From 6b5e08e66e8f17f172abd4de3693bd278262a91f Mon Sep 17 00:00:00 2001 From: Tiago Baptista <92083272+tiagobcx@users.noreply.github.com> Date: Fri, 2 Aug 2024 14:28:20 +0100 Subject: [PATCH] Add Critical Severity - AST 21466 (#644) --- internal/commands/predicates.go | 19 +++-- internal/commands/result.go | 119 ++++++++++++++++++--------- internal/commands/result_test.go | 26 ++++-- internal/commands/root.go | 2 +- internal/wrappers/feature-flags.go | 10 +++ internal/wrappers/results-summary.go | 41 +++++++-- test/integration/pr_test.go | 1 + test/integration/root_test.go | 2 +- 8 files changed, 162 insertions(+), 58 deletions(-) diff --git a/internal/commands/predicates.go b/internal/commands/predicates.go index 76720368d..c1a565543 100644 --- a/internal/commands/predicates.go +++ b/internal/commands/predicates.go @@ -12,14 +12,14 @@ import ( "github.com/spf13/cobra" ) -func NewResultsPredicatesCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper) *cobra.Command { +func NewResultsPredicatesCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper) *cobra.Command { triageCmd := &cobra.Command{ Use: "triage", Short: "Manage results", Long: "The 'triage' command enables the ability to manage results in Checkmarx One.", } triageShowCmd := triageShowSubCommand(resultsPredicatesWrapper) - triageUpdateCmd := triageUpdateSubCommand(resultsPredicatesWrapper) + triageUpdateCmd := triageUpdateSubCommand(resultsPredicatesWrapper, featureFlagsWrapper) addFormatFlagToMultipleCommands( []*cobra.Command{triageShowCmd}, @@ -55,7 +55,7 @@ func triageShowSubCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesWra return triageShowCmd } -func triageUpdateSubCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper) *cobra.Command { +func triageUpdateSubCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper) *cobra.Command { triageUpdateCmd := &cobra.Command{ Use: "update", Short: "Update the state, severity or comment for the given issue", @@ -66,12 +66,12 @@ func triageUpdateSubCommand(resultsPredicatesWrapper wrappers.ResultsPredicatesW --similarity-id --project-id --state - --severity + --severity --comment --scan-type `, ), - RunE: runTriageUpdate(resultsPredicatesWrapper), + RunE: runTriageUpdate(resultsPredicatesWrapper, featureFlagsWrapper), } triageUpdateCmd.PersistentFlags().String(params.SimilarityIDFlag, "", "Similarity ID") @@ -134,7 +134,7 @@ func runTriageShow(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper) f } } -func runTriageUpdate(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper) func(*cobra.Command, []string) error { +func runTriageUpdate(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper) func(*cobra.Command, []string) error { return func(cmd *cobra.Command, _ []string) error { similarityID, _ := cmd.Flags().GetString(params.SimilarityIDFlag) projectID, _ := cmd.Flags().GetString(params.ProjectIDFlag) @@ -142,7 +142,12 @@ func runTriageUpdate(resultsPredicatesWrapper wrappers.ResultsPredicatesWrapper) state, _ := cmd.Flags().GetString(params.StateFlag) comment, _ := cmd.Flags().GetString(params.CommentFlag) scanType, _ := cmd.Flags().GetString(params.ScanTypeFlag) - + // check if the current tenant has critical severity available + flagResponse, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.CVSSV3Enabled) + criticalEnabled := flagResponse.Status + if !criticalEnabled && strings.EqualFold(severity, "critical") { + return errors.Errorf("%s", "Critical severity is not available for your tenant.This severity status will be enabled shortly") + } predicate := &wrappers.PredicateRequest{ SimilarityID: similarityID, ProjectID: projectID, diff --git a/internal/commands/result.go b/internal/commands/result.go index 47bbcf574..adde31e11 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -37,6 +37,7 @@ const ( failedListingResults = "Failed listing results" failedListingCodeBashing = "Failed codebashing link" mediumLabel = "medium" + criticalLabel = "critical" highLabel = "high" lowLabel = "low" infoLabel = "info" @@ -48,6 +49,7 @@ const ( lowSonar = "MINOR" mediumSonar = "MAJOR" highSonar = "CRITICAL" + criticalSonar = "BLOCKER" infoLowSarif = "note" mediumSarif = "warning" highSarif = "error" @@ -56,15 +58,17 @@ const ( lowCx = "LOW" mediumCx = "MEDIUM" highCx = "HIGH" - tableResultsFormat = " | %-10s %4d %6d %4d %4d %-9s |\n" - stringTableResultsFormat = " | %-10s %4s %6s %4s %4s %5s |\n" - TableTitleFormat = " | %-11s %4s %6s %4s %4s %6s |\n" + criticalCx = "CRITICAL" + tableResultsFormat = " | %-10s %6v %5d %6d %5d %4d %-9s |\n" + stringTableResultsFormat = " | %-10s %5s %6s %6s %5s %4s %5s |\n" + TableTitleFormat = " | %-11s %4s %4s %6s %4s %4s %6s |\n" twoNewLines = "\n\n" - tableLine = " --------------------------------------------------------- " + tableLine = " --------------------------------------------------------------------- " codeBashingKey = "cb-url" failedGettingBfl = "Failed getting BFL" notAvailableString = "-" - scanFailedString = "Failed" + disabledString = "N/A" + scanFailedString = "Failed " scanCanceledString = "Canceled" scanSuccessString = "Completed" scanPartialString = "Partial" @@ -133,19 +137,22 @@ var filterResultsListFlagUsage = fmt.Sprintf( ), ) +// Follows: over 9.0 is critical, 7.0 to 8.9 is high, 4.0 to 6.9 is medium and 3.9 or less is low. var securities = map[string]string{ - infoCx: "3.5", - lowCx: "6.5", - mediumCx: "8.5", - highCx: "9.5", + infoCx: "1.0", + lowCx: "2.0", + mediumCx: "4.0", + highCx: "7.0", + criticalCx: "9.0", } // Match cx severity with sonar severity var sonarSeverities = map[string]string{ - infoCx: infoSonar, - lowCx: lowSonar, - mediumCx: mediumSonar, - highCx: highSonar, + infoCx: infoSonar, + lowCx: lowSonar, + mediumCx: mediumSonar, + highCx: highSonar, + criticalCx: criticalSonar, } var containerEngineUnsupportedAgents = []string{ @@ -501,11 +508,12 @@ func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel, resultsWr scsIssues := 0 var containersIssues *int enginesStatusCode := map[string]int{ - commonParams.SastType: 0, - commonParams.ScaType: 0, - commonParams.KicsType: 0, - commonParams.APISecType: 0, - commonParams.ScsType: 0, + commonParams.SastType: 0, + commonParams.ScaType: 0, + commonParams.KicsType: 0, + commonParams.APISecType: 0, + commonParams.ScsType: 0, + commonParams.ContainersType: 0, } if wrappers.IsContainersEnabled { containersIssues = new(int) @@ -543,6 +551,7 @@ func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel, resultsWr ProjectID: scanInfo.ProjectID, RiskStyle: "", RiskMsg: "", + CriticalIssues: 0, HighIssues: 0, MediumIssues: 0, LowIssues: 0, @@ -557,11 +566,12 @@ func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel, resultsWr BranchName: scanInfo.Branch, EnginesEnabled: