Add false positive info to proto (#2729)

This PR adds false positive information to the Result protobuf message in anticipation of us tracking it as first-class secret metadata. We're not doing that yet (it's blocked behind #2643) but setting up the messages now means we'll be able to do it later with less of a code delta.
2024-11-10 07:04:24 +00:00 · 2024-04-23 16:18:45 -04:00 · 2024-04-23 16:18:45 -04:00 · af095c294c
commit af095c294c
parent 4a5fbf8417
3 changed files with 1307 additions and 1077 deletions
--- a/pkg/pb/detectorspb/detectors.pb.go
+++ b/pkg/pb/detectorspb/detectors.pb.go
--- a/pkg/pb/detectorspb/detectors.pb.validate.go
+++ b/pkg/pb/detectorspb/detectors.pb.validate.go
@ -101,6 +101,35 @@ func (m *Result) validate(all bool) error {

 	// no validation rules for VerificationErrorMessage

+	if all {
+		switch v := interface{}(m.GetFalsePositiveInfo()).(type) {
+		case interface{ ValidateAll() error }:
+			if err := v.ValidateAll(); err != nil {
+				errors = append(errors, ResultValidationError{
+					field:  "FalsePositiveInfo",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		case interface{ Validate() error }:
+			if err := v.Validate(); err != nil {
+				errors = append(errors, ResultValidationError{
+					field:  "FalsePositiveInfo",
+					reason: "embedded message failed validation",
+					cause:  err,
+				})
+			}
+		}
+	} else if v, ok := interface{}(m.GetFalsePositiveInfo()).(interface{ Validate() error }); ok {
+		if err := v.Validate(); err != nil {
+			return ResultValidationError{
+				field:  "FalsePositiveInfo",
+				reason: "embedded message failed validation",
+				cause:  err,
+			}
+		}
+	}
+
 	if len(errors) > 0 {
 		return ResultMultiError(errors)
 	}
@ -178,6 +207,112 @@ var _ interface {
 	ErrorName() string
 } = ResultValidationError{}

+// Validate checks the field values on FalsePositiveInfo with the rules defined
+// in the proto definition for this message. If any rules are violated, the
+// first error encountered is returned, or nil if there are no violations.
+func (m *FalsePositiveInfo) Validate() error {
+	return m.validate(false)
+}
+
+// ValidateAll checks the field values on FalsePositiveInfo with the rules
+// defined in the proto definition for this message. If any rules are
+// violated, the result is a list of violation errors wrapped in
+// FalsePositiveInfoMultiError, or nil if none found.
+func (m *FalsePositiveInfo) ValidateAll() error {
+	return m.validate(true)
+}
+
+func (m *FalsePositiveInfo) validate(all bool) error {
+	if m == nil {
+		return nil
+	}
+
+	var errors []error
+
+	// no validation rules for WordMatch
+
+	// no validation rules for LowEntropy
+
+	if len(errors) > 0 {
+		return FalsePositiveInfoMultiError(errors)
+	}
+
+	return nil
+}
+
+// FalsePositiveInfoMultiError is an error wrapping multiple validation errors
+// returned by FalsePositiveInfo.ValidateAll() if the designated constraints
+// aren't met.
+type FalsePositiveInfoMultiError []error
+
+// Error returns a concatenation of all the error messages it wraps.
+func (m FalsePositiveInfoMultiError) Error() string {
+	var msgs []string
+	for _, err := range m {
+		msgs = append(msgs, err.Error())
+	}
+	return strings.Join(msgs, "; ")
+}
+
+// AllErrors returns a list of validation violation errors.
+func (m FalsePositiveInfoMultiError) AllErrors() []error { return m }
+
+// FalsePositiveInfoValidationError is the validation error returned by
+// FalsePositiveInfo.Validate if the designated constraints aren't met.
+type FalsePositiveInfoValidationError struct {
+	field  string
+	reason string
+	cause  error
+	key    bool
+}
+
+// Field function returns field value.
+func (e FalsePositiveInfoValidationError) Field() string { return e.field }
+
+// Reason function returns reason value.
+func (e FalsePositiveInfoValidationError) Reason() string { return e.reason }
+
+// Cause function returns cause value.
+func (e FalsePositiveInfoValidationError) Cause() error { return e.cause }
+
+// Key function returns key value.
+func (e FalsePositiveInfoValidationError) Key() bool { return e.key }
+
+// ErrorName returns error name.
+func (e FalsePositiveInfoValidationError) ErrorName() string {
+	return "FalsePositiveInfoValidationError"
+}
+
+// Error satisfies the builtin error interface
+func (e FalsePositiveInfoValidationError) Error() string {
+	cause := ""
+	if e.cause != nil {
+		cause = fmt.Sprintf(" | caused by: %v", e.cause)
+	}
+
+	key := ""
+	if e.key {
+		key = "key for "
+	}
+
+	return fmt.Sprintf(
+		"invalid %sFalsePositiveInfo.%s: %s%s",
+		key,
+		e.field,
+		e.reason,
+		cause)
+}
+
+var _ error = FalsePositiveInfoValidationError{}
+
+var _ interface {
+	Field() string
+	Reason() string
+	Key() bool
+	Cause() error
+	ErrorName() string
+} = FalsePositiveInfoValidationError{}
+
 // Validate checks the field values on StructuredData with the rules defined in
 // the proto definition for this message. If any rules are violated, the first
 // error encountered is returned, or nil if there are no violations.
--- a/proto/detectors.proto
+++ b/proto/detectors.proto
@ -1011,6 +1011,13 @@ message Result {
  // This field should only be populated if the verification process itself failed in a way that provides no information
  // about the verification status of the candidate secret, such as if the verification request timed out.
  string verification_error_message = 10;
+
+  FalsePositiveInfo false_positive_info = 11;
+}
+
+message FalsePositiveInfo {
+  bool word_match = 1;
+  bool low_entropy = 2;
 }

 message StructuredData {