Updating summary report

config/config.go → configs/config.go

@@ -1,4 +1,4 @@
-package config
+package configs
 
 import (
 	"fmt"
@@ -11,6 +11,8 @@ import (
 	"github.com/spf13/viper"
 )
 
+const DEFAULT_SLACK_ICON = " "
+
 type TeamConfig struct {
 	Name          string
 	Github_slug   string
@@ -89,22 +91,23 @@ func GetUserConfig(configFile string) (Config, error) {
 	return userCfg, nil
 }
 
-func GetIconForSeverity(severity FindingSeverityType, severities []SeverityConfig) (string, error) {
+func GetIconForSeverity(severity FindingSeverityType, severities []SeverityConfig) string {
 	for _, config := range severities {
 		if config.Label == SeverityNames[severity] {
-			return config.Slack_emoji, nil
+			return config.Slack_emoji
 		}
 	}
-	return "", fmt.Errorf("No Slack icon available for severity %s", SeverityNames[severity])
+	return DEFAULT_SLACK_ICON
+
 }
 
-func GetIconForEcosystem(ecosystem FindingEcosystemType, ecosystems []EcosystemConfig) (string, error) {
+func GetIconForEcosystem(ecosystem FindingEcosystemType, ecosystems []EcosystemConfig) string {
 	for _, config := range ecosystems {
 		if strings.ToLower(config.Label) == string(ecosystem) {
-			return config.Slack_emoji, nil
+			return config.Slack_emoji
 		}
 	}
-	return "", fmt.Errorf("No Slack icon available for ecosystem %s", ecosystem)
+	return DEFAULT_SLACK_ICON
 }
 
 func GetTeamConfigBySlug(teamSlug string, teams []TeamConfig) (TeamConfig, error) {

config/config_test.go → configs/config_test.go

@@ -1,4 +1,4 @@
-package config_test
+package configs
 
 import (
 	"fmt"
@@ -7,54 +7,51 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/underdog-tech/vulnbot/config"
 )
 
 func TestGetIconForConfiguredSeverity(t *testing.T) {
-	severities := []config.SeverityConfig{
+	severities := []SeverityConfig{
 		{Label: "High", Slack_emoji: ":high:"},
 		{Label: "Low", Slack_emoji: ":low:"},
 	}
-	icon, err := config.GetIconForSeverity(config.FindingSeverityHigh, severities)
+	icon := GetIconForSeverity(FindingSeverityHigh, severities)
 	assert.Equal(t, icon, ":high:")
-	assert.Nil(t, err)
 }
 
 func TestGetIconForUnconfiguredSeverity(t *testing.T) {
-	severities := []config.SeverityConfig{
+	severities := []SeverityConfig{
 		{Label: "High", Slack_emoji: ":high:"},
 		{Label: "Low", Slack_emoji: ":low:"},
 	}
-	icon, err := config.GetIconForSeverity(config.FindingSeverityModerate, severities)
-	assert.Empty(t, icon)
-	assert.Error(t, err)
+	icon := GetIconForSeverity(FindingSeverityModerate, severities)
+	assert.Equal(t, DEFAULT_SLACK_ICON, icon)
 }
 
 func TestGetIconForConfiguredEcosystem(t *testing.T) {
-	ecosystems := []config.EcosystemConfig{
+	ecosystems := []EcosystemConfig{
 		{Label: "Python", Slack_emoji: ":python:"},
 		{Label: "Go", Slack_emoji: ":golang:"},
 	}
-	icon, err := config.GetIconForEcosystem(config.FindingEcosystemPython, ecosystems)
+	icon := GetIconForEcosystem(FindingEcosystemPython, ecosystems)
 	assert.Equal(t, icon, ":python:")
-	assert.Nil(t, err)
+	assert.NotEqual(t, ":python:", DEFAULT_SLACK_ICON)
 }
 
