Add: Add application name option to CLI

Santandersecurityresearch · Dec 7, 2023 · d66ac27 · d66ac27
1 parent 906991b
commit d66ac27
Showing 1 changed file with 8 additions and 4 deletions.
diff --git a/cbom/main.py b/cbom/main.py
@@ -20,6 +20,7 @@
 def start():
     parser = ArgumentParser()
     parser.add_argument('path', type=Path, help='Directory path or file path to parse')
+    parser.add_argument('--application-name', '-an', help='Name of the root application for the CBOM')
     parser.add_argument('--exclude', '-e', help='Exclude CodeQL findings in files that match a regex')
     parser.add_argument('--cryptocheck', '-cc', action='store_true', default=False, help='Enable crypto vulnerability scanning')
     parser.add_argument('--rules-file', '-rf', type=Path, help='Use a custom ruleset for CryptoCheck analysis')
@@ -29,15 +30,15 @@ def start():
 
     exclusion_pattern = re.compile(args.exclude) if args.exclude else None
     if (path := args.path).is_file():
-        _read_file(path, exclusion_pattern)
+        _read_file(path, application_name=args.application_name, exclusion_pattern=exclusion_pattern)
         for unregistered_dependency in unregistered_dependencies:
             _link_dependency(unregistered_dependency)
     else:
         global file_count
 
         for file in [*list(path.glob('*.sarif')), *list(path.glob('*.json'))]:
             file_count += 1
-            _read_file(file, exclusion_pattern)
+            _read_file(file, application_name=args.application_name, exclusion_pattern=exclusion_pattern)
         for unregistered_dependency in unregistered_dependencies:
             _link_dependency(unregistered_dependency)  # must be done only after all components have been added to CBOM
 
@@ -51,16 +52,19 @@ def start():
         json.dump(json.loads(cbom_output), output_file, indent=4)
 
 
-def _read_file(query_file, exclusion_pattern=None):
+def _read_file(query_file, application_name=None, exclusion_pattern=None):
     with open(query_file) as query_output:
         query_output = json.load(query_output)['runs'][0]
 
         if file_count < 2:
-            if version_control_details := query_output.get('versionControlProvenance'):
+            if application_name:
+                cbom.metadata.component = Component(name=application_name, type=ComponentType.APPLICATION)
+            elif version_control_details := query_output.get('versionControlProvenance'):
                 root_component = metadata.get_root_component_info(version_control_details=version_control_details[0])
                 cbom.metadata.component = root_component
             else:
                 cbom.metadata.component = Component(name='root', type=ComponentType.APPLICATION)
+
             for tool in metadata.get_tool_info(tool_info=query_output['tool']):
                 cbom.metadata.tools.add(tool)