README
¶
Producers
A producer is a program that parses the output of a tool and converts it into Dracon compatible file that can be used by the enricher and consumers.
Writing Producers
Producers can be written in any language that supports protobufs, we have examples in Golang and Python. They are all structured the same way:
- Parse program arguments:
in
: the raw tool results file locationout
: where to place the Dracon compatible output file location
- Parse the
in
file into Protobufs (LaunchToolResponse
) - Add metadata to Protobufs (e.g. git/source-code information)
- Write the protobuf bytes to the
out
file
Producer API
For convenience, there are helper functions in the ./producers
pkg/module for Golang/Python.
The WriteDraconOut
/write_dracon_out
method expects a list of issues to write as the LaunchToolResponse
protobuf. Your producer should parse the output of a tool results into Issue
protobufs which are then passed into this method.
Documentation
¶
Overview ¶
Package producers provides helper functions for writing Dracon compatible producers that parse tool outputs. Subdirectories in this package have more complete example usages of this package.
Index ¶
Examples ¶
Constants ¶
const ( // EnvDraconStartTime Start Time of Dracon Scan in RFC3339 EnvDraconStartTime = "DRACON_SCAN_TIME" // EnvDraconScanID the ID of the dracon scan EnvDraconScanID = "DRACON_SCAN_ID" )
Variables ¶
var ( // InResults represents incoming tool output InResults string // OutFile points to the protobuf file where dracon results will be written OutFile string // Append flag will append to the outfile instead of overwriting, useful when there's multiple inresults Append bool )
Functions ¶
func ParseFlags ¶
func ParseFlags() error
ParseFlags will parse the input flags for the producer and perform simple validation
Example ¶
Output:
func ParseJSON ¶ added in v0.11.0
ParseJSON provides a generic method to parse JSON input (e.g. the results provided by a tool) into a given struct.
func ReadInFile ¶ added in v0.11.0
ReadInFile returns the contents of the file given by InResults.
Types ¶
This section is empty.
Directories
¶
Path | Synopsis |
---|---|
Package main implements a Dracon producer for MobSF, a mobile security framework (https://github.com/MobSF/Mobile-Security-Framework-MobSF).
|
Package main implements a Dracon producer for MobSF, a mobile security framework (https://github.com/MobSF/Mobile-Security-Framework-MobSF). |
report
Package report provides common types for scan report formats.
|
Package report provides common types for scan report formats. |
report/android
Package android provides types and functions for working with Android project scan reports from MobSF.
|
Package android provides types and functions for working with Android project scan reports from MobSF. |
report/ios
Package ios provides types and functions for working with iOS project scan reports from MobSF.
|
Package ios provides types and functions for working with iOS project scan reports from MobSF. |
types
Package types provides common types for audit report formats.
|
Package types provides common types for audit report formats. |
types/npmfullaudit
Package npmfullaudit provides types and functions for working with audit reports from npm's "Full Audit" endpoint (/-/npm/v1/security/audits) and transforming them into data structures understood by the Dracon enricher.
|
Package npmfullaudit provides types and functions for working with audit reports from npm's "Full Audit" endpoint (/-/npm/v1/security/audits) and transforming them into data structures understood by the Dracon enricher. |
types/npmquickaudit
Package npmquickaudit provides types and functions for working with audit reports from npm's "Quick Audit" endpoint (/-/npm/v1/security/audits/quick) and transforming them into data structures understood by the Dracon enricher.
|
Package npmquickaudit provides types and functions for working with audit reports from npm's "Quick Audit" endpoint (/-/npm/v1/security/audits/quick) and transforming them into data structures understood by the Dracon enricher. |