Fixed Jira description overflow issue (#1351)

* Fixed Jira description overflow issue * Added constant for Jira description
checkmarx-ltd · May 28, 2024 · 0dbdf40 · 0dbdf40
1 parent 5ea6806
commit 0dbdf40
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 4 deletions.
diff --git a/docs/Bug-Trackers-and-Feedback-Channels.md b/docs/Bug-Trackers-and-Feedback-Channels.md
@@ -109,6 +109,7 @@ jira:
    sast-issue-summary-branch-format: "[VULNERABILITY] in [PROJECT] with severity [SEVERITY] @ [FILENAME][[BRANCH]]"
    sca-issue-summary-branch-format: "[PREFIX] : [VULNERABILITY] in [PACKAGE] and [VERSION] @ [REPO].[BRANCH][POSTFIX]"
    sca-issue-summary-format: "[PREFIX] : [VULNERABILITY] in [PACKAGE] and [VERSION] @ [REPO][POSTFIX]"
+   max-description-length : <should be greater than 4 and less than 20000>
    suppress-code-snippets:
       - Hardcoded_Password_in_Connection_String
       - Password_In_Comment

diff --git a/src/main/java/com/checkmarx/flow/config/JiraProperties.java b/src/main/java/com/checkmarx/flow/config/JiraProperties.java
@@ -66,6 +66,8 @@ public class JiraProperties {
     private String DeployType;
     @Getter @Setter
     private TokenType TokenType;
+    @Getter @Setter
+    private int maxDescriptionLength =20000;
 
     public String getUrl() {
         return this.url;

diff --git a/src/main/java/com/checkmarx/flow/constants/JiraConstants.java b/src/main/java/com/checkmarx/flow/constants/JiraConstants.java
@@ -7,6 +7,7 @@ private JiraConstants(){}
     public static final String UPDATED_TICKET = "updated";
     public static final String CLOSED_TICKET = "closed";
     public static final int JIRA_MAX_DESCRIPTION = 32760;
+    public static  final int JIRA_MAX_ISSUE_DESCRIPTION = 20000;
 
     public static final int MAX_RESULTS_ALLOWED = 1000000;
     public static final String JIRA_ISSUE_BODY_WITH_BRANCH = "*%s* issue exists @ *%s* in branch *%s*";

diff --git a/src/main/java/com/checkmarx/flow/service/JiraService.java b/src/main/java/com/checkmarx/flow/service/JiraService.java
@@ -1492,7 +1492,9 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil
         if (useBranch) {
             if (Optional.ofNullable(issue.getScaDetails()).isPresent()) {
                 issue.getScaDetails().stream().findAny().ifPresent(any -> {
-                    body.append(any.getFinding().getDescription()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
+                    //minimum length can be 4 because description will have a...
+                    int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength();
+                    body.append(StringUtils.abbreviate(any.getFinding().getDescription(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
                     body.append(String.format(SCATicketingConstants.SCA_JIRA_ISSUE_BODY, any.getFinding().getSeverity(), any.getVulnerabilityPackage().getName(), request.getBranch())).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
                 });
             } else {
@@ -1502,7 +1504,9 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil
         } else {
             if (Optional.ofNullable(issue.getScaDetails()).isPresent()) {
                 issue.getScaDetails().stream().findAny().ifPresent(any -> {
-                    body.append(any.getFinding().getDescription()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
+                    //minimum length can be 4 because description will have a...
+                    int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength();
+                    body.append(StringUtils.abbreviate(any.getFinding().getDescription(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
                     body.append(String.format(SCATicketingConstants.SCA_JIRA_ISSUE_BODY_WITHOUT_BRANCH, any.getFinding().getSeverity(), any.getVulnerabilityPackage().getName())).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
                 });
             } else {
@@ -1511,8 +1515,11 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil
 
         }
         Optional.ofNullable(issue.getDescription())
-                .ifPresent(d -> body.append(d.trim()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF));
-
+                .ifPresent(d -> {
+                    //minimum length can be 4 because description will have a...
+                    int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength();
+                    body.append(StringUtils.abbreviate(d.trim(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF);
+                });
         String repoUrl = request.getRepoUrl();
 
         if ( !ScanUtils.empty(repoUrl) && repoUrl.contains("gitlab-ci-token") && repoUrl.contains("@")) {