feat(whitesource): create json report (#2699)

* feat(withesource): create json report * proper constant value * update generation
2025-01-18 05:18:24 +02:00 · 2021-03-19 11:10:08 +01:00 · 2021-03-19 11:10:08 +01:00 · 9b6a8cb3b6
commit 9b6a8cb3b6
parent e83a380c09
7 changed files with 22 additions and 16 deletions
--- a/cmd/getConfig.go
+++ b/cmd/getConfig.go
@ -185,8 +185,8 @@ func prepareOutputEnvironment(outputResources []config.StepResources, envRootPat
 	// ToDo: evaluate if we can rather call this only in the correct step context (we know the step when calling getConfig!)
 	// Could this be part of the container definition in the step.yaml?
 	stepOutputDirectories := []string{
-		reporting.MarkdownReportDirectory, // standard directory to collect md reports for pipelineCreateScanSummary
-		ws.ReportsDirectory,               // standard directory for reports created by whitesourceExecuteScan
+		reporting.StepReportDirectory, // standard directory to collect md reports for pipelineCreateScanSummary
+		ws.ReportsDirectory,           // standard directory for reports created by whitesourceExecuteScan
 	}

 	for _, dir := range stepOutputDirectories {
--- a/cmd/metadata_generated.go
+++ b/cmd/metadata_generated.go
@ -29,7 +29,6 @@ func GetAllStepMetadata() map[string]config.StepData {
 		"cloudFoundryDeleteService":               cloudFoundryDeleteServiceMetadata(),
 		"cloudFoundryDeleteSpace":                 cloudFoundryDeleteSpaceMetadata(),
 		"cloudFoundryDeploy":                      cloudFoundryDeployMetadata(),
-		"pipelineCreateScanSummary":               pipelineCreateScanSummaryMetadata(),
 		"detectExecuteScan":                       detectExecuteScanMetadata(),
 		"fortifyExecuteScan":                      fortifyExecuteScanMetadata(),
 		"gctsCloneRepository":                     gctsCloneRepositoryMetadata(),
@ -65,6 +64,7 @@ func GetAllStepMetadata() map[string]config.StepData {
 		"nexusUpload":                             nexusUploadMetadata(),
 		"npmExecuteLint":                          npmExecuteLintMetadata(),
 		"npmExecuteScripts":                       npmExecuteScriptsMetadata(),
+		"pipelineCreateScanSummary":               pipelineCreateScanSummaryMetadata(),
 		"protecodeExecuteScan":                    protecodeExecuteScanMetadata(),
 		"containerSaveImage":                      containerSaveImageMetadata(),
 		"sonarExecuteScan":                        sonarExecuteScanMetadata(),
--- a/cmd/pipelineCreateScanSummary.go
+++ b/cmd/pipelineCreateScanSummary.go
@ -39,7 +39,7 @@ func pipelineCreateScanSummary(config pipelineCreateScanSummaryOptions, telemetr

 func runPipelineCreateScanSummary(config *pipelineCreateScanSummaryOptions, telemetryData *telemetry.CustomData, utils pipelineCreateScanSummaryUtils) error {

-	pattern := reporting.MarkdownReportDirectory + "/*.json"
+	pattern := reporting.StepReportDirectory + "/*.json"
 	reports, _ := utils.Glob(pattern)

 	scanReports := []reporting.ScanReport{}
--- a/cmd/whitesourceExecuteScan.go
+++ b/cmd/whitesourceExecuteScan.go
@ -670,20 +670,20 @@ func writeCustomVulnerabilityReports(scanReport reporting.ScanReport, utils whit
 	}
 	reportPaths = append(reportPaths, piperutils.Path{Name: "WhiteSource Vulnerability Report", Target: htmlReportPath})

