Add the ability to generate JUnit XML reports with a -J flag

If the -J flag is passed, generate JUnit XML reports for each check, in-line with how Java tools generate JUnit reports. Check section numbers equate to 'root packages', checks are second-level packages, each check equates to a testsuite (mirroring Java where each test class is a testsuite) and each pass/fail of a check equates to a testcase Time the execution of each check and include this in the report Include properties (Prowler version, check level etc.) in-line with standard JUnit files XML escape all strings for safety Detect if a user has GNU coreutils installed on Mac OS X, but not as their default, switching to using gdate for date commands if so, as it has more features, including getting dates in milliseconds Add prowler-output, junit-reports and VSCode files to .gitignore Update README to include JUnit info, address markdownlint warnings Remove unused arguments to jq in generateJsonAsffOutput Fixes #537
2026-02-10 23:05:05 +00:00 · 2020-04-15 02:36:16 +01:00
parent 462527015c
commit 994390351e
6 changed files with 277 additions and 67 deletions
--- a/include/outputs
+++ b/include/outputs
@@ -16,7 +16,7 @@
 EXTENSION_CSV="csv"
 EXTENSION_JSON="json"
 EXTENSION_ASFF="asff-json"
-EXTENSION_HTML="html" # not implemented yet, use ansi2html as in documentation 
+EXTENSION_HTML="html" # not implemented yet, use ansi2html as in documentation
 OUTPUT_DATE=$(date -u +"%Y%m%d%H%M%S")
 OUTPUT_FILE_NAME=prowler-output-$OUTPUT_DATE

@@ -27,6 +27,9 @@ textPass(){
  fi

  PASS_COUNTER=$((PASS_COUNTER+1))
+  if [[ "${GENERATE_JUNIT}" -eq 1 ]]; then
+    output_junit_success "$1"
+  fi
  if [[ "${MODES[@]}" =~ "csv" || "${MODES[@]}" =~ "json" || "${MODES[@]}" =~ "json-asff" ]]; then
    if [[ $2 ]]; then
      REPREGION=$2
@@ -34,14 +37,14 @@ textPass(){
      REPREGION=$REGION
    fi
    if [[ "${MODES[@]}" =~ "csv" ]]; then
-      echo "$PROFILE${SEP}$ACCOUNT_NUM${SEP}$REPREGION${SEP}$TITLE_ID${SEP}PASS${SEP}$ITEM_SCORED${SEP}$ITEM_LEVEL${SEP}$TITLE_TEXT${SEP}$1" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_CSV 
-    fi 
+      echo "$PROFILE${SEP}$ACCOUNT_NUM${SEP}$REPREGION${SEP}$TITLE_ID${SEP}PASS${SEP}$ITEM_SCORED${SEP}$ITEM_LEVEL${SEP}$TITLE_TEXT${SEP}$1" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_CSV
+    fi
    if [[ "${MODES[@]}" =~ "json" ]]; then
-      generateJsonOutput "$1" "Pass" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_JSON 
+      generateJsonOutput "$1" "Pass" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_JSON
    fi
    if [[ "${MODES[@]}" =~ "json-asff" ]]; then
      JSON_ASFF_OUTPUT=$(generateJsonAsffOutput "$1" "PASSED" "INFORMATIONAL")
-      echo "${JSON_ASFF_OUTPUT}" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_ASFF 
+      echo "${JSON_ASFF_OUTPUT}" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_ASFF
      if [[ "${SEND_TO_SECURITY_HUB}" -eq 1 ]]; then
        sendToSecurityHub "${JSON_ASFF_OUTPUT}"
      fi
@@ -56,6 +59,9 @@ textInfo(){
    return
  fi

