Checkmarx · pedrompflopes · Sep 26, 2023 · Sep 25, 2023 · Sep 25, 2023 · Sep 25, 2023
@@ -6,7 +6,7 @@ require (
 	github.com/MakeNowJust/heredoc v1.0.0
 	github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c
 	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/gomarkdown/markdown v0.0.0-20230916125811-7478c230c7cd
+	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/google/uuid v1.3.1
 	github.com/gookit/color v1.5.4

@@ -96,6 +96,8 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/gomarkdown/markdown v0.0.0-20230916125811-7478c230c7cd h1:laCEzrtkKEkT2424vMTGl6N1m0xN8kq371hksD5Be+8=
 github.com/gomarkdown/markdown v0.0.0-20230916125811-7478c230c7cd/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 h1:EcQR3gusLHN46TAD+G+EbaaqJArt5vHhNpXAa12PQf4=
+github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=

@@ -331,7 +331,7 @@ func resultCodeBashing(codeBashingWrapper wrappers.CodeBashingWrapper) *cobra.Co
 	return resultCmd
 }
 
-func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel) (*wrappers.ResultSummary, error) {
+func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel, resultsWrapper wrappers.ResultsWrapper) (*wrappers.ResultSummary, error) {
 	if scanInfo == nil {
 		return nil, errors.New(failedCreatingSummary)
 	}
@@ -352,7 +352,7 @@ func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel) (*wrapper
 			}
 		}
 	}
-	return &wrappers.ResultSummary{
+	summary := &wrappers.ResultSummary{
 		ScanID:         scanInfo.ID,
 		Status:         string(scanInfo.Status),
 		CreatedAt:      scanInfo.CreatedAt.Format("2006-01-02, 15:04:05"),
@@ -370,18 +370,6 @@ func convertScanToResultsSummary(scanInfo *wrappers.ScanResponseModel) (*wrapper
 		ProjectName:    scanInfo.ProjectName,
 		BranchName:     scanInfo.Branch,
 		EnginesEnabled: scanInfo.Engines,
-	}, nil
-}
-
-func summaryReport(
-	scan *wrappers.ScanResponseModel,
-	policies *wrappers.PolicyResponseModel,
-	risksOverviewWrapper wrappers.RisksOverviewWrapper,
-	resultsWrapper wrappers.ResultsWrapper,
-) (*wrappers.ResultSummary, error) {
-	summary, err := convertScanToResultsSummary(scan)
-	if err != nil {
-		return nil, err
 	}
 
 	baseURI, err := resultsWrapper.GetResultsURL(summary.ProjectID)
@@ -391,7 +379,19 @@ func summaryReport(
 
 	summary.BaseURI = baseURI
 	summary.BaseURI = generateScanSummaryURL(summary)
+	if isScanPending(summary.Status) {
+		summary.ScanInfoMessage = scanPendingMessage
+	}
 
+	return summary, nil
+}
+
+func summaryReport(
+	summary *wrappers.ResultSummary,
+	policies *wrappers.PolicyResponseModel,
+	risksOverviewWrapper wrappers.RisksOverviewWrapper,
+	resultsWrapper wrappers.ResultsWrapper,
+) (*wrappers.ResultSummary, error) {
 	if summary.HasAPISecurity() {
 		apiSecRisks, err := getResultsForAPISecScanner(risksOverviewWrapper, summary.ScanID)
 		if err != nil {
@@ -404,7 +404,7 @@ func summaryReport(
 		summary.Policies = filterViolatedRules(*policies)
 	}
 
-	err = enhanceWithScanSummary(summary, resultsWrapper)
+	err := enhanceWithScanSummary(summary, resultsWrapper)
 	if err != nil {
 		return nil, err
 	}
@@ -413,9 +413,7 @@ func summaryReport(
 	setNotAvailableNumberIfZero(summary, &summary.ScaIssues, commonParams.ScaType)
 	setNotAvailableNumberIfZero(summary, &summary.KicsIssues, commonParams.KicsType)
 	setRiskMsgAndStyle(summary)
-	if isScanPending(summary.Status) {
-		summary.ScanInfoMessage = scanPendingMessage
-	}
+
 	return summary, nil
 }
 
@@ -502,7 +500,7 @@ func writeHTMLSummary(targetFile string, summary *wrappers.ResultSummary) error
 }
 func writeMarkdownSummary(targetFile string, data *wrappers.ResultSummary) error {
 	log.Println("Creating Markdown Summary Report: ", targetFile)
-	tmpl, err := template.New(printer.FormatSummaryMarkdown).Parse(wrappers.SummaryMarkdownTemplate)
+	tmpl, err := template.New(printer.FormatSummaryMarkdown).Parse(wrappers.SummaryMarkdownTemplate(isScanPending(data.Status)))
 	if err != nil {
 		return err
 	}
@@ -729,23 +727,29 @@ func CreateScanReport(
 ) error {
 	reportList := strings.Split(reportTypes, ",")
 	results := &wrappers.ScanResultsCollection{}
-	summary := &wrappers.ResultSummary{}
 