 func TestGetConfiguredTeamConfigBySlug(t *testing.T) {
-	testersTeam := config.TeamConfig{Name: "Testers", Github_slug: "testers-team"}
-	failersTeam := config.TeamConfig{Name: "Failers", Github_slug: "failers-team"}
-	TeamConfigs := []config.TeamConfig{
+	testersTeam := TeamConfig{Name: "Testers", Github_slug: "testers-team"}
+	failersTeam := TeamConfig{Name: "Failers", Github_slug: "failers-team"}
+	TeamConfigs := []TeamConfig{
 		testersTeam,
 		failersTeam,
 	}
-	team, err := config.GetTeamConfigBySlug("testers-team", TeamConfigs)
+	team, err := GetTeamConfigBySlug("testers-team", TeamConfigs)
 	assert.Equal(t, team, testersTeam)
 	assert.Nil(t, err)
 }
 
 func TestGetUnconfiguredTeamConfigBySlug(t *testing.T) {
-	TeamConfigs := []config.TeamConfig{} // Empty is easiest for this purpose
-	team, err := config.GetTeamConfigBySlug("unknown-team", TeamConfigs)
+	TeamConfigs := []TeamConfig{} // Empty is easiest for this purpose
+	team, err := GetTeamConfigBySlug("unknown-team", TeamConfigs)
 	assert.Empty(t, team)
 	assert.Error(t, err)
 }
@@ -73,14 +70,14 @@ func TestGetUserConfigFromFile(t *testing.T) {
 	currentDir, err := getCurrentDir()
 	assert.Nil(t, err)
 	testDataPath := filepath.Join(currentDir, "/testdata/test_config.toml")
-	cfg, err := config.GetUserConfig(testDataPath)
+	cfg, err := GetUserConfig(testDataPath)
 	assert.Nil(t, err)
 	assert.Equal(t, "testing_slack_channel", cfg.Default_slack_channel)
-	assert.Equal(t, []config.EcosystemConfig{{Label: "Go", Slack_emoji: ":golang:"}}, cfg.Ecosystem)
+	assert.Equal(t, []EcosystemConfig{{Label: "Go", Slack_emoji: ":golang:"}}, cfg.Ecosystem)
 }
 
 func TestGetUserConfigFromEnv(t *testing.T) {
-	config.SetConfigDefaults()
+	SetConfigDefaults()
 
 	t.Setenv("VULNBOT_REPORTERS", "slack")
 	t.Setenv("VULNBOT_GITHUB_ORG", "hitchhikers")
@@ -90,7 +87,7 @@ func TestGetUserConfigFromEnv(t *testing.T) {
 	currentDir, err := getCurrentDir()
 	assert.Nil(t, err)
 	testDataPath := filepath.Join(currentDir, "/testdata/test_config.toml")
-	cfg, err := config.GetUserConfig(testDataPath)
+	cfg, err := GetUserConfig(testDataPath)
 	assert.Nil(t, err)
 
 	assert.Equal(t, []string{"slack"}, cfg.Reporters)

config/ecosystems.go → configs/ecosystems.go

@@ -1,4 +1,4 @@
-package config
+package configs
 
 type FindingEcosystemType string
 

config/severities.go → configs/severities.go

@@ -1,4 +1,4 @@
-package config
+package configs
 
 type FindingSeverityType uint8
 

go.mod

@@ -20,6 +20,7 @@ require (
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/gdexlab/go-render v1.0.1 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/gorilla/websocket v1.5.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect

go.sum

@@ -50,6 +50,8 @@ github.com/deckarep/golang-set/v2 v2.3.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpO
 github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
+github.com/gdexlab/go-render v1.0.1 h1:rxqB3vo5s4n1kF0ySmoNeSPRYkEsyHgln4jFIQY7v0U=
+github.com/gdexlab/go-render v1.0.1/go.mod h1:wRi5nW2qfjiGj4mPukH4UV0IknS1cHD4VgFTmJX5JzM=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=

internal/datasources.go

@@ -3,12 +3,12 @@ package internal
 import (
 	"sync"
 
