Take into account missing fields in Trivy report

umax · Oct 18, 2022 · dfbd712 · dfbd712
1 parent d29ae26
commit dfbd712
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,13 @@
+## v0.2.1 (2022-10-18)
+
+- Take into account missing fields in Trivy report.
+
+
+## v0.2.0 (2022-10-14)
+
+- Allow to override `filePath` field for SonarQube report.
+
+
 ## v0.1.1 (2022-10-13)
 
 - Handle missing `Results` key in Trivy report.

diff --git a/plugin.yaml b/plugin.yaml
@@ -1,10 +1,10 @@
 name: "sonarqube"
 repository: github.com/umax/trivy-plugin-sonarqube
-version: "0.2.0"
+version: "0.2.1"
 usage: Convert Trivy JSON report to SonarQube format
 description: |-
   A Trivy plugin that converts JSON report to SonarQube compatible format (https://docs.sonarqube.org/latest/analysis/generic-issue/).
   Usage: trivy sonarqube TRIVY-REPORT > SONARQUBE-REPORT
 platforms:
-  - uri: https://github.com/umax/trivy-plugin-sonarqube/releases/download/v0.2.0/trivy-sonarqube.tar.gz
+  - uri: https://github.com/umax/trivy-plugin-sonarqube/releases/download/v0.2.1/trivy-sonarqube.tar.gz
     bin: sonarqube.py
diff --git a/sonarqube.py b/sonarqube.py
@@ -26,15 +26,18 @@
 report = json.load(open(fname))
 for result in report.get('Results', []):
     for vuln in result['Vulnerabilities']:
-        issues.append({
-            'engineId': 'Trivy',
-            'ruleId': vuln['VulnerabilityID'],
-            'type': 'VULNERABILITY',
-            'severity': TRIVY_SONARQUBE_SEVERITY[vuln['Severity']],
-            'primaryLocation': {
-                'message': vuln['Description'],
-                'filePath': arg_filePath or result['Target'],
-            }
-        })
+        try:
+            issues.append({
+                'engineId': 'Trivy',
+                'ruleId': vuln['VulnerabilityID'],
+                'type': 'VULNERABILITY',
+                'severity': TRIVY_SONARQUBE_SEVERITY[vuln['Severity']],
+                'primaryLocation': {
+                    'message': vuln['Description'],
+                    'filePath': arg_filePath or result['Target'],
+                }
+            })
+        except KeyError:
+            continue
 
 print(json.dumps({'issues': issues}, indent=2))