diff --git a/gradle.properties b/gradle.properties index da69951..ed7c4fb 100644 --- a/gradle.properties +++ b/gradle.properties @@ -3,7 +3,7 @@ pluginGroup = com.github.bridgecrewio.prismajetbrainsidea pluginName = prismacloud-jetbrains-idea -pluginVersion = 1.0.10 +pluginVersion = 1.0.11 pluginSinceBuild = 203 # Plugin Verifier integration -> https://github.com/JetBrains/gradle-intellij-plugin#plugin-verifier-dsl # See https://jb.gg/intellij-platform-builds-list for available build versions diff --git a/src/main/kotlin/com/bridgecrew/services/ResultsCacheService.kt b/src/main/kotlin/com/bridgecrew/services/ResultsCacheService.kt index f87b9e6..94abe2b 100644 --- a/src/main/kotlin/com/bridgecrew/services/ResultsCacheService.kt +++ b/src/main/kotlin/com/bridgecrew/services/ResultsCacheService.kt @@ -4,6 +4,7 @@ import com.bridgecrew.CheckovResult import com.bridgecrew.results.* import com.bridgecrew.settings.CheckovGlobalState import com.bridgecrew.utils.CheckovUtils +import com.bridgecrew.utils.fromDockerFilePath import com.intellij.openapi.components.Service import com.intellij.openapi.project.Project import org.apache.commons.io.FilenameUtils @@ -15,8 +16,7 @@ import java.nio.file.Paths class ResultsCacheService(val project: Project) { var checkovResults: MutableList = mutableListOf() var modifiedResults: MutableList = mutableListOf() - - private val baseDir: String = if (System.getProperty("os.name").lowercase().contains("win")) FilenameUtils.separatorsToWindows(project.basePath!!) else project.basePath!! + private val baseDir: String = project.basePath!! // This function returns `checkovResults` after accounting for changes that were done between scans // For example, after fixing or suppressing a resource, we want to clean those entries from all client facing usages. @@ -80,13 +80,15 @@ class ResultsCacheService(val project: Project) { fun setCheckovResultsFromResultsList(results: List) { for (result in results) { try { + result.file_abs_path = fromDockerFilePath(result.file_abs_path) + val category: Category = mapCheckovCheckTypeToScanType(result.check_type, result.check_id) val checkType = this.getCheckType(result.check_type) val resource: String = CheckovUtils.extractResource(result, category, checkType) val name: String = getResourceName(result, category) val severity = Severity.valueOf(result.severity.uppercase()) val description = if(!result.description.isNullOrEmpty()) result.description else result.short_description - val filePath = result.file_abs_path.replace(baseDir, "") + val filePath = result.file_abs_path.replace(baseDir, "").replace("//", "/") val fileAbsPath = if (!result.file_abs_path.contains(baseDir)) Paths.get(baseDir, File.separator, result.file_abs_path).toString() else result.file_abs_path when (category) { diff --git a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/CheckovScanCommandsService.kt b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/CheckovScanCommandsService.kt index 11c4837..d342d7a 100644 --- a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/CheckovScanCommandsService.kt +++ b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/CheckovScanCommandsService.kt @@ -13,7 +13,7 @@ abstract class CheckovScanCommandsService(val project: Project) { fun getExecCommandForSingleFile(filePaths: List, outputFilePath: String): ArrayList { val cmds = ArrayList() cmds.addAll(getCheckovRunningCommandByServiceType(outputFilePath)) - cmds.addAll(getCheckovCliArgsForExecCommand(outputFilePath)) + cmds.addAll(getCheckovCliArgsForExecCommand(getOutputFilePath(outputFilePath))) filePaths.forEach{ path -> cmds.add("-f"); cmds.add(getFilePath(path)) } @@ -33,7 +33,7 @@ abstract class CheckovScanCommandsService(val project: Project) { val cmdByFramework = arrayListOf() cmdByFramework.addAll(baseCmds) - cmdByFramework.addAll(getCheckovCliArgsForExecCommand(outputFilePath)) + cmdByFramework.addAll(getCheckovCliArgsForExecCommand(getOutputFilePath(outputFilePath))) cmdByFramework.add("--framework") cmdByFramework.add(framework) @@ -99,4 +99,6 @@ abstract class CheckovScanCommandsService(val project: Project) { abstract fun getDirectory(): String abstract fun getFilePath(originalFilePath: String): String abstract fun getCertPath(): String + abstract fun getOutputFilePath(outputFilePath: String): String + } \ No newline at end of file diff --git a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/DockerCheckovScanCommandsService.kt b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/DockerCheckovScanCommandsService.kt index eee9ce8..4280d3c 100644 --- a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/DockerCheckovScanCommandsService.kt +++ b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/DockerCheckovScanCommandsService.kt @@ -1,6 +1,7 @@ package com.bridgecrew.services.checkovScanCommandsService import com.bridgecrew.utils.PLUGIN_ID +import com.bridgecrew.utils.toDockerFilePath import com.intellij.ide.plugins.PluginManagerCore import com.intellij.openapi.extensions.PluginId import com.intellij.openapi.project.Project @@ -9,7 +10,7 @@ import org.apache.commons.io.FilenameUtils class DockerCheckovScanCommandsService(project: Project) : CheckovScanCommandsService(project) { private val image = "bridgecrew/checkov" - private val volumeDirectory = FilenameUtils.separatorsToUnix(project.basePath) + private val volumeDirectory = getDockerUnixPath(project.basePath) private val volumeCertPath = "/usr/lib/ssl/cert.pem" override fun getCheckovRunningCommandByServiceType(outputFilePath: String): ArrayList { val pluginVersion = @@ -27,7 +28,7 @@ class DockerCheckovScanCommandsService(project: Project) : CheckovScanCommandsSe dockerCommand.addAll(arrayListOf("--volume", volumeCaFile)) } - dockerCommand.addAll(arrayListOf("--volume", "$outputFilePath:$outputFilePath")) + dockerCommand.addAll(arrayListOf("--volume", "$outputFilePath:/${getDockerUnixPath(outputFilePath)}")) val volumeDir = "${FilenameUtils.separatorsToUnix(project.basePath)}:/${volumeDirectory}" dockerCommand.addAll(arrayListOf("--volume", volumeDir, image)) @@ -39,6 +40,15 @@ class DockerCheckovScanCommandsService(project: Project) : CheckovScanCommandsSe return volumeDirectory } + private fun getDockerUnixPath(path: String?): String { + return toDockerFilePath(FilenameUtils.separatorsToUnix(path)); + } + + + override fun getOutputFilePath(outputFilePath: String): String { + return getDockerUnixPath(outputFilePath) + } + override fun getFilePath(originalFilePath: String): String { return originalFilePath.replace(project.basePath!!, volumeDirectory) } diff --git a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/InstalledCheckovScanCommandsService.kt b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/InstalledCheckovScanCommandsService.kt index d274645..441ce81 100644 --- a/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/InstalledCheckovScanCommandsService.kt +++ b/src/main/kotlin/com/bridgecrew/services/checkovScanCommandsService/InstalledCheckovScanCommandsService.kt @@ -18,6 +18,10 @@ class InstalledCheckovScanCommandsService(project: Project) : CheckovScanCommand return FilenameUtils.separatorsToSystem(originalFilePath) } + override fun getOutputFilePath(outputFilePath: String): String { + return outputFilePath + } + override fun getCertPath(): String { return settings?.certificate!! } diff --git a/src/main/kotlin/com/bridgecrew/utils/fileUtils.kt b/src/main/kotlin/com/bridgecrew/utils/fileUtils.kt index 226b16c..1589c66 100644 --- a/src/main/kotlin/com/bridgecrew/utils/fileUtils.kt +++ b/src/main/kotlin/com/bridgecrew/utils/fileUtils.kt @@ -147,4 +147,11 @@ fun deleteCheckovTempDir() { fun toVirtualFilePath(project: Project, virtualFile: VirtualFile): String { return virtualFile.path.removePrefix(project.basePath!!).removePrefix(File.separator) +} + +fun toDockerFilePath(path: String): String { + return path.replace(":/", "[--colon--]") +} +fun fromDockerFilePath(path: String): String { + return path.replace( "[--colon--]",":/") } \ No newline at end of file