Skip to content

[WIP] Refactor data model #149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bluesentinelsec wants to merge 18 commits into
base: develop
Choose a base branch
from
Open

[WIP] Refactor data model #149

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
294905f
feat: add ArtifactType enum with comprehensive validation
bluesentinelsec Nov 4, 2025
9e83ef5
feat: implement strangler fig pattern with ScanConfig data model
bluesentinelsec Nov 4, 2025
f2f54be
refactor: replace final string comparison with type-safe enum check
bluesentinelsec Nov 4, 2025
b67ccc7
fix: convert data model tests to unittest format for CI compatibility
bluesentinelsec Nov 4, 2025
4312258
feat: complete ScanConfig with all core scanning fields
bluesentinelsec Nov 4, 2025
b72d7b0
refactor: replace args usage with ScanConfig in sbomgen invocation
bluesentinelsec Nov 4, 2025
bbb3956
refactor: migrate platform usage to ScanConfig and enhance logging
bluesentinelsec Nov 4, 2025
52e652c
refactor: expand ScanConfig usage in orchestrator functions
bluesentinelsec Nov 5, 2025
fde1536
feat: add OutputConfig data model with from_args() method
bluesentinelsec Nov 6, 2025
feaa454
refactor: migrate orchestrator to use OutputConfig throughout
bluesentinelsec Nov 6, 2025
97d51df
added SBOMOutput scaffold
bluesentinelsec Nov 6, 2025
12fc89f
fix failing tests (CICD)
bluesentinelsec Nov 6, 2025
d45fa7b
feat: add VulnScanOutput data model with comprehensive test coverage
bluesentinelsec Nov 6, 2025
27e4340
refactor: replace invoke_sbomgen return code with structured SBOMOutput
bluesentinelsec Nov 19, 2025
250d20c
refactor: replace invoke_inspector_scan return code with structured V…
bluesentinelsec Nov 19, 2025
742e501
refactor: replace get_scan_result tuple return with structured VulnSc…
bluesentinelsec Nov 19, 2025
15c40ad
refactor: update callers to use VulnScanOutput instead of tuple unpac…
bluesentinelsec Nov 19, 2025
8fb6100
refactor: update output functions to support VulnScanOutput with back…
bluesentinelsec Nov 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
162 changes: 162 additions & 0 deletions entrypoint/entrypoint/data_model.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,162 @@
from enum import Enum


def parse_comma_list(value):
if not value or value == "''":
return None
result = []
parts = value.split(',')
for part in parts:
clean_part = part.strip()
if clean_part:
result.append(clean_part)
return result


class ArtifactType(Enum):
REPOSITORY = "repository"
CONTAINER = "container"
BINARY = "binary"
ARCHIVE = "archive"


class ScanConfig:
def __init__(self, artifact_type=None, artifact_path=None, sbomgen_version=None, timeout=None, platform=None, scanners=None, skip_scanners=None, skip_files=None):
self.artifact_type = artifact_type
self.artifact_path = artifact_path
self.sbomgen_version = sbomgen_version
self.timeout = timeout
self.platform = platform
self.scanners = scanners
self.skip_scanners = skip_scanners
self.skip_files = skip_files

@classmethod
def from_args(ScanConfig, args):
return ScanConfig(
artifact_type=ArtifactType(args.artifact_type),
artifact_path=args.artifact_path,
sbomgen_version=args.sbomgen_version,
timeout=int(args.timeout),
platform=args.platform,
scanners=parse_comma_list(args.scanners),
skip_scanners=parse_comma_list(args.skip_scanners),
skip_files=parse_comma_list(args.skip_files)
)


class OutputConfig:
def __init__(self,
display_vulnerability_findings="disabled",
show_only_fixable_vulns=False,
output_sbom_path="sbom.json",
output_inspector_scan_path="inspector-scan.json",
output_inspector_scan_path_csv="inspector-scan.csv",
output_inspector_scan_path_markdown="inspector-scan.md",
output_dockerfile_scan_csv="inspector-dockerfile-scan.csv",
output_dockerfile_scan_markdown="inspector-dockerfile-scan.md",
thresholds=False,
critical_threshold=0,
high_threshold=0,
medium_threshold=0,
low_threshold=0,
other_threshold=0,
threshold_fixable_only=False):
# Convert string to boolean for type safety
if display_vulnerability_findings == "enabled":
self.display_vulnerability_findings = True
else:
self.display_vulnerability_findings = False

self.show_only_fixable_vulns = show_only_fixable_vulns
self.output_sbom_path = output_sbom_path
self.output_inspector_scan_path = output_inspector_scan_path
self.output_inspector_scan_path_csv = output_inspector_scan_path_csv
self.output_inspector_scan_path_markdown = output_inspector_scan_path_markdown
self.output_dockerfile_scan_csv = output_dockerfile_scan_csv
self.output_dockerfile_scan_markdown = output_dockerfile_scan_markdown
self.thresholds = thresholds
self.critical_threshold = critical_threshold
self.high_threshold = high_threshold
self.medium_threshold = medium_threshold
self.low_threshold = low_threshold
self.other_threshold = other_threshold
self.threshold_fixable_only = threshold_fixable_only

@classmethod
def from_args(OutputConfig, args):
return OutputConfig(
display_vulnerability_findings=args.display_vuln_findings,
show_only_fixable_vulns=args.show_only_fixable_vulns,
output_sbom_path=args.out_sbom,
output_inspector_scan_path=args.out_scan,
output_inspector_scan_path_csv=args.out_scan_csv,
output_inspector_scan_path_markdown=args.out_scan_markdown,
output_dockerfile_scan_csv=args.out_dockerfile_scan_csv,
output_dockerfile_scan_markdown=args.out_dockerfile_scan_md,
thresholds=args.thresholds,
critical_threshold=args.critical,
high_threshold=args.high,
medium_threshold=args.medium,
low_threshold=args.low,
other_threshold=args.other,
threshold_fixable_only=args.threshold_fixable_only
)


class SBOMOutput:
def __init__(self,
file_path=None,
generation_success=False,
return_code=None,
generation_time=None,
file_size=None,
error_message=None):
self.file_path = file_path
self.generation_success = generation_success
self.return_code = return_code
self.generation_time = generation_time
self.file_size = file_size
self.error_message = error_message


class VulnScanOutput:
def __init__(self,
# Core scan results
scan_success=False,
return_code=None,
scan_results_file_path=None,

# Performance/timing data
scan_time=None,
results_file_size=None,

# Vulnerability counts
total_vulnerabilities=None,
critical_count=None,
high_count=None,
medium_count=None,
low_count=None,
other_count=None,

# Error handling
error_message=None):
# Core scan results
self.scan_success = scan_success
self.return_code = return_code
self.scan_results_file_path = scan_results_file_path

# Performance/timing data
self.scan_time = scan_time
self.results_file_size = results_file_size

# Vulnerability counts
self.total_vulnerabilities = total_vulnerabilities
self.critical_count = critical_count
self.high_count = high_count
self.medium_count = medium_count
self.low_count = low_count
self.other_count = other_count

# Error handling
self.error_message = error_message
Loading