add a github actions config (#985)

* add a github actions config

* fix(log): Don't create a log dir when testing

* remove a meaningless test case

* Thanks for everything, Mr, Travys.

* add golangci

* add goreleaser.yml

* add tidy.yml

* add golang-ci

* fix many lint warnings

report/email.go

@@ -54,14 +54,15 @@ func (w EMailWriter) Write(rs ...models.ScanResult) (err error) {
 			}
 		}
 	}
-	summary := ""
+	var summary string
 	if config.Conf.IgnoreUnscoredCves {
 		summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
 			m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"])
+	} else {
+		summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
+			m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
+			m["High"], m["Medium"], m["Low"], m["Unknown"])
 	}
-	summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
-		m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
-		m["High"], m["Medium"], m["Low"], m["Unknown"])
 	origmessage := message
 	if conf.FormatOneEMail {
 		message = fmt.Sprintf("One Line Summary\r\n================\r\n%s", formatOneLineSummary(rs...))

report/http.go

@@ -17,7 +17,9 @@ type HTTPRequestWriter struct{}
 func (w HTTPRequestWriter) Write(rs ...models.ScanResult) (err error) {
 	for _, r := range rs {
 		b := new(bytes.Buffer)
-		json.NewEncoder(b).Encode(r)
+		if err := json.NewEncoder(b).Encode(r); err != nil {
+			return err
+		}
 		_, err = http.Post(c.Conf.HTTP.URL, "application/json; charset=utf-8", b)
 		if err != nil {
 			return err

report/report.go

@@ -213,7 +213,7 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, igno
 
 // fillCveDetail fetches NVD, JVN from CVE Database
 func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
-	var cveIDs []string
+	cveIDs := []string{}
 	for _, v := range r.ScannedCves {
 		cveIDs = append(cveIDs, v.CveID)
 	}
@@ -224,9 +224,6 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
 	}
 	for _, d := range ds {
 		nvd := models.ConvertNvdJSONToModel(d.CveID, d.NvdJSON)
-		if nvd == nil {
-			nvd = models.ConvertNvdXMLToModel(d.CveID, d.NvdXML)
-		}
 		jvn := models.ConvertJvnToModel(d.CveID, d.Jvn)
 
 		alerts := fillCertAlerts(&d)
@@ -533,6 +530,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) {
 		return results[i].ServerName < results[j].ServerName
 	})
 
+	re := regexp.MustCompile(reUUID)
 	for i, r := range results {
 		server := c.Conf.Servers[r.ServerName]
 		if server.UUIDs == nil {
@@ -554,8 +552,8 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) {
 		}
 
 		if id, ok := server.UUIDs[name]; ok {
-			matched, err := regexp.MatchString(reUUID, id)
-			if !matched || err != nil {
+			ok := re.MatchString(id)
+			if !ok || err != nil {
 				util.Log.Warnf("UUID is invalid. Re-generate UUID %s: %s", id, err)
 			} else {
 				if r.IsContainer() {

report/s3.go

@@ -23,16 +23,24 @@ import (
 // S3Writer writes results to S3
 type S3Writer struct{}
 
-func getS3() *s3.S3 {
-	Config := &aws.Config{
+func getS3() (*s3.S3, error) {
+	ses, err := session.NewSession()
+	if err != nil {
+		return nil, err
+	}
+	config := &aws.Config{
 		Region: aws.String(c.Conf.AWS.Region),
 		Credentials: credentials.NewChainCredentials([]credentials.Provider{
 			&credentials.EnvProvider{},
 			&credentials.SharedCredentialsProvider{Filename: "", Profile: c.Conf.AWS.Profile},
-			&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())},
+			&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(ses)},
 		}),
 	}
-	return s3.New(session.New(Config))
+	s, err := session.NewSession(config)
+	if err != nil {
+		return nil, err
+	}
+	return s3.New(s), nil
 }
 
 // Write results to S3
@@ -42,7 +50,10 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) {
 		return nil
 	}
 