scanInfo.Engines, EnginesResult: map[string]*wrappers.EngineResultSummary{ - commonParams.SastType: {StatusCode: enginesStatusCode[commonParams.SastType]}, - commonParams.ScaType: {StatusCode: enginesStatusCode[commonParams.ScaType]}, - commonParams.KicsType: {StatusCode: enginesStatusCode[commonParams.KicsType]}, - commonParams.APISecType: {StatusCode: enginesStatusCode[commonParams.APISecType]}, - commonParams.ScsType: {StatusCode: enginesStatusCode[commonParams.ScsType]}, + commonParams.SastType: {StatusCode: enginesStatusCode[commonParams.SastType]}, + commonParams.ScaType: {StatusCode: enginesStatusCode[commonParams.ScaType]}, + commonParams.KicsType: {StatusCode: enginesStatusCode[commonParams.KicsType]}, + commonParams.APISecType: {StatusCode: enginesStatusCode[commonParams.APISecType]}, + commonParams.ScsType: {StatusCode: enginesStatusCode[commonParams.ScsType]}, + commonParams.ContainersType: {StatusCode: enginesStatusCode[commonParams.ContainersType]}, }, } if wrappers.IsContainersEnabled { @@ -592,6 +602,7 @@ func summaryReport( policies *wrappers.PolicyResponseModel, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + featureFlagsWrapper wrappers.FeatureFlagsWrapper, results *wrappers.ScanResultsCollection, ) (*wrappers.ResultSummary, error) { if summary.HasAPISecurity() { @@ -614,7 +625,7 @@ func summaryReport( summary.Policies = filterViolatedRules(*policies) } - enhanceWithScanSummary(summary, results) + enhanceWithScanSummary(summary, results, featureFlagsWrapper) setNotAvailableNumberIfZero(summary, &summary.SastIssues, commonParams.SastType) setNotAvailableNumberIfZero(summary, &summary.ScaIssues, commonParams.ScaType) @@ -636,7 +647,10 @@ func setNotAvailableEnginesStatusCode(summary *wrappers.ResultSummary) { } func setRiskMsgAndStyle(summary *wrappers.ResultSummary) { - if summary.HighIssues > 0 { + if summary.CriticalIssues > 0 { + summary.RiskStyle = criticalLabel + summary.RiskMsg = "Critical Risk" + } else if summary.HighIssues > 0 { summary.RiskStyle = highLabel summary.RiskMsg = "High Risk" } else if summary.MediumIssues > 0 { @@ -656,14 +670,20 @@ func setNotAvailableNumberIfZero(summary *wrappers.ResultSummary, counter *int, } } -func enhanceWithScanSummary(summary *wrappers.ResultSummary, results *wrappers.ScanResultsCollection) { +func enhanceWithScanSummary(summary *wrappers.ResultSummary, results *wrappers.ScanResultsCollection, featureFlagsWrapper wrappers.FeatureFlagsWrapper) { for _, result := range results.Results { countResult(summary, result) } + // Set critical count for a specific engine if critical is disabled + flagResponse, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.CVSSV3Enabled) + criticalEnabled := flagResponse.Status if summary.HasAPISecurity() { summary.EnginesResult[commonParams.APISecType].Low = summary.APISecurity.Risks[3] summary.EnginesResult[commonParams.APISecType].Medium = summary.APISecurity.Risks[2] summary.EnginesResult[commonParams.APISecType].High = summary.APISecurity.Risks[1] + if !criticalEnabled { + summary.EnginesResult[commonParams.APISecType].Critical = notAvailableNumber + } } if summary.HasSCS() && wrappers.IsSCSEnabled { @@ -678,6 +698,9 @@ func enhanceWithScanSummary(summary *wrappers.ResultSummary, results *wrappers.S if summary.SCSOverview.Status == scanPartialString { summary.EnginesResult[commonParams.ScsType].StatusCode = scanPartialNumber } + if !criticalEnabled { + summary.EnginesResult[commonParams.ScsType].Critical = notAvailableNumber + } } summary.TotalIssues = summary.SastIssues + summary.ScaIssues + summary.KicsIssues + summary.GetAPISecurityDocumentationTotal() if wrappers.IsContainersEnabled { @@ -685,6 +708,12 @@ func enhanceWithScanSummary(summary *wrappers.ResultSummary, results *wrappers.S summary.TotalIssues += *summary.ContainersIssues } } + if !criticalEnabled { + summary.EnginesResult[commonParams.SastType].Critical = notAvailableNumber + summary.EnginesResult[commonParams.KicsType].Critical = notAvailableNumber + summary.EnginesResult[commonParams.ScaType].Critical = notAvailableNumber + summary.EnginesResult[commonParams.ContainersType].Critical = notAvailableNumber + } } func writeHTMLSummary(targetFile string, summary *wrappers.ResultSummary) error { @@ -786,15 +815,15 @@ func printAPIsSecuritySummary(summary *wrappers.ResultSummary) { func printTableRow(title string, counts *wrappers.EngineResultSummary, statusNumber int) { switch statusNumber { case notAvailableNumber: - fmt.Printf(stringTableResultsFormat, title, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString) + fmt.Printf(stringTableResultsFormat, title, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString, notAvailableString) case scanFailedNumber: - fmt.Printf(tableResultsFormat, title, counts.High, counts.Medium, counts.Low, counts.Info, scanFailedString) + fmt.Printf(tableResultsFormat, title, getCountValue(counts.Critical), counts.High, counts.Medium, counts.Low, counts.Info, scanFailedString) case scanCanceledNumber: - fmt.Printf(tableResultsFormat, title, counts.High, counts.Medium, counts.Low, counts.Info, scanCanceledString) + fmt.Printf(tableResultsFormat, title, getCountValue(counts.Critical), counts.High, counts.Medium, counts.Low, counts.Info, scanCanceledString) case scanPartialNumber: - fmt.Printf(tableResultsFormat, title, counts.High, counts.Medium, counts.Low, counts.Info, scanPartialString) + fmt.Printf(tableResultsFormat, title, getCountValue(counts.Critical), counts.High, counts.Medium, counts.Low, counts.Info, scanPartialString) default: - fmt.Printf(tableResultsFormat, title, counts.High, counts.Medium, counts.Low, counts.Info, scanSuccessString) + fmt.Printf(tableResultsFormat, title, getCountValue(counts.Critical), counts.High, counts.Medium, counts.Low, counts.Info, scanSuccessString) } } @@ -823,16 +852,25 @@ func printSCSTableRow(microEngineOverview *wrappers.MicroEngineOverview) { } } +func getCountValue(count int) interface{} { + if count < 0 { + return disabledString + } + return count +} + func printResultsSummaryTable(summary *wrappers.ResultSummary) { + totalCriticalIssues := summary.EnginesResult.GetCriticalIssues() totalHighIssues := summary.EnginesResult.GetHighIssues() totalMediumIssues := summary.EnginesResult.GetMediumIssues() totalLowIssues := summary.EnginesResult.GetLowIssues() totalInfoIssues := summary.EnginesResult.GetInfoIssues() + totalIssues := summary.TotalIssues + summary.ScsIssues fmt.Printf(tableLine + twoNewLines) fmt.Printf(" Total Results: %d \n", totalIssues) fmt.Println(tableLine) - fmt.Printf(TableTitleFormat, " ", "High", "Medium", "Low", "Info", "Status") + fmt.Printf(TableTitleFormat, " ", "Critical", "High", "Medium", "Low", "Info", "Status") printTableRow("APIs", summary.EnginesResult[commonParams.APISecType], summary.EnginesResult[commonParams.APISecType].StatusCode) printTableRow("IAC", summary.EnginesResult[commonParams.KicsType], summary.EnginesResult[commonParams.KicsType].StatusCode) @@ -847,7 +885,7 @@ func printResultsSummaryTable(summary *wrappers.ResultSummary) { fmt.Println(tableLine) fmt.Printf(tableResultsFormat, - "TOTAL", totalHighIssues, totalMediumIssues, totalLowIssues, totalInfoIssues, summary.Status) + "TOTAL", getCountValue(totalCriticalIssues), totalHighIssues, totalMediumIssues, totalLowIssues, totalInfoIssues, summary.Status) fmt.Printf(tableLine + twoNewLines) } @@ -1025,7 +1063,7 @@ func CreateScanReport( } isSummaryNeeded := verifyFormatsByReportList(reportList, summaryFormats...) if isSummaryNeeded && !scanPending { - summary, err = summaryReport(summary, policyResponseModel, risksOverviewWrapper, scsScanOverviewWrapper, results) + summary, err = summaryReport(summary, policyResponseModel, risksOverviewWrapper, scsScanOverviewWrapper, featureFlagsWrapper, results) if err != nil { return err } @@ -1061,7 +1099,10 @@ func countResult(summary *wrappers.ResultSummary, result *wrappers.ScanResult) { return } } + switch severity { + case criticalLabel: + summary.CriticalIssues++ case highLabel: summary.HighIssues++ case mediumLabel: @@ -2055,16 +2096,16 @@ func findProperties(result *wrappers.ScanResult) wrappers.SarifProperties { sarifProperties.Description = findDescriptionText(result) sarifProperties.SecuritySeverity = securities[result.Severity] sarifProperties.Tags = []string{"security", "checkmarx", result.Type} - return sarifProperties } func findSarifLevel(result *wrappers.ScanResult) string { level := map[string]string{ - infoCx: infoLowSarif, - lowCx: infoLowSarif, - mediumCx: mediumSarif, - highCx: highSarif, + infoCx: infoLowSarif, + lowCx: infoLowSarif, + mediumCx: mediumSarif, + highCx: highSarif, + criticalCx: highSarif, } return level[result.Severity] } diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index 21bcf9117..8081cf876 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -811,7 +811,6 @@ func TestRunGetResultsByScanIdSummaryConsoleFormat_ScsNotScanned_ScsMissingInRep mock.ScsScanPartial = false mock.ScorecardScanned = false mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - buffer, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), "results", "show", "--scan-id", "MOCK", "--report-format", "summaryConsole") assert.NilError(t, err) @@ -819,7 +818,7 @@ func TestRunGetResultsByScanIdSummaryConsoleFormat_ScsNotScanned_ScsMissingInRep stdoutString := buffer.String() fmt.Print(stdoutString) - scsSummary := "| SCS - - - - - |" + scsSummary := "| SCS - - - - - - |" assert.Equal(t, strings.Contains(stdoutString, scsSummary), true, "Expected SCS summary:"+scsSummary) secretDetectionSummary := "Secret Detection" @@ -851,10 +850,10 @@ func TestRunGetResultsByScanIdSummaryConsoleFormat_ScsPartial_ScsPartialInReport TotalResults := "Total Results: 18" assert.Equal(t, strings.Contains(cleanString, TotalResults), true, "Expected: "+TotalResults) - TotalSummary := "| TOTAL 10 5 3 0 Completed |" + TotalSummary := "| TOTAL 0 10 5 3 0 Completed |" assert.Equal(t, strings.Contains(cleanString, TotalSummary), true, "Expected TOTAL summary: "+TotalSummary) - scsSummary := "| SCS 5 3 2 0 Partial |" + scsSummary := "| SCS 0 5 3 2 0 