refactor: loading owasp dependency check xml (#1195)

detector/detector.go

@@ -47,35 +47,26 @@ func Detect(dbclient DBClient, rs []models.ScanResult, dir string) ([]models.Sca
 			r.ScannedCves = models.VulnInfos{}
 		}
 
-		cpeURIs := []string{}
+		cpeURIs, owaspDCXMLPath := []string{}, ""
 		if len(r.Container.ContainerID) == 0 {
 			cpeURIs = c.Conf.Servers[r.ServerName].CpeNames
-			owaspDCXMLPath := c.Conf.Servers[r.ServerName].OwaspDCXMLPath
-			if owaspDCXMLPath != "" {
-				cpes, err := parser.Parse(owaspDCXMLPath)
-				if err != nil {
-					return nil, xerrors.Errorf("Failed to read OWASP Dependency Check XML on %s, `%s`, err: %w",
-						r.ServerName, owaspDCXMLPath, err)
-				}
-				cpeURIs = append(cpeURIs, cpes...)
-			}
+			owaspDCXMLPath = c.Conf.Servers[r.ServerName].OwaspDCXMLPath
 		} else {
-			// runningContainer
 			if s, ok := c.Conf.Servers[r.ServerName]; ok {
 				if con, ok := s.Containers[r.Container.Name]; ok {
 					cpeURIs = con.Cpes
-					owaspDCXMLPath := con.OwaspDCXMLPath
-					if owaspDCXMLPath != "" {
-						cpes, err := parser.Parse(owaspDCXMLPath)
-						if err != nil {
-							return nil, xerrors.Errorf("Failed to read OWASP Dependency Check XML on %s, `%s`, err: %w",
-								r.ServerInfo(), owaspDCXMLPath, err)
-						}
-						cpeURIs = append(cpeURIs, cpes...)
-					}
+					owaspDCXMLPath = con.OwaspDCXMLPath
 				}
 			}
 		}
+		if owaspDCXMLPath != "" {
+			cpes, err := parser.Parse(owaspDCXMLPath)
+			if err != nil {
+				return nil, xerrors.Errorf("Failed to read OWASP Dependency Check XML on %s, `%s`, err: %w",
+					r.ServerInfo(), owaspDCXMLPath, err)
+			}
+			cpeURIs = append(cpeURIs, cpes...)
+		}
 
 		if err := DetectLibsCves(&r, c.Conf.TrivyCacheDBDir, c.Conf.NoProgress); err != nil {
 			return nil, xerrors.Errorf("Failed to fill with Library dependency: %w", err)

models/scanresults.go

@@ -109,7 +109,7 @@ func (r *ScanResult) FilterInactiveWordPressLibs(detectInactive bool) {
 
 // ReportFileName returns the filename on localhost without extension
 func (r ScanResult) ReportFileName() (name string) {
-	if len(r.Container.ContainerID) == 0 {
+	if r.Container.ContainerID == "" {
 		return fmt.Sprintf("%s", r.ServerName)
 	}
 	return fmt.Sprintf("%s@%s", r.Container.Name, r.ServerName)
@@ -118,7 +118,7 @@ func (r ScanResult) ReportFileName() (name string) {
 // ReportKeyName returns the name of key on S3, Azure-Blob without extension
 func (r ScanResult) ReportKeyName() (name string) {
 	timestr := r.ScannedAt.Format(time.RFC3339)
-	if len(r.Container.ContainerID) == 0 {
+	if r.Container.ContainerID == "" {
 		return fmt.Sprintf("%s/%s", timestr, r.ServerName)
 	}
 	return fmt.Sprintf("%s/%s@%s", timestr, r.Container.Name, r.ServerName)
@@ -126,7 +126,7 @@ func (r ScanResult) ReportKeyName() (name string) {
 
 // ServerInfo returns server name one line
 func (r ScanResult) ServerInfo() string {
-	if len(r.Container.ContainerID) == 0 {
+	if r.Container.ContainerID == "" {
 		return fmt.Sprintf("%s (%s%s)",
 			r.FormatServerName(), r.Family, r.Release)
 	}
@@ -141,7 +141,7 @@ func (r ScanResult) ServerInfo() string {
 
 // ServerInfoTui returns server information for TUI sidebar
 func (r ScanResult) ServerInfoTui() string {
-	if len(r.Container.ContainerID) == 0 {
+	if r.Container.ContainerID == "" {
 		line := fmt.Sprintf("%s (%s%s)",
 			r.ServerName, r.Family, r.Release)
 		if len(r.Warnings) != 0 {
@@ -162,7 +162,7 @@ func (r ScanResult) ServerInfoTui() string {
 
 // FormatServerName returns server and container name
 func (r ScanResult) FormatServerName() (name string) {
-	if len(r.Container.ContainerID) == 0 {
+	if r.Container.ContainerID == "" {
 		name = r.ServerName
 	} else {
 		name = fmt.Sprintf("%s@%s",