diff --git a/internal/engine/eval/trusty/config.go b/internal/engine/eval/trusty/config.go index 95a11cdd83..bd84365013 100644 --- a/internal/engine/eval/trusty/config.go +++ b/internal/engine/eval/trusty/config.go @@ -19,7 +19,32 @@ var ( // SummaryScore is the score to use for the summary score SummaryScore = "score" // DefaultScore is the default score to use - DefaultScore = "" + DefaultScore = "" + defaultAction = pr_actions.ActionReviewPr + defaultEcosystemConfig = []ecosystemConfig{ + { + Name: "npm", + Score: 5.0, + Provenance: 5.0, + Activity: 5.0, + AllowMalicious: false, + AllowDeprecated: false, + }, + { + Name: "pypi", + Score: 5.0, + Provenance: 5.0, + Activity: 5.0, + AllowDeprecated: false, + }, + { + Name: "go", + Score: 5.0, + Provenance: 5.0, + Activity: 5.0, + AllowDeprecated: false, + }, + } ) type ecosystemConfig struct { @@ -50,40 +75,19 @@ type config struct { EcosystemConfig []ecosystemConfig `json:"ecosystem_config" mapstructure:"ecosystem_config" validate:"required"` } -func defaultConfig() *config { - return &config{ - Action: pr_actions.ActionReviewPr, - EcosystemConfig: []ecosystemConfig{ - { - Name: "npm", - Score: 5.0, - Provenance: 5.0, - Activity: 5.0, - AllowMalicious: false, - AllowDeprecated: false, - }, - { - Name: "pypi", - Score: 5.0, - Provenance: 5.0, - Activity: 5.0, - AllowDeprecated: false, - }, - { - Name: "go", - Score: 5.0, - Provenance: 5.0, - Activity: 5.0, - AllowDeprecated: false, - }, - }, +func populateDefaultsIfEmpty(ruleCfg map[string]any) { + if ruleCfg["ecosystem_config"] == nil { + ruleCfg["ecosystem_config"] = defaultEcosystemConfig + } else if ecoCfg, ok := ruleCfg["ecosystem_config"].([]interface{}); ok && len(ecoCfg) == 0 { + ruleCfg["ecosystem_config"] = defaultEcosystemConfig + } + if ruleCfg["action"] == nil { + ruleCfg["action"] = defaultAction } } func parseConfig(ruleCfg map[string]any) (*config, error) { - if len(ruleCfg) == 0 { - return defaultConfig(), nil - } + populateDefaultsIfEmpty(ruleCfg) var conf config validate := validator.New(validator.WithRequiredStructEnabled()) diff --git a/internal/engine/eval/trusty/trusty_test.go b/internal/engine/eval/trusty/trusty_test.go index 653af4e45d..b9da915bc6 100644 --- a/internal/engine/eval/trusty/trusty_test.go +++ b/internal/engine/eval/trusty/trusty_test.go @@ -161,7 +161,9 @@ func TestParseRuleConfig(t *testing.T) { }, { "invalid-config", map[string]any{ - "hey": "you", + "ecosystem_config": []string{ + "hey", + }, }, true, }, } { @@ -597,3 +599,10 @@ func TestEvaluationDetailRendering(t *testing.T) { }) } } + +func defaultConfig() *config { + return &config{ + Action: defaultAction, + EcosystemConfig: defaultEcosystemConfig, + } +} diff --git a/internal/engine/eval/vulncheck/config.go b/internal/engine/eval/vulncheck/config.go index ecafcae2fa..00fdc977a5 100644 --- a/internal/engine/eval/vulncheck/config.go +++ b/internal/engine/eval/vulncheck/config.go @@ -19,6 +19,39 @@ type vulnDbType string const ( vulnDbTypeOsv vulnDbType = "osv" + defaultAction = pr_actions.ActionReviewPr +) + +var ( + defaultEcosystemConfig = []ecosystemConfig{ + { + Name: "npm", + DbType: vulnDbTypeOsv, + DbEndpoint: "https://api.osv.dev/v1/query", + PackageRepository: packageRepository{ + Url: "https://registry.npmjs.org", + }, + }, + { + Name: "pypi", + DbType: vulnDbTypeOsv, + DbEndpoint: "https://api.osv.dev/v1/query", + PackageRepository: packageRepository{ + Url: "https://pypi.org/pypi", + }, + }, + { + Name: "go", + DbType: vulnDbTypeOsv, + DbEndpoint: "https://api.osv.dev/v1/query", + PackageRepository: packageRepository{ + Url: "https://proxy.golang.org", + }, + SumRepository: packageRepository{ + Url: "https://sum.golang.org", + }, + }, + } ) type packageRepository struct { @@ -41,45 +74,20 @@ type config struct { EcosystemConfig []ecosystemConfig `json:"ecosystem_config" mapstructure:"ecosystem_config" validate:"required"` } -func defaultConfig() *config { - return &config{ - Action: pr_actions.ActionReviewPr, - EcosystemConfig: []ecosystemConfig{ - { - Name: "npm", - DbType: vulnDbTypeOsv, - DbEndpoint: "https://api.osv.dev/v1/query", - PackageRepository: packageRepository{ - Url: "https://registry.npmjs.org", - }, - }, - { - Name: "pypi", - DbType: vulnDbTypeOsv, - DbEndpoint: "https://api.osv.dev/v1/query", - PackageRepository: packageRepository{ - Url: "https://pypi.org/pypi", - }, - }, - { - Name: "go", - DbType: vulnDbTypeOsv, - DbEndpoint: "https://api.osv.dev/v1/query", - PackageRepository: packageRepository{ - Url: "https://proxy.golang.org", - }, - SumRepository: packageRepository{ - Url: "https://sum.golang.org", - }, - }, - }, +func populateDefaultsIfEmpty(ruleCfg map[string]any) { + if ruleCfg["ecosystem_config"] == nil { + ruleCfg["ecosystem_config"] = defaultEcosystemConfig + } else if ecoCfg, ok := ruleCfg["ecosystem_config"].([]interface{}); ok && len(ecoCfg) == 0 { + ruleCfg["ecosystem_config"] = defaultEcosystemConfig + } + + if ruleCfg["action"] == nil { + ruleCfg["action"] = defaultAction } } func parseConfig(ruleCfg map[string]any) (*config, error) { - if len(ruleCfg) == 0 { - return defaultConfig(), nil - } + populateDefaultsIfEmpty(ruleCfg) var conf config validate := validator.New(validator.WithRequiredStructEnabled())