Partial |" assert.Equal(t, strings.Contains(cleanString, scsSummary), true, "Expected SCS summary:"+scsSummary) secretDetectionSummary := secretDetectionLine @@ -881,7 +880,7 @@ func TestRunGetResultsByScanIdSummaryConsoleFormat_ScsScorecardNotScanned_Scorec stdoutString := buffer.String() fmt.Print(stdoutString) - scsSummary := "| SCS 5 3 2 0 Completed |" + scsSummary := "| SCS 0 5 3 2 0 Completed |" assert.Equal(t, strings.Contains(stdoutString, scsSummary), true, "Expected SCS summary:"+scsSummary) secretDetectionSummary := secretDetectionLine @@ -920,3 +919,20 @@ func TestRunGetResultsByScanIdSummaryConsoleFormat_SCSFlagNotEnabled_SCSMissingI mock.SetScsMockVarsToDefault() } + +func TestGetResultsSummaryConsoleFormatWithCriticalDisabled(t *testing.T) { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.CVSSV3Enabled, Status: false} + buffer, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "MOCK", "--report-format", "summaryConsole") + assert.NilError(t, err) + + stdoutString := buffer.String() + fmt.Print(stdoutString) + + totalSummary := "| TOTAL N/A 5 1 1 0 Completed |" + assert.Equal(t, strings.Contains(stdoutString, totalSummary), true, + "Expected Total summary without critical:"+totalSummary) + + mock.SetScsMockVarsToDefault() +} diff --git a/internal/commands/root.go b/internal/commands/root.go index c0cd43969..d6fb1174a 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -195,7 +195,7 @@ func NewAstCLI( ) configCmd := util.NewConfigCommand() - triageCmd := NewResultsPredicatesCommand(resultsPredicatesWrapper) + triageCmd := NewResultsPredicatesCommand(resultsPredicatesWrapper, featureFlagsWrapper) chatCmd := NewChatCommand(chatWrapper, tenantWrapper) diff --git a/internal/wrappers/feature-flags.go b/internal/wrappers/feature-flags.go index 3ddf1763b..6be68b174 100644 --- a/internal/wrappers/feature-flags.go +++ b/internal/wrappers/feature-flags.go @@ -8,6 +8,7 @@ import ( const tenantIDClaimKey = "tenant_id" const PackageEnforcementEnabled = "PACKAGE_ENFORCEMENT_ENABLED" +const CVSSV3Enabled = "CVSS_V3_ENABLED" const MinioEnabled = "MINIO_ENABLED" const ContainerEngineCLIEnabled = "CONTAINER_ENGINE_CLI_ENABLED" const SCSEngineCLIEnabled = "NEW_2MS_SCORECARD_RESULTS_CLI_ENABLED" @@ -51,6 +52,15 @@ var FeatureFlagsBaseMap = []CommandFlags{ }, }, }, + { + CommandName: "cx triage update", + FeatureFlags: []FlagBase{ + { + Name: CVSSV3Enabled, + Default: false, + }, + }, + }, } var featureFlags = map[string]bool{} diff --git a/internal/wrappers/results-summary.go b/internal/wrappers/results-summary.go index 6a0aea647..69475f2d5 100644 --- a/internal/wrappers/results-summary.go +++ b/internal/wrappers/results-summary.go @@ -9,6 +9,7 @@ import ( type ResultSummary struct { TotalIssues int + CriticalIssues int HighIssues int MediumIssues int LowIssues int @@ -68,6 +69,7 @@ type MicroEngineOverview struct { } type EngineResultSummary struct { + Critical int High int Medium int Low int @@ -81,6 +83,14 @@ var IsSCSEnabled bool var IsContainersEnabled bool +func (engineSummary *EnginesResultsSummary) GetCriticalIssues() int { + criticalIssues := 0 + for _, v := range *engineSummary { + criticalIssues += v.Critical + } + return criticalIssues +} + func (engineSummary *EnginesResultsSummary) GetHighIssues() int { highIssues := 0 for _, v := range *engineSummary { @@ -115,6 +125,8 @@ func (engineSummary *EnginesResultsSummary) GetInfoIssues() int { func (engineSummary *EngineResultSummary) Increment(level string) { switch level { + case "critical": + engineSummary.Critical++ case "high": engineSummary.High++ case "medium": @@ -275,6 +287,10 @@ const summaryTemplateHeader = `{{define "SummaryTemplate"}} .bg-red { background-color: #f1605d; } + + .bg-darkred { + background-color: #C54A50 !important; + } .bg-sast { background-color: #0356A5 !important; @@ -391,6 +407,10 @@ const summaryTemplateHeader = `{{define "SummaryTemplate"}} width: 24.5%; } + .top-row .risk-level-tile.critical { + background-color: #C54A50; + color: #fcfdff; + } .top-row .risk-level-tile.high { background: #f1605d; color: #fcfdff; @@ -497,7 +517,9 @@ const summaryTemplateHeader = `{{define "SummaryTemplate"}} margin: 0 3rem 2rem; right: 40px; } - + .bar-chart .progress .progress-bar.bg-critical { + background-color: #C54A50 !important; + } .bar-chart .progress .progress-bar.bg-danger { background-color: #f1605d !important; } @@ -543,6 +565,9 @@ const summaryTemplateHeader = `{{define "SummaryTemplate"}} font-size: 14px; padding-left: 5px; } + .severity-legend-dot.critical { + background-color: #C54A50; + } .severity-engines-text, .severity-legend-text { @@ -711,6 +736,9 @@ const nonAsyncSummary = `
Total Vulnerabilities
+
critical +
+
high
@@ -725,6 +753,7 @@ const nonAsyncSummary = `
{{.TotalIssues}}
+
{{.CriticalIssues}}
{{.HighIssues}}
{{.MediumIssues}}
{{.LowIssues}}
@@ -799,7 +828,9 @@ const SummaryMarkdownCompletedTemplate = ` {{- /* The '-' symbol at the start of the line is used to strip leading white space */ -}} {{- /* ResultSummary template */ -}} {{ $emoji := "⚪" }} -{{ if eq .RiskMsg "High Risk" }} +{{ if eq .RiskMsg "Critical Risk" }} + {{ $emoji = "🔴" }} +{{ else if eq .RiskMsg "High Risk" }} {{ $emoji = "🔴" }} {{ else if eq .RiskMsg "Medium Risk" }} {{ $emoji = "🟡" }} @@ -819,9 +850,9 @@ const SummaryMarkdownCompletedTemplate = ` ### Total Vulnerabilities: {{.TotalIssues}} -|🔴 High |🟡 Medium |⚪ Low |⚪ Info | -|:----------:|:------------:|:---------:|:----------:| -| {{.HighIssues}} | {{.MediumIssues}} | {{.LowIssues}} | {{.InfoIssues}} | +|🔴 Critical |🔴 High |🟡 Medium |⚪ Low |⚪ Info | +|:----------:|:----------:|:------------:|:---------:|:----------:| +| {{.CriticalIssues}} | {{.HighIssues}} | {{.MediumIssues}} | {{.LowIssues}} | {{.InfoIssues}} | *** ### Vulnerabilities per Scan Type diff --git a/test/integration/pr_test.go b/test/integration/pr_test.go index 155b797ef..48d7d5fad 100644 --- a/test/integration/pr_test.go +++ b/test/integration/pr_test.go @@ -38,6 +38,7 @@ func TestPRGithubDecorationSuccessCase(t *testing.T) { os.Getenv(prGithubNumber), flag(params.RepoNameFlag), os.Getenv(prGithubRepoName), + "--debug", } err, _ := executeCommand(t, args...) assert.NilError(t, err, "Error should be nil") diff --git a/test/integration/root_test.go b/test/integration/root_test.go index e70fe0634..097dae1ad 100644 --- a/test/integration/root_test.go +++ b/test/integration/root_test.go @@ -20,7 +20,7 @@ const ( Dir = "./data" Zip = "data/sources.zip" SlowRepo = "https://github.com/WebGoat/WebGoat" - SSHRepo = "git@github.com:hmmachadocx/hmmachado_dummy_project.git" + SSHRepo = "git@github.com:pedrompflopes/ast-jenkins-docker.git" SlowRepoBranch = "develop" resolverEnvVar = "SCA_RESOLVER" resolverEnvVarDefault = "./ScaResolver"