+  if [[ "${GENERATE_JUNIT}" -eq 1 ]]; then
+    output_junit_info "$1"
+  fi
  if [[ "${MODES[@]}" =~ "csv" || "${MODES[@]}" =~ "json" || "${MODES[@]}" =~ "json-asff" ]]; then
    if [[ $2 ]]; then
      REPREGION=$2
@@ -76,6 +82,9 @@ textInfo(){
 textFail(){
  FAIL_COUNTER=$((FAIL_COUNTER+1))
  EXITCODE=3
+  if [[ "${GENERATE_JUNIT}" -eq 1 ]]; then
+    output_junit_failure "$1"
+  fi
  if [[ "${MODES[@]}" =~ "csv" || "${MODES[@]}" =~ "json" || "${MODES[@]}" =~ "json-asff" ]]; then
    if [[ $2 ]]; then
      REPREGION=$2
@@ -86,7 +95,7 @@ textFail(){
      echo "$PROFILE${SEP}$ACCOUNT_NUM${SEP}$REPREGION${SEP}$TITLE_ID${SEP}FAIL${SEP}$ITEM_SCORED${SEP}$ITEM_LEVEL${SEP}$TITLE_TEXT${SEP}$1" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_CSV
    fi
    if [[ "${MODES[@]}" =~ "json" ]]; then
-      generateJsonOutput "$1" "Fail" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_JSON 
+      generateJsonOutput "$1" "Fail" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_JSON
    fi
    if [[ "${MODES[@]}" =~ "json-asff" ]]; then
      JSON_ASFF_OUTPUT=$(generateJsonAsffOutput "$1" "FAILED" "HIGH")
@@ -131,7 +140,7 @@ textTitle(){
  esac

  if [[ "${MODES[@]}" =~ "csv" ]]; then
-      >&2 echo "$TITLE_ID $TITLE_TEXT" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_CSV 
+      >&2 echo "$TITLE_ID $TITLE_TEXT" | tee -a $OUTPUT_FILE_NAME.$EXTENSION_CSV
  elif [[ "${MODES[@]}" =~ "json" || "${MODES[@]}" =~ "json-asff" ]]; then
    :
  else
@@ -156,7 +165,7 @@ generateJsonOutput(){
  --arg ITEM_LEVEL "$ITEM_LEVEL" \
  --arg TITLE_ID "$TITLE_ID" \
  --arg REPREGION "$REPREGION" \
-  --arg TIMESTAMP $(date -u +"%Y-%m-%dT%H:%M:%SZ") \
+  --arg TIMESTAMP "$(get_iso8601_timestamp)" \
  -n '{
    "Profile": $PROFILE,
    "Account Number": $ACCOUNT_NUM,
@@ -178,20 +187,17 @@ generateJsonAsffOutput(){
  local status=$2
  local severity=$3
  jq -M -c \
-  --arg PROFILE "$PROFILE" \
  --arg ACCOUNT_NUM "$ACCOUNT_NUM" \
  --arg TITLE_TEXT "$TITLE_TEXT" \
  --arg MESSAGE "$(echo -e "${message}" | sed -e 's/^[[:space:]]*//')" \
  --arg UNIQUE_ID "$(LC_ALL=C echo -e "${message}" | tr -cs '[:alnum:]._~-\n' '_')" \
  --arg STATUS "$status" \
  --arg SEVERITY "$severity" \
-  --arg SCORED "$ITEM_SCORED" \
-  --arg ITEM_LEVEL "$ITEM_LEVEL" \
  --arg TITLE_ID "$TITLE_ID" \
  --arg TYPE "$ASFF_TYPE" \
  --arg RESOURCE_TYPE "$ASFF_RESOURCE_TYPE" \
  --arg REPREGION "$REPREGION" \
-  --arg TIMESTAMP $(date -u +"%Y-%m-%dT%H:%M:%SZ") \
+  --arg TIMESTAMP "$(get_iso8601_timestamp)" \
  --arg PROWLER_VERSION "$PROWLER_VERSION" \
 -n '{
      "SchemaVersion": "2018-10-08",