changes after merge and testcases

internal/commands/result.go

@@ -595,44 +595,45 @@ func printAPIsSecuritySummary(summary *wrappers.ResultSummary) {
 	if summary.HasAPISecurityDocumentation() {
 		fmt.Printf("              APIS DOCUMENTATION: %*d \n", defaultPaddingSize, summary.GetAPISecurityDocumentationTotal())
 	}
-	fmt.Printf("              --------------------------------------------------     \n\n")
+	fmt.Printf("              ----------------------------------------------------------------     \n\n")
 }
 
 func printTableRow(title string, counts *wrappers.EngineResultSummary, statusNumber int) {
-	formatString := "              | %-4s   %4d   %6d   %4d   %4d   %-9s  |\n"
-	notAvailableFormatString := "              | %-4s   %4s   %6s   %4s   %4s   %5s      |\n"
+	formatString := "              | %-4s         %4d   %4d   %6d   %4d   %4d   %-9s  |\n"
+	notAvailableFormatString := "              | %-4s         %4s   %4s   %6s   %4s   %4s   %5s      |\n"
 
 	switch statusNumber {
 	case notAvailableNumber:
-		fmt.Printf(notAvailableFormatString, title, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString)
+		fmt.Printf(notAvailableFormatString, title, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString)
 	case scanFailedNumber:
-		fmt.Printf(formatString, title, counts.High, counts.Medium, counts.Low, counts.Info, scanFailedString)
+		fmt.Printf(formatString, title, counts.Critical, counts.High, counts.Medium, counts.Low, counts.Info, scanFailedString)
 	case scanCanceledNumber:
-		fmt.Printf(formatString, title, counts.High, counts.Medium, counts.Low, counts.Info, scanCanceledString)
+		fmt.Printf(formatString, title, counts.Critical, counts.High, counts.Medium, counts.Low, counts.Info, scanCanceledString)
 	default:
-		fmt.Printf(formatString, title, counts.High, counts.Medium, counts.Low, counts.Info, scanSuccessString)
+		fmt.Printf(formatString, title, counts.Critical, counts.High, counts.Medium, counts.Low, counts.Info, scanSuccessString)
 	}
 }
 
 func printResultsSummaryTable(summary *wrappers.ResultSummary) {
+	totalCriticalIssues := summary.EnginesResult.GetCriticalIssues()
 	totalHighIssues := summary.EnginesResult.GetHighIssues()
 	totalMediumIssues := summary.EnginesResult.GetMediumIssues()
 	totalLowIssues := summary.EnginesResult.GetLowIssues()
 	totalInfoIssues := summary.EnginesResult.GetInfoIssues()
-	fmt.Printf("              ---------------------------------------------------     \n\n")
+	fmt.Printf("              ----------------------------------------------------------------     \n\n")
 	fmt.Printf("              Total Results: %d                       \n", summary.TotalIssues)
-	fmt.Println("              ---------------------------------------------------     ")
-	fmt.Println("              |          High   Medium   Low   Info   Status    |")
+	fmt.Println("              ----------------------------------------------------------------     ")
+	fmt.Println("              |          Critical   High   Medium    Low   Info   Status     |")
 
 	printTableRow("APIs", summary.EnginesResult[commonParams.APISecType], summary.EnginesResult[commonParams.APISecType].StatusCode)
 	printTableRow("IAC", summary.EnginesResult[commonParams.KicsType], summary.EnginesResult[commonParams.KicsType].StatusCode)
 	printTableRow("SAST", summary.EnginesResult[commonParams.SastType], summary.EnginesResult[commonParams.SastType].StatusCode)
 	printTableRow("SCA", summary.EnginesResult[commonParams.ScaType], summary.EnginesResult[commonParams.ScaType].StatusCode)
 
-	fmt.Println("              ---------------------------------------------------     ")
-	fmt.Printf("              | %-4s  %4d   %6d   %4d   %4d   %-9s  |\n",
-		fmt.Sprintf(boldFormat, "TOTAL"), totalHighIssues, totalMediumIssues, totalLowIssues, totalInfoIssues, summary.Status)
-	fmt.Printf("              ---------------------------------------------------     \n\n")
+	fmt.Println("              ----------------------------------------------------------------     ")
+	fmt.Printf("              | %-4s        %4d   %4d   %6d   %4d   %4d   %-9s  |\n",
+		fmt.Sprintf(boldFormat, "TOTAL"), totalCriticalIssues, totalHighIssues, totalMediumIssues, totalLowIssues, totalInfoIssues, summary.Status)
+	fmt.Printf("              ----------------------------------------------------------------     \n\n")
 }
 
 func generateScanSummaryURL(summary *wrappers.ResultSummary) string {
@@ -825,7 +826,9 @@ func countResult(summary *wrappers.ResultSummary, result *wrappers.ScanResult) {
 			summary.KicsIssues++
 			summary.TotalIssues++
 		}
-		if severity == highLabel {
+		if severity == criticalLabel {
+			summary.CriticalIssues++
+		} else if severity == highLabel {
 			summary.HighIssues++
 		} else if severity == lowLabel {
 			summary.LowIssues++