-	svc := getS3()
+	svc, err := getS3()
+	if err != nil {
+		return err
+	}
 
 	if c.Conf.FormatOneLineText {
 		timestr := rs[0].ScannedAt.Format(time.RFC3339)
@@ -99,7 +110,11 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) {
 
 // CheckIfBucketExists check the existence of S3 bucket
 func CheckIfBucketExists() error {
-	svc := getS3()
+	svc, err := getS3()
+	if err != nil {
+		return err
+	}
+
 	result, err := svc.ListBuckets(&s3.ListBucketsInput{})
 	if err != nil {
 		return xerrors.Errorf(

report/slack.go

@@ -16,12 +16,6 @@ import (
 	"golang.org/x/xerrors"
 )
 
-type field struct {
-	Title string `json:"title"`
-	Value string `json:"value"`
-	Short bool   `json:"short"`
-}
-
 type message struct {
 	Text        string             `json:"text"`
 	Username    string             `json:"username"`

report/syslog.go

@@ -28,7 +28,7 @@ func (w SyslogWriter) Write(rs ...models.ScanResult) (err error) {
 	for _, r := range rs {
 		messages := w.encodeSyslog(r)
 		for _, m := range messages {
-			if _, err = fmt.Fprintf(sysLog, m); err != nil {
+			if _, err = fmt.Fprint(sysLog, m); err != nil {
 				return err
 			}
 		}

report/tui.go

@@ -101,7 +101,6 @@ func keybindings(g *gocui.Gui) (err error) {
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeySpace, gocui.ModNone, cursorPageDown))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace, gocui.ModNone, cursorPageUp))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace2, gocui.ModNone, cursorPageUp))
-	//  errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlM, gocui.ModNone, cursorMoveMiddle))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyEnter, gocui.ModNone, nextView))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlN, gocui.ModNone, nextSummary))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlP, gocui.ModNone, previousSummary))
@@ -169,7 +168,7 @@ func nextView(g *gocui.Gui, v *gocui.View) error {
 	var err error
 
 	if v == nil {
-		err = g.SetCurrentView("side")
+		return g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
@@ -190,7 +189,7 @@ func previousView(g *gocui.Gui, v *gocui.View) error {
 	var err error
 
 	if v == nil {
-		err = g.SetCurrentView("side")
+		return g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
@@ -283,31 +282,15 @@ func cursorDown(g *gocui.Gui, v *gocui.View) error {
 				return err
 			}
 		}
-		onMovingCursorRedrawView(g, v)
+		err := onMovingCursorRedrawView(g, v)
+		if err != nil {
+			return err
+		}
 	}
 
 	cx, cy := v.Cursor()
 	ox, oy := v.Origin()
-	debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy))
-	return nil
-}
-
-func cursorMoveTop(g *gocui.Gui, v *gocui.View) error {
-	if v != nil {
-		cx, _ := v.Cursor()
-		v.SetCursor(cx, 0)
-	}
-	onMovingCursorRedrawView(g, v)
-	return nil
-}
-
-func cursorMoveBottom(g *gocui.Gui, v *gocui.View) error {
-	if v != nil {
-		_, maxY := v.Size()
-		cx, _ := v.Cursor()
-		v.SetCursor(cx, maxY-1)
-	}
-	onMovingCursorRedrawView(g, v)
+	_ = debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy))
 	return nil
 }
 
@@ -315,9 +298,13 @@ func cursorMoveMiddle(g *gocui.Gui, v *gocui.View) error {
 	if v != nil {
 		_, maxY := v.Size()
 		cx, _ := v.Cursor()
-		v.SetCursor(cx, maxY/2)
+		if err := v.SetCursor(cx, maxY/2); err != nil {
+			return err
+		}
+	}
+	if err := onMovingCursorRedrawView(g, v); err != nil {
+		return err
 	}
-	onMovingCursorRedrawView(g, v)
 	return nil
 }
 
