Add support for external timestamps

This allows external files containing timestamps = { "db_create_start" : pd.Timestamp(0.0, unit='s'), "db_create_stop" : pd.Timestamp(0.0, unit='s'), "scan_start_date" : pd.Timestamp(0.0, unit='s'), "scan_stop_date" : pd.Timestamp(0.0, unit='s'), } to be used to provide those values, instead of the above defaults. This patch changes the top-level scripts bin/sarif-extract-scans bin/sarif-extract-scans-runner and provides scripts/test-timestamps.sh for verification. The following keys are also accepted: { "db_create_start": ..., "db_create_stop": ..., "scan_start": ... "scan_stop": ... }
2025-12-16 17:23:03 +01:00 · 2023-08-18 17:00:11 -07:00
parent 57710bdd14
commit ee11214aee
4 changed files with 153 additions and 15 deletions
--- a/scripts/test-timestamps.sh
+++ b/scripts/test-timestamps.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+#* Setup 
+cd ~/local/sarif-cli/data/codeql-dataflow-sql-injection
+ls -la sqlidb-0.sarif sqlidb-1.sarif
+
+#
+source ~/local/sarif-cli/.venv/bin/activate
+
+#* Utility functions
+function get-csv() {
+    #* Insert versionControlProvenance
+    sarif-insert-vcp $1.sarif > $1.1.sarif
+
+    #* Populate CSV with provided timestamps
+    cat > $1.timestamp << EOF
+{
+    "db_create_start": "2023-07-03T00:56:15.576222",
+    "db_create_stop": "2023-07-03T00:56:42.781839",
+    "scan_start": "2023-07-03T00:56:47.546696",
+    "scan_stop": "2023-07-03T00:57:55.988059"
+}
+EOF
+
+    sarif-extract-scans-runner --input-signature CLI --with-timestamps - <<EOF
+$1.1.sarif,$1.timestamp
+EOF
+
+    #* List CSV messages
+    cd ~/local/sarif-cli/data/codeql-dataflow-sql-injection 
+    head -4 $1.1.sarif.csv 
+
+    #* List CSV output
+    ls -la $1.1*
+    find $1.1.sarif.scantables -print
+    csvcut -c "db_create_start,db_create_stop,scan_start_date,scan_stop_date" \
+           $1.1.sarif.scantables/scans.csv
+
+    # #* show log
+    # echo "run log:"
+    # cat $1.1.sarif.scanlog
+}
+
+function get-csv-no-ts() {
+    #* Insert versionControlProvenance
+    sarif-insert-vcp $1.sarif > $1.1.sarif
+
+    #* Get CSV with dummy timestamps
+    sarif-extract-scans-runner --input-signature CLI - <<EOF
+$1.1.sarif
+EOF
+
+    #* List CSV messages
+    cd ~/local/sarif-cli/data/codeql-dataflow-sql-injection 
+    head -4 $1.1.sarif.csv 
+
+    #* List CSV output
+    ls -la $1.1*
+    find $1.1.sarif.scantables -print
+    csvcut -c "db_create_start,db_create_stop,scan_start_date,scan_stop_date" \
+           $1.1.sarif.scantables/scans.csv
+}
+
+clean-csv () {
+    cd ~/local/sarif-cli/data/codeql-dataflow-sql-injection 
+    rm -f $1.1.sarif.csv 
+    rm -f $1.1*scan{log,spec}
+    rm -fR $1.1.sarif.scantables 
+}    
+
+#* Clean up and run tool
+cd ~/local/sarif-cli/data/codeql-dataflow-sql-injection 
+clean-csv sqlidb-0
+get-csv sqlidb-0
+
+clean-csv sqlidb-1
+get-csv-no-ts sqlidb-1
+
+#* Look for the timestamp value
+function check-timestamp() {
+    ag -C1 "00:56:15.57622|1970-01-01" ${1}
+}
+# With custom stamp:
+check-timestamp 'sqlidb-0.1*/scans.csv'
+# With default stamp:
+check-timestamp 'sqlidb-1.1*/scans.csv'
+#