-	"github.com/underdog-tech/vulnbot/config"
+	"github.com/underdog-tech/vulnbot/configs"
 	"github.com/underdog-tech/vulnbot/logger"
 	"github.com/underdog-tech/vulnbot/querying"
 )
 
-func GetDataSources(cfg *config.Config) []querying.DataSource {
+func GetDataSources(cfg *configs.Config) []querying.DataSource {
 	dataSources := []querying.DataSource{}
 
 	if cfg.Github_token != "" {

internal/scan.go

@@ -1,23 +1,24 @@
 package internal
 
 import (
+	"fmt"
 	"sync"
 	"time"
 
-	"github.com/underdog-tech/vulnbot/config"
-	"github.com/underdog-tech/vulnbot/logger"
-	"github.com/underdog-tech/vulnbot/reporting"
-
 	"github.com/spf13/cobra"
 	"golang.org/x/exp/slices"
+
+	"github.com/underdog-tech/vulnbot/configs"
+	"github.com/underdog-tech/vulnbot/logger"
+	"github.com/underdog-tech/vulnbot/reporting"
 )
 
 func Scan(cmd *cobra.Command, args []string) {
 	log := logger.Get()
 
 	// Load the configuration from file, CLI, and env
 	configPath := getString(cmd.Flags(), "config")
-	cfg, err := config.GetUserConfig(configPath)
+	cfg, err := configs.GetUserConfig(configPath)
 	if err != nil {
 		log.Fatal().Err(err).Msg("Failed to load configuration.")
 	}
@@ -55,20 +56,22 @@ func Scan(cmd *cobra.Command, args []string) {
 	for _, reporter := range reporters {
 		wg.Add(2)
 		go func(currentReporter reporting.Reporter) {
+			summaryReportHeader := fmt.Sprintf("%s %s %s", ":robot_face:", "Vulnbot Summary Report", ":robot_face:")
 			err := currentReporter.SendSummaryReport(
-				"Vulnbot Summary Report",
+				summaryReportHeader,
 				len(projects.Projects),
 				summary,
 				reportTime,
+				teamSummaries,
 				wg,
 			)
 			if err != nil {
 				log.Error().Err(err).Type("currentReporter", currentReporter).Msg("Error sending summary report.")
 			}
-			err = currentReporter.SendTeamReports(teamSummaries, reportTime, wg)
-			if err != nil {
-				log.Error().Err(err).Type("currentReporters", currentReporter).Msg("Error sending team reports.")
-			}
+			// err = currentReporter.SendTeamReports(teamSummaries, reportTime, wg)
+			// if err != nil {
+			// 	log.Error().Err(err).Type("currentReporters", currentReporter).Msg("Error sending team reports.")
+			// }
 		}(reporter)
 	}
 	wg.Wait()

querying/finding.go

@@ -3,7 +3,7 @@ package querying
 import (
 	"sync"
 
-	"github.com/underdog-tech/vulnbot/config"
+	"github.com/underdog-tech/vulnbot/configs"
 )
 
 type FindingIdentifierType string
@@ -18,8 +18,8 @@ const (
 // example, a CVE. A [Project] must never have duplicates of the same Finding.
 type Finding struct {
 	Identifiers FindingIdentifierMap
-	Ecosystem   config.FindingEcosystemType
-	Severity    config.FindingSeverityType
+	Ecosystem   configs.FindingEcosystemType
+	Severity    configs.FindingSeverityType
 	Description string
 	PackageName string
 	mu          sync.Mutex

querying/github.go

@@ -4,10 +4,11 @@ import (
 	"context"
 	"sync"
 
+	"golang.org/x/oauth2"
+
 	"github.com/shurcooL/githubv4"
-	"github.com/underdog-tech/vulnbot/config"
+	"github.com/underdog-tech/vulnbot/configs"
 	"github.com/underdog-tech/vulnbot/logger"
-	"golang.org/x/oauth2"
 )
 
 type githubClient interface {
@@ -18,11 +19,11 @@ type githubClient interface {
 type GithubDataSource struct {
 	GhClient githubClient
 	orgName  string
-	conf     *config.Config
+	conf     *configs.Config
 	ctx      context.Context
 }
 