internal/commands/result_test.go

@@ -367,3 +367,89 @@ func Test_addPackageInformation(t *testing.T) {
 	actualFixLink := resultsModel.Results[0].ScanResultData.ScaPackageCollection.FixLink
 	assert.Equal(t, expectedFixLink, actualFixLink, "FixLink should match the result ID")
 }
+
+func Test_setRiskMsgAndStyle_critical(t *testing.T) {
+	var summary wrappers.ResultSummary
+	summary.CriticalIssues = 1
+	setRiskMsgAndStyle(&summary)
+	assert.Equal(t, criticalLabel, summary.RiskStyle, "Incorrect Risk Style for critical issues.")
+	assert.Equal(t, "Critical Risk", summary.RiskMsg, "Incorrect Risk Message for critical issues.")
+}
+func Test_setRiskMsgAndStyle_high(t *testing.T) {
+	var summary wrappers.ResultSummary
+	summary.CriticalIssues = 0
+	summary.HighIssues = 1
+	setRiskMsgAndStyle(&summary)
+	assert.Equal(t, highLabel, summary.RiskStyle, "Incorrect Risk Style for high issues.")
+	assert.Equal(t, "High Risk", summary.RiskMsg, "Incorrect Risk Message for high issues.")
+}
+func Test_setRiskMsgAndStyle_criticalAndHigh(t *testing.T) {
+	var summary wrappers.ResultSummary
+	summary.CriticalIssues = 1
+	summary.HighIssues = 1
+	setRiskMsgAndStyle(&summary)
+	assert.Equal(t, criticalLabel, summary.RiskStyle, "Incorrect Risk Style for critical issues.")
+	assert.Equal(t, "Critical Risk", summary.RiskMsg, "Incorrect Risk Message for critical issues.")
+}
+func Test_countResult(t *testing.T) {
+	var result wrappers.ScanResult
+	result.Type = params.SastType
+	result.Severity = criticalLabel
+	result.State = "EXPLOITABLE"
+
+	var summary wrappers.ResultSummary
+	engineEnabled := []string{params.SastType}
+	summary.EnginesEnabled = engineEnabled
+	summary.SastIssues = 100
+	summary.TotalIssues = 1000
+	summary.CriticalIssues = 10
+	var engineResultSummary wrappers.EngineResultSummary
+	engineResultSummary.Critical = 0
+	var engineResult = make(map[string]*wrappers.EngineResultSummary)
+	engineResult[params.SastType] = &engineResultSummary
+	summary.EnginesResult = engineResult
+
+	countResult(&summary, &result)
+
+	assert.Equal(t, 101, summary.SastIssues, "Critical issues in summary SAST issues are not counted properly")
+	assert.Equal(t, 1001, summary.TotalIssues, "Critical issues in summary total issues are not counted properly")
+	assert.Equal(t, 11, summary.CriticalIssues, "Critical issues in summary are not counted properly")
+	assert.Equal(t, 1, summary.EnginesResult[params.SastType].Critical, "Critical issues in summary for SAST are not counted properly")
+}
+func Test_countResult_high(t *testing.T) {
+	var result wrappers.ScanResult
+	result.Type = params.ScaType
+	result.Severity = highLabel
+	result.State = "EXPLOITABLE"
+
+	var summary wrappers.ResultSummary
+	engineEnabled := []string{params.ScaType}
+	summary.EnginesEnabled = engineEnabled
+	summary.ScaIssues = 100
+	summary.TotalIssues = 1000
+	summary.HighIssues = 10
+	var engineResultSummary wrappers.EngineResultSummary
+	engineResultSummary.High = 0
+	var engineResult = make(map[string]*wrappers.EngineResultSummary)
+	engineResult[params.ScaType] = &engineResultSummary
+	summary.EnginesResult = engineResult
+
+	countResult(&summary, &result)
+
+	assert.Equal(t, 101, summary.ScaIssues, "High issues in summary SCA issues are not counted properly")
+	assert.Equal(t, 1001, summary.TotalIssues, "High issues in summary total issues are not counted properly")
+	assert.Equal(t, 11, summary.HighIssues, "High issues in summary are not counted properly")
+	assert.Equal(t, 1, summary.EnginesResult[params.ScaType].High, "High issues in summary for SCA are not counted properly")
+}
+func Test_findSarifLevel_critical(t *testing.T) {
+	var result wrappers.ScanResult
+	result.Severity = criticalCx
+	var sarifLevel = findSarifLevel(&result)
+	assert.Equal(t, highSarif, sarifLevel, "Incorrect sarif level for critical issues.")
+}
+func Test_findSarifLevel_high(t *testing.T) {
+	var result wrappers.ScanResult
+	result.Severity = highCx
+	var sarifLevel = findSarifLevel(&result)
+	assert.Equal(t, highSarif, sarifLevel, "Incorrect sarif level for high issues.")
+}

internal/wrappers/feature-flags.go

@@ -32,6 +32,8 @@ var FeatureFlagsBaseMap = []CommandFlags{
 				Default: false,
 			},
 		},
+	},
+	{
 		CommandName: "cx project create",
 	},
 }

internal/wrappers/results-summary.go

@@ -49,6 +49,7 @@ type riskDistribution struct {
 	Total  int    `json:"total,omitempty"`
 }
 type EngineResultSummary struct {
+	Critical   int
 	High       int
 	Medium     int
 	Low        int
@@ -58,6 +59,14 @@ type EngineResultSummary struct {
 
 type EnginesResultsSummary map[string]*EngineResultSummary
 
+func (engineSummary *EnginesResultsSummary) GetCriticalIssues() int {
+	criticalIssues := 0
+	for _, v := range *engineSummary {
+		criticalIssues += v.Critical
+	}
+	return criticalIssues
+}
+
 func (engineSummary *EnginesResultsSummary) GetHighIssues() int {
 	highIssues := 0
 	for _, v := range *engineSummary {
@@ -92,6 +101,8 @@ func (engineSummary *EnginesResultsSummary) GetInfoIssues() int {
 
 func (engineSummary *EngineResultSummary) Increment(level string) {
 	switch level {
+	case "critical":
+		engineSummary.Critical++
 	case "high":
 		engineSummary.High++
 	case "medium":