }
if domain.Role == nil { if domain.Role == nil {
log.Printf("No role found in meta data. Ignoring domain %q\n", d) log.Printf("No role found in meta data for domain %q\n", d)
continue // Assume trusted provider to continue report generation
role := csaf.MetadataRoleTrustedProvider
domain.Role = &role
} }
rules := roleRequirements(*domain.Role) rules := roleRequirements(*domain.Role)
@ -1431,7 +1435,6 @@ func (p *processor) checkDNS(domain string) {
// checkWellknown checks if the provider-metadata.json file is // checkWellknown checks if the provider-metadata.json file is
// available under the /.well-known/csaf/ directory. // available under the /.well-known/csaf/ directory.
func (p *processor) checkWellknown(domain string) { func (p *processor) checkWellknown(domain string) {
p.badWellknownMetadata.use() p.badWellknownMetadata.use()
client := p.httpClient() client := p.httpClient()
path := "https://" + domain + "/.well-known/csaf/provider-metadata.json" path := "https://" + domain + "/.well-known/csaf/provider-metadata.json"
@ -1440,6 +1443,7 @@ func (p *processor) checkWellknown(domain string) {
if err != nil { if err != nil {
p.badWellknownMetadata.add(ErrorType, p.badWellknownMetadata.add(ErrorType,
fmt.Sprintf("Fetching %s failed: %v", path, err)) fmt.Sprintf("Fetching %s failed: %v", path, err))
return
} }
if res.StatusCode != http.StatusOK { if res.StatusCode != http.StatusOK {
p.badWellknownMetadata.add(ErrorType, fmt.Sprintf("Fetching %s failed. Status code %d (%s)", p.badWellknownMetadata.add(ErrorType, fmt.Sprintf("Fetching %s failed. Status code %d (%s)",