-	err := createDirectory(targetPath)
+	summary, err := convertScanToResultsSummary(scan, resultsWrapper)
+	if err != nil {
+		return err
+	}
+
+	scanPending := isScanPending(summary.Status)
+
+	err = createDirectory(targetPath)
 	if err != nil {
 		return err
 	}
 	isResultsNeeded := verifyFormatsByReportList(reportList, resultsFormats...)
-	if isResultsNeeded {
+	if isResultsNeeded && !scanPending {
 		results, err = ReadResults(resultsWrapper, scan, params)
 		if err != nil {
 			return err
 		}
 
 	}
 	isSummaryNeeded := verifyFormatsByReportList(reportList, summaryFormats...)
-	if isSummaryNeeded {
-		summary, err = summaryReport(scan, policyResponseModel, risksOverviewWrapper, resultsWrapper)
+	if isSummaryNeeded && !scanPending {
+		summary, err = summaryReport(summary, policyResponseModel, risksOverviewWrapper, resultsWrapper)
 		if err != nil {
 			return err
 		}
@@ -812,6 +816,15 @@ func isScanPending(scanStatus string) bool {
 	) || strings.EqualFold(scanStatus, "Failed"))
 }
 
+func isValidScanStatus(status, format string) bool {
+	if isScanPending(status) {
+		log.Printf("Result format file %s not create because scan status is %s", format, status)
+		return false
+	}
+
+	return true
+}
+
 func createReport(format,
 	formatPdfToEmail,
 	formatPdfOptions,
@@ -825,15 +838,15 @@ func createReport(format,
 	useSCALocalFlow bool,
 	retrySBOM int) error {
 
-	if printer.IsFormat(format, printer.FormatSarif) {
+	if printer.IsFormat(format, printer.FormatSarif) && isValidScanStatus(summary.Status, printer.FormatSarif) {
 		sarifRpt := createTargetName(targetFile, targetPath, printer.FormatSarif)
 		return exportSarifResults(sarifRpt, results)
 	}
-	if printer.IsFormat(format, printer.FormatSonar) {
+	if printer.IsFormat(format, printer.FormatSonar) && isValidScanStatus(summary.Status, printer.FormatSonar) {
 		sonarRpt := createTargetName(fmt.Sprintf("%s%s", targetFile, sonarTypeLabel), targetPath, printer.FormatJSON)
 		return exportSonarResults(sonarRpt, results)
 	}
-	if printer.IsFormat(format, printer.FormatJSON) {
+	if printer.IsFormat(format, printer.FormatJSON) && isValidScanStatus(summary.Status, printer.FormatJSON) {
 		jsonRpt := createTargetName(targetFile, targetPath, printer.FormatJSON)
 		return exportJSONResults(jsonRpt, results)
 	}
@@ -845,12 +858,12 @@ func createReport(format,
 		convertNotAvailableNumberToZero(summary)
 		return writeHTMLSummary(summaryRpt, summary)
 	}
-	if printer.IsFormat(format, printer.FormatSummaryJSON) {
+	if printer.IsFormat(format, printer.FormatSummaryJSON) && isValidScanStatus(summary.Status, printer.FormatSummaryJSON) {
 		summaryRpt := createTargetName(targetFile, targetPath, printer.FormatJSON)
 		convertNotAvailableNumberToZero(summary)
 		return exportJSONSummaryResults(summaryRpt, summary)
 	}
-	if printer.IsFormat(format, printer.FormatPDF) {
+	if printer.IsFormat(format, printer.FormatPDF) && isValidScanStatus(summary.Status, printer.FormatPDF) {
 		summaryRpt := createTargetName(targetFile, targetPath, printer.FormatPDF)
 		return exportPdfResults(resultsPdfReportsWrapper, summary, summaryRpt, formatPdfToEmail, formatPdfOptions)
 	}
@@ -859,7 +872,7 @@ func createReport(format,
 		convertNotAvailableNumberToZero(summary)
 		return writeMarkdownSummary(summaryRpt, summary)
 	}
-	if printer.IsFormat(format, printer.FormatSbom) {
+	if printer.IsFormat(format, printer.FormatSbom) && isValidScanStatus(summary.Status, printer.FormatSbom) {
 		targetType := printer.FormatJSON
 		if strings.Contains(strings.ToLower(formatSbomOptions), printer.FormatXML) {
 			targetType = printer.FormatXML

@@ -643,7 +643,16 @@ const summaryTemplateFooter = `</div>
 `
 
 // nolint: lll
-const SummaryMarkdownTemplate = `
+const SummaryMarkdownPendingTemplate = `
+# Checkmarx One Scan Summary
+***
+##### {{.ScanInfoMessage}}
+##### [🔗 More details]({{.BaseURI}})
+***
+`
+
+// nolint: lll
+const SummaryMarkdownCompletedTemplate = `
 {{- /* The '-' symbol at the start of the line is used to strip leading white space */ -}}
 {{- /* ResultSummary template */ -}}
 {{ $emoji := "⚪" }}
@@ -687,6 +696,14 @@ const SummaryMarkdownTemplate = `
 {{end}}
 `
 
+func SummaryMarkdownTemplate(isScanPending bool) string {
+	if isScanPending {
+		return SummaryMarkdownPendingTemplate
+	}
+
+	return SummaryMarkdownCompletedTemplate
+}
+
 func SummaryTemplate(isScanPending bool) string {
 	result := summaryTemplateHeader
 	if !isScanPending {