Merge pull request #50 from jycamier/feat/queries-comment

feat(reports): add reports in the pull request comment
2022-05-27 09:13:54 +01:00
parent 4988213cc0 d2b7e8ef2c
commit 5010bbe749
5 changed files with 130 additions and 31 deletions
--- a/.github/workflows/test_action.yaml
+++ b/.github/workflows/test_action.yaml
@ -20,5 +20,7 @@ jobs:
          output_formats: sarif
          ignore_on_exit: results
          enable_comments: true
          comments_with_queries: true
          excluded_column_for_comments_with_queries: "description_id,similarity_id,search_line,search_value,cis_description_id,cis_description_title,cis_description_text,cloud_provider"
      - run: ls -la && ls -la myoutput
        if: always()
--- a/README.md
+++ b/README.md
@ -52,8 +52,10 @@ And official documentation page <a href="https://docs.kics.io">docs.kics.io</a>
 ## Inputs
 | Variable                                  | Example Value &nbsp;                                   | Description &nbsp;                                                                                                                                          | Type    | Required | Default                                                |
-| ------------------------- | --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -------- | --------------------------------------------- |
+|-------------------------------------------|--------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|---------| -------- |--------------------------------------------------------|
 | enable_comment                            | true                                                   | Enable pull request report comments                                                                                                                         | Boolean | No       | false                                                  |
 | comments_with_queries                     | true                                                   | Add queries in th pull request report comments (available when enable_comments = true)                                                                      | Boolean | No       | false                                                  |
 | excluded_column_for_comments_with_queries | description_id,similarity_id,search_line,search_value  | Excluded columns for the comment with queries, accepts a comma separated list                                                                               | String  | No       | description_id,similarity_id,search_line,search_value  |
 | path                                      | terraform/main.tf,Dockerfile                           | paths to a file or directories to scan, comma separated list                                                                                                | String  | Yes      | N/A                                                    |
 | ignore_on_exit                            | results                                                | defines which non-zero exit codes should be ignored (all, results, errors, none)                                                                            | String  | No       | none                                                   |
 | fail_on                                   | high,medium                                            | comma separated list of which severities returns exit code !=0                                                                                              | String  | No       | high,medium,low,info                                   |
--- a/action.yml
+++ b/action.yml
@ -10,6 +10,14 @@ inputs:
    required: false
    default: "false"
    description: "Enable pull request report comments"
  comments_with_queries:
    required: false
    default: "false"
    description: "Add queries in th pull request report comments (available when enable_comments = true)"
  excluded_column_for_comments_with_queries:
    required: false
    default: "description_id,similarity_id,search_line,search_value"
    description: "Excluded columns for the comment with queries, accepts a comma separated list"
  path:
    description: "paths to a file or directories to scan, accepts a comma separated list"
    required: true
@ -89,6 +97,8 @@ runs:
    INPUT_TOKEN: ${{ inputs.token }}
    INPUT_OUTPUT_PATH: ${{ inputs.output_path }}
    INPUT_ENABLE_COMMENTS: ${{ inputs.enable_comments }}
    INPUT_COMMENTS_WITH_QUERIES: ${{ inputs.comments_with_queries }}