@@ -332,23 +319,25 @@ func cursorPageDown(g *gocui.Gui, v *gocui.View) error {
 
 		if !ok {
 			if yLimit < maxY {
-				v.SetCursor(cx, yLimit)
+				_ = v.SetCursor(cx, yLimit)
 			} else {
-				v.SetCursor(cx, maxY-1)
-				v.SetOrigin(ox, yLimit-maxY+1)
+				_ = v.SetCursor(cx, maxY-1)
+				_ = v.SetOrigin(ox, yLimit-maxY+1)
 			}
 		} else if yLimit < oy+jump+maxY {
 			if yLimit < maxY {
-				v.SetCursor(cx, yLimit)
+				_ = v.SetCursor(cx, yLimit)
 			} else {
-				v.SetOrigin(ox, yLimit-maxY+1)
-				v.SetCursor(cx, maxY-1)
+				_ = v.SetOrigin(ox, yLimit-maxY+1)
+				_ = v.SetCursor(cx, maxY-1)
 			}
 		} else {
-			v.SetCursor(cx, cy)
-			v.SetOrigin(ox, oy+jump)
+			_ = v.SetCursor(cx, cy)
+			if err := v.SetOrigin(ox, oy+jump); err != nil {
+				return err
+			}
 		}
-		onMovingCursorRedrawView(g, v)
+		_ = onMovingCursorRedrawView(g, v)
 	}
 	return nil
 }
@@ -363,7 +352,7 @@ func cursorUp(g *gocui.Gui, v *gocui.View) error {
 			}
 		}
 	}
-	onMovingCursorRedrawView(g, v)
+	_ = onMovingCursorRedrawView(g, v)
 	return nil
 }
 
@@ -373,11 +362,13 @@ func cursorPageUp(g *gocui.Gui, v *gocui.View) error {
 		cx, _ := v.Cursor()
 		ox, oy := v.Origin()
 		if err := v.SetOrigin(ox, oy-jump); err != nil {
-			v.SetOrigin(ox, 0)
-			v.SetCursor(cx, 0)
+			if err := v.SetOrigin(ox, 0); err != nil {
+				return err
+			}
+			_ = v.SetCursor(cx, 0)
 
 		}
-		onMovingCursorRedrawView(g, v)
+		_ = onMovingCursorRedrawView(g, v)
 	}
 	return nil
 }
@@ -544,10 +535,12 @@ func debug(g *gocui.Gui, str string) error {
 	if config.Conf.Debug {
 		maxX, maxY := g.Size()
 		if _, err := g.View("debug"); err != gocui.ErrUnknownView {
-			g.DeleteView("debug")
+			if err := g.DeleteView("debug"); err != nil {
+				return err
+			}
 		}
 		if v, err := g.SetView("debug", maxX/2-7, maxY/2, maxX/2+7, maxY/2+2); err != nil {
-			fmt.Fprintf(v, str)
+			fmt.Fprint(v, str)
 		}
 	}
 	return nil
@@ -584,7 +577,7 @@ func setSummaryLayout(g *gocui.Gui) error {
 		}
 
 		lines := summaryLines(currentScanResult)
-		fmt.Fprintf(v, lines)
+		fmt.Fprint(v, lines)
 
 		v.Highlight = true
 		v.Editable = false
@@ -720,8 +713,6 @@ func setChangelogLayout(g *gocui.Gui) error {
 						lines = append(lines, fmt.Sprintf("  * PID: %s %s Port: %s",
 							p.PID, p.Name, p.ListenPorts))
 					}
-				} else {
-					// lines = append(lines, fmt.Sprintf("  * No affected process"))
 				}
 			}
 		}

report/util.go

@@ -608,7 +608,7 @@ func ListValidJSONDirs() (dirs []string, err error) {
 // Otherwise, returns the path of the latest directory
 func JSONDir(args []string) (string, error) {
 	var err error
-	dirs := []string{}
+	var dirs []string
 
 	if 0 < len(args) {
 		if dirs, err = ListValidJSONDirs(); err != nil {