Class: LintFu::CLI::Scan

Inherits:
Command show all
Defined in:
lib/lint_fu/cli/scan.rb

Instance Method Summary collapse

Methods inherited from Command

#initialize

Constructor Details

This class inherits a constructor from LintFu::CLI::Command

Instance Method Details

#runObject 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/lint_fu/cli/scan.rb', line 3

def run
  #Build a model of the application we are scanning.
  timed("Build a model of the application") do
    builder = LintFu::Plugins::Rails.context_builder_for(self.app_root)

    unless builder
      say "Cannot determine context builder for #{File.basename(self.app_root)}."
      say "Either this application uses a framework that is unsupported by LintFu,"
      say "or a bug is preventing us from recognizing the application framework."
      say "Sorry!"
      exit(-1)
    end

    builder.build
    @application = builder.eide.first
  end

  #Using the model we built, scan the controllers for security bugs.
  timed("Scan the application") do
    @scan = LintFu::Scan.new(self.app_root)
    #TODO generalize/abstract this, same as we did for context builders
    builder = LintFu::Plugins::Rails.issue_builder_for(self.app_root)
    builder.build(@application, @scan)
  end

  @genuine_issues = @scan.issues.select { |i| !@scan.blessed?(i) }
  if @genuine_issues.empty?
    say "Clean scan: no issues found. Skipping report."
    exit(0)
  end

  #CruiseControl.rb integration: write our report to the CC build artifacts folder
  output_dir = ENV['CC_BUILD_ARTIFACTS'] || self.app_root
  mkdir_p output_dir unless File.directory?(output_dir)

  flavor   = ENV['FORMAT'] || 'html'
  typename = "#{flavor}_report".camelize

  #Use a filename (or STDOUT) for our report that corresponds to its format
  case flavor
    when 'html'
      output_name = File.join(output_dir, 'lint.html')
      output      = File.open(output_name, 'w')
    when 'text'
      output = STDOUT
    else
      say "Unrecognized output format #{flavor} (undefined type #{typename})"
      exit -1
  end

  klass    = LintFu.const_get(typename.to_sym)

  timed("Generate report") do
    klass.new(@scan, self.scm, @genuine_issues).generate(output)
    output.close
  end

  #Support automation jobs that need to distinguish between failure due to
  #broken environment and failure to due issues that were genuinely found by
  #the lint task.
  if ENV['STATUS_IF_ISSUES']
    if(@genuine_issues.size > 0)
      retval = ENV['STATUS_IF_ISSUES'].to_i
    else
      retval = 0
    end
  else
    retval = [@genuine_issues.size, 255].min
  end

  system("open #{output_name}") if (output != STDOUT && STDOUT.tty?)

  return retval
end