feat(report): Include licenses and secrets filtered by rego to ModifiedFindings

pkg/result/filter.go

@@ -303,6 +303,8 @@ func applyPolicy(ctx context.Context, result *types.Result, policyFile string) e
 			return err
 		}
 		if ignored {
+			result.ModifiedFindings = append(result.ModifiedFindings,
+				types.NewModifiedFinding(scrt, types.FindingStatusIgnored, "Filtered by Rego", policyFile))
 			continue
 		}
 		filteredSecrets = append(filteredSecrets, scrt)
@@ -317,6 +319,8 @@ func applyPolicy(ctx context.Context, result *types.Result, policyFile string) e
 			return err
 		}
 		if ignored {
+			result.ModifiedFindings = append(result.ModifiedFindings,
+				types.NewModifiedFinding(lic, types.FindingStatusIgnored, "Filtered by Rego", policyFile))
 			continue
 		}
 		filteredLicenses = append(filteredLicenses, lic)

pkg/result/filter_test.go

@@ -648,65 +648,42 @@ func TestFilter(t *testing.T) {
 					Results: types.Results{
 						{
 							Licenses: []types.DetectedLicense{
-								{
-									Name:       "GPL-3.0",
-									Severity:   dbTypes.SeverityLow.String(),
-									FilePath:   "usr/share/gcc/python/libstdcxx/v6/__init__.py",
-									Category:   "restricted",
-									Confidence: 1,
-								},
-								{
-									Name:       "GPL-3.0",
-									Severity:   dbTypes.SeverityLow.String(),
-									FilePath:   "usr/share/gcc/python/libstdcxx/v6/printers.py",
-									Category:   "restricted",
-									Confidence: 1,
-								},
+								license1,
+								license2,
 							},
 							Secrets: []types.DetectedSecret{
-								{
-									RuleID:    "generic-passed-rule",
-									Severity:  dbTypes.SeverityLow.String(),
-									Title:     "Secret should pass filter",
-									StartLine: 1,
-									EndLine:   2,
-									Match:     "*****",
-								},
-								{
-									RuleID:    "generic-ignored-rule",
-									Severity:  dbTypes.SeverityLow.String(),
-									Title:     "Secret should be ignored",
-									StartLine: 3,
-									EndLine:   4,
-									Match:     "*****",
-								},
+								secret1,
+								secret2,
 							},
 						},
 					},
 				},
-				severities: []dbTypes.Severity{dbTypes.SeverityLow},
+				severities: []dbTypes.Severity{dbTypes.SeverityLow, dbTypes.SeverityHigh},
 				policyFile: "./testdata/test-ignore-policy-licenses-and-secrets.rego",
 			},
 			want: types.Report{
 				Results: types.Results{
 					{
 						Licenses: []types.DetectedLicense{
-							{
-								Name:       "GPL-3.0",
-								Severity:   dbTypes.SeverityLow.String(),
-								FilePath:   "usr/share/gcc/python/libstdcxx/v6/__init__.py",
-								Category:   "restricted",
-								Confidence: 1,
-							},
+							license1,
 						},
 						Secrets: []types.DetectedSecret{
+							secret1,
+						},
+						ModifiedFindings: []types.ModifiedFinding{
+							 {
+								Type:      types.FindingTypeSecret,
+								Status:    types.FindingStatusIgnored,
+								Statement: "Filtered by Rego",
+								Source:    "testdata/test-ignore-policy-licenses-and-secrets.rego",
+								Finding:   secret2,
+							},
 							{
-								RuleID:    "generic-passed-rule",
-								Severity:  dbTypes.SeverityLow.String(),
-								Title:     "Secret should pass filter",
-								StartLine: 1,
-								EndLine:   2,
-								Match:     "*****",
+								Type:      types.FindingTypeLicense,
+								Status:    types.FindingStatusIgnored,
+								Statement: "Filtered by Rego",
+								Source:    "testdata/test-ignore-policy-licenses-and-secrets.rego",
+								Finding:   license2,
 							},
 						},
 					},

pkg/result/testdata/test-ignore-policy-licenses-and-secrets.rego

@@ -10,6 +10,6 @@ ignore {
 }
 
 ignore {
-	input.RuleID == "generic-ignored-rule"
-	input.Title == "Secret should be ignored"
+	input.RuleID == "generic-unwanted-rule"
+	input.Title == "Secret that should not pass filter on rule id"
 }