-	// markdown reports are used by step pipelineCreateSummary in order to e.g. prepare an issue creation in GitHub
-	// ignore templating errors since template is in our hands and issues will be detected with the automated tests
-	mdReport, _ := scanReport.ToMarkdown()
-	if exists, _ := utils.DirExists(reporting.MarkdownReportDirectory); !exists {
-		err := utils.MkdirAll(reporting.MarkdownReportDirectory, 0777)
+	// JSON reports are used by step pipelineCreateSummary in order to e.g. prepare an issue creation in GitHub
+	// ignore JSON errors since structure is in our hands
+	jsonReport, _ := scanReport.ToJSON()
+	if exists, _ := utils.DirExists(reporting.StepReportDirectory); !exists {
+		err := utils.MkdirAll(reporting.StepReportDirectory, 0777)
 		if err != nil {
 			return reportPaths, errors.Wrap(err, "failed to create reporting directory")
 		}
 	}
-	if err := utils.FileWrite(filepath.Join(reporting.MarkdownReportDirectory, fmt.Sprintf("whitesourceExecuteScan_%v.md", utils.Now().Format("20060102150405"))), mdReport, 0666); err != nil {
+	if err := utils.FileWrite(filepath.Join(reporting.StepReportDirectory, fmt.Sprintf("whitesourceExecuteScan_%v.json", utils.Now().Format("20060102150405"))), jsonReport, 0666); err != nil {
 		log.SetErrorCategory(log.ErrorConfiguration)
 		return reportPaths, errors.Wrapf(err, "failed to write markdown report")
 	}
-	// we do not add the markdown report to the overall list of reports for now,
+	// we do not add the json report to the overall list of reports for now,
 	// since it is just an intermediary report used as input for later
 	// and there does not seem to be real benefit in archiving it.

--- a/cmd/whitesourceExecuteScan_test.go
+++ b/cmd/whitesourceExecuteScan_test.go
@ -677,7 +677,7 @@ func TestWriteCustomVulnerabilityReports(t *testing.T) {
 		assert.NoError(t, err)
 		assert.True(t, exists)

-		exists, err = utilsMock.FileExists(filepath.Join(reporting.MarkdownReportDirectory, "whitesourceExecuteScan_20100510001542.md"))
+		exists, err = utilsMock.FileExists(filepath.Join(reporting.StepReportDirectory, "whitesourceExecuteScan_20100510001542.json"))
 		assert.NoError(t, err)
 		assert.True(t, exists)
 	})
@ -693,11 +693,11 @@ func TestWriteCustomVulnerabilityReports(t *testing.T) {
 		assert.Contains(t, fmt.Sprint(err), "failed to write html report")
 	})

-	t.Run("failed to write markdown report", func(t *testing.T) {
+	t.Run("failed to write json report", func(t *testing.T) {
 		scanReport := reporting.ScanReport{}
 		utilsMock := newWhitesourceUtilsMock()
 		utilsMock.FileWriteErrors = map[string]error{
-			filepath.Join(reporting.MarkdownReportDirectory, "whitesourceExecuteScan_20100510001542.md"): fmt.Errorf("write error"),
+			filepath.Join(reporting.StepReportDirectory, "whitesourceExecuteScan_20100510001542.json"): fmt.Errorf("write error"),
 		}

 		_, err := writeCustomVulnerabilityReports(scanReport, utilsMock)
--- a/pkg/reporting/reporting.go
+++ b/pkg/reporting/reporting.go
@ -2,6 +2,7 @@ package reporting

 import (
 	"bytes"
+	"encoding/json"
 	"fmt"
 	"text/template"
 	"time"
@ -84,8 +85,13 @@ func (s *ScanReport) AddSubHeader(header, details string) {
 	s.Subheaders = append(s.Subheaders, Subheader{Description: header, Details: details})
 }

-// MarkdownReportDirectory specifies the default directory for markdown reports which can later be collected by step pipelineCreateSummary
-const MarkdownReportDirectory = ".pipeline/stepReports"
+//StepReportDirectory specifies the default directory for markdown reports which can later be collected by step pipelineCreateSummary
+const StepReportDirectory = ".pipeline/stepReports"
+
+// ToJSON returns the report in JSON format
+func (s *ScanReport) ToJSON() ([]byte, error) {
+	return json.Marshal(s)
+}

 const reportHTMLTemplate = `<!DOCTYPE html>
 <html>
--- a/resources/metadata/pipelineCreateScanSummary.yaml
+++ b/resources/metadata/pipelineCreateScanSummary.yaml