-func NewGithubDataSource(conf *config.Config) GithubDataSource {
+func NewGithubDataSource(conf *configs.Config) GithubDataSource {
 	ghTokenSource := oauth2.StaticTokenSource(
 		&oauth2.Token{AccessToken: conf.Github_token},
 	)
@@ -87,26 +88,26 @@ type orgVulnerabilityQuery struct {
 }
 
 // Ref: https://docs.github.com/en/graphql/reference/enums#securityadvisoryecosystem
-var githubEcosystems = map[string]config.FindingEcosystemType{
-	"ACTIONS":  config.FindingEcosystemGHA,
-	"COMPOSER": config.FindingEcosystemPHP,
-	"ERLANG":   config.FindingEcosystemErlang,
-	"GO":       config.FindingEcosystemGo,
-	"MAVEN":    config.FindingEcosystemJava,
-	"NPM":      config.FindingEcosystemJS,
-	"NUGET":    config.FindingEcosystemCSharp,
-	"PIP":      config.FindingEcosystemPython,
-	"PUB":      config.FindingEcosystemDart,
-	"RUBYGEMS": config.FindingEcosystemRuby,
-	"RUST":     config.FindingEcosystemRust,
-	"SWIFT":    config.FindingEcosystemSwift,
+var githubEcosystems = map[string]configs.FindingEcosystemType{
+	"ACTIONS":  configs.FindingEcosystemGHA,
+	"COMPOSER": configs.FindingEcosystemPHP,
+	"ERLANG":   configs.FindingEcosystemErlang,
+	"GO":       configs.FindingEcosystemGo,
+	"MAVEN":    configs.FindingEcosystemJava,
+	"NPM":      configs.FindingEcosystemJS,
+	"NUGET":    configs.FindingEcosystemCSharp,
+	"PIP":      configs.FindingEcosystemPython,
+	"PUB":      configs.FindingEcosystemDart,
+	"RUBYGEMS": configs.FindingEcosystemRuby,
+	"RUST":     configs.FindingEcosystemRust,
+	"SWIFT":    configs.FindingEcosystemSwift,
 }
 
-var githubSeverities = map[string]config.FindingSeverityType{
-	"CRITICAL": config.FindingSeverityCritical,
-	"HIGH":     config.FindingSeverityHigh,
-	"MODERATE": config.FindingSeverityModerate,
-	"LOW":      config.FindingSeverityLow,
+var githubSeverities = map[string]configs.FindingSeverityType{
+	"CRITICAL": configs.FindingSeverityCritical,
+	"HIGH":     configs.FindingSeverityHigh,
+	"MODERATE": configs.FindingSeverityModerate,
+	"LOW":      configs.FindingSeverityLow,
 }
 
 func (gh *GithubDataSource) CollectFindings(projects *ProjectCollection, wg *sync.WaitGroup) error {
@@ -245,9 +246,9 @@ func (gh *GithubDataSource) gatherRepoOwners(projects *ProjectCollection) {
 			log.Fatal().Err(err).Msg("Failed to query GitHub for repository ownership.")
 		}
 		for _, team := range ownerQuery.Organization.Teams.Nodes {
-			teamConfig, err := config.GetTeamConfigBySlug(team.Slug, gh.conf.Team)
+			teamConfig, err := configs.GetTeamConfigBySlug(team.Slug, gh.conf.Team)
 			if err != nil {
-				log.Warn().Err(err).Str("slug", team.Slug).Msg("Failed to load team from config.")
+				log.Warn().Err(err).Str("slug", team.Slug).Msg("Failed to load team from configs.")
 				continue
 			}
 			// TODO: Handle pagination of repositories owned by a team