    INPUT_EXCLUDED_COLUMNS_FOR_COMMENTS_WITH_QUERIES: ${{ inputs.excluded_column_for_comments_with_queries }}
    INPUT_OUTPUT_FORMATS: ${{ inputs.output_formats }}
    WORKSPACE_PATH: $GITHUB_WORKSPACE
  args:
--- a/src/commenter.js
+++ b/src/commenter.js
@ -11,7 +11,7 @@ const severityIcons = {
 }
 const emptyIcon = "https://user-images.githubusercontent.com/75368139/137874724-5118ebc4-9769-4eb2-923d-e4ca479f747f.png"
-function createComment(results) {
+function createComment(results, withQueries = false, excludedColumnsForCommentsWithQueries) {
    let message = "![kics-logo](" + kicsLogo + ")\n";
    message += `\n**KICS version: ${results['kics_version']}**\n`
@ -42,11 +42,94 @@ function createComment(results) {
    message += "\n</td></tr>\n</table>\n\n";
    if (withQueries === false) {
        return message;
    }
    message += "### Queries Results\n"
    message += "<table>\n";
    message += "<tr></tr>\n";
    message += "<tr><td>\n\n";
    const flattenedQueries = computeFlattenedQueries(results)
    const headers = computeHeaders(flattenedQueries)
    const excludedColumns = [
        "query_url",
        ... excludedColumnsForCommentsWithQueries
    ]
    // display header
    for (let i in headers) {
        if (excludedColumns.includes(headers[i])) {
            continue
        }
        let title = headers[i]
            .match(/([^\W_]+)/g)
            .map(v => v.charAt(0).toUpperCase() + v.substr(1).toLowerCase())
            .join(" ")
        message += `| ${title}`
    }
    message += "|\n"
    // display line separation
    for (let i in headers) {
        if (excludedColumns.includes(headers[i])) {
            continue
        }
        message += "|:---"
    }
    message += "|\n"
    flattenedQueries.forEach(function (query) {
        headers.forEach(function (header) {
            if (excludedColumns.includes(header)) {
                return
            }
            if (query[header] === undefined) {
                message += "| "
                return
            }
            if (header === "query_name") {
                message += `| [${query[header]}](${query["query_url"]})`
                return
            }
            message += `| ${query[header].toString().replace("\n", " ")}`
        })
        message += "|\n"
    })
    message += "\n</td></tr>\n</table>\n\n";
    return message;
 }
-async function postPRComment(results, repo, prNumber, octokit) {
+function computeFlattenedQueries(results) {
-    const message = createComment(results);
+    let flattenedQueries = []
    for (let index in results["queries"]) {
        let value = results["queries"][index]
        const { ['files']: files, ...valueWithoutFiles } = value
        for (let idx in value["files"]) {
            flattenedQueries.push({...valueWithoutFiles, ...value["files"][idx]})
        }
    }
    return flattenedQueries
 }
 function computeHeaders(flattenedQueries) {
    let tmpHeader = []
    for (let ft in flattenedQueries) {
        tmpHeader = [
            ... tmpHeader,
            ... Object.entries(flattenedQueries[ft]).map(v => v[0])
        ]
    }
    return [...new Set(tmpHeader.map(v => v))]
 }
 async function postPRComment(results, repo, prNumber, octokit, commentWithQueries = false, excludedColumnsForCommentsWithQueries) {
    const message = createComment(results, commentWithQueries, excludedColumnsForCommentsWithQueries);
    const {data: comments} = await octokit.rest.issues.listComments({
        ...repo,
--- a/src/main.js
+++ b/src/main.js
@ -48,6 +48,8 @@ async function main() {
    // Get ENV variables
    const githubToken = process.env.INPUT_TOKEN;
    const enableComments = process.env.INPUT_ENABLE_COMMENTS;
    const commentsWithQueries = process.env.INPUT_COMMENTS_WITH_QUERIES;
    const excludedColumnsForCommentsWithQueries = process.env.INPUT_EXCLUDED_COLUMNS_FOR_COMMENTS_WITH_QUERIES.split(',');
    const outputPath = processOutputPath(process.env.INPUT_OUTPUT_PATH);
    const outputFormats = process.env.INPUT_OUTPUT_FORMATS;
    const exitCode = process.env.KICS_EXIT_CODE
@ -70,7 +72,7 @@ async function main() {
        const parsedResults = readJSON(outputPath.resultsJSONFile);
        if (enableComments.toLocaleLowerCase() === "true") {
-            await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
+            await commenter.postPRComment(parsedResults, repo, prNumber, octokit, commentsWithQueries.toLocaleLowerCase() === "true", excludedColumnsForCommentsWithQueries);
        }
        annotator.annotateChangesWithResults(parsedResults);