add violations dump if requested, fix log info and include lic in upload artifact

Author: attiasas

commands/audit/audit.go

@@ -574,11 +574,11 @@ func addScaScansToRunner(auditParallelRunner *utils.SecurityParallelRunner, audi
 
 func addJasScansToRunner(auditParallelRunner *utils.SecurityParallelRunner, auditParams *AuditParams, scanResults *results.SecurityCommandResults, isNewFlow bool) (jasScanner *jas.JasScanner, generalError error) {
 	if !scanResults.EntitledForJas {
-		log.Info("Not entitled for JAS, skipping advance security scans...")
+		log.Info("Advanced Security is not enabled on this system, so Advanced Security scans were skipped...")
 		return
 	}
 	if !utils.IsJASRequested(scanResults.CmdType, auditParams.ScansToPerform()...) {
-		log.Debug("JAS scans were not requested, skipping advance security scans...")
+		log.Debug("Advanced Security scans were not initiated, so Advanced Security scans were skipped...")
 		return
 	}
 	serverDetails, err := auditParams.ServerDetails()
@@ -750,8 +750,9 @@ func fetchViolations(uploadPath string, cmdResults *results.SecurityCommandResul
 		local.WithAllowedLicenses(auditParams.allowedLicenses),
 		enforcer.WithServerDetails(serverDetails),
 		enforcer.WithProjectKey(auditParams.resultsContext.ProjectKey),
-		enforcer.WithParams(auditParams.rtResultRepository, uploadPath),
+		enforcer.WithArtifactParams(auditParams.rtResultRepository, uploadPath),
 		enforcer.WithWatches(auditParams.resultsContext.Watches),
+		enforcer.WithResultsOutputDir(auditParams.scanResultsOutputDir),
 	)
 	// Fetch violations from Xray
 	if err = policy.EnrichWithGeneratedViolations(generator, cmdResults); err != nil {

policy/enforcer/policyenforcer.go

@@ -1,6 +1,7 @@
 package enforcer
 
 import (
+	"encoding/json"
 	"errors"
 	"fmt"
 	"slices"
@@ -38,7 +39,7 @@ type PolicyEnforcerViolationGenerator struct {
 	projectKey string
 	watches    []string
 	// Run options
-	threadId int
+	resultsOutputDir string
 }
 
 func NewPolicyEnforcerViolationGenerator() *PolicyEnforcerViolationGenerator {
@@ -61,7 +62,15 @@ func WithProjectKey(projectKey string) policy.PolicyHandlerOption {
 	}
 }
 
-func WithParams(repo, path string) policy.PolicyHandlerOption {
+func WithResultsOutputDir(resultsOutputDir string) policy.PolicyHandlerOption {
+	return func(generator policy.PolicyHandler) {
+		if p, ok := generator.(*PolicyEnforcerViolationGenerator); ok {
+			p.resultsOutputDir = resultsOutputDir
+		}
+	}
+}
+
+func WithArtifactParams(repo, path string) policy.PolicyHandlerOption {
 	return func(generator policy.PolicyHandler) {
 		if p, ok := generator.(*PolicyEnforcerViolationGenerator); ok {
 			p.rtRepository = repo
@@ -119,9 +128,23 @@ func (p *PolicyEnforcerViolationGenerator) GenerateViolations(cmdResults *result
 	} else {
 		log.Debug(fmt.Sprintf("Xray scans completed with %d violations", generatedViolations.Total))
 	}
+	if err = dumpViolationsResponseToFileIfNeeded(generatedViolations, p.resultsOutputDir); err != nil {
+		return
+	}
 	return convertToViolations(cmdResults, generatedViolations.Violations)
 }
 
+func dumpViolationsResponseToFileIfNeeded(generatedViolations *services.ViolationsResponse, resultsOutputDir string) (err error) {
+	if resultsOutputDir == "" {
+		return
+	}
+	fileContent, err := json.Marshal(generatedViolations)
+	if err != nil {
+		return fmt.Errorf("failed to write fetched violations to file: %s", err.Error())
+	}
+	return utils.DumpJsonContentToFile(fileContent, resultsOutputDir, "violations", -1)
+}
+
 func convertToViolations(cmdResults *results.SecurityCommandResults, generatedViolations []services.XrayViolation) (convertedViolations violationutils.Violations, err error) {
 	convertedViolations = violationutils.Violations{}
 	for _, violation := range generatedViolations {

utils/results/output/reportartifact.go

@@ -21,6 +21,7 @@ func UploadCommandResults(serverDetails *config.ServerDetails, rtResultRepositor
 	// Convert the scan results to CycloneDX format
 	cdxResults, err := conversion.NewCommandResultsConvertor(conversion.ResultConvertParams{
 		IncludeSbom:            true,
+		IncludeLicenses: 		true,
 		IncludeVulnerabilities: true,
 	}).ConvertToCycloneDx(cmdResults)
 	if err != nil {