From 0dbdf408106d91c1d3fe603395afe4865319fec5 Mon Sep 17 00:00:00 2001 From: itsKedar <37594766+itsKedar@users.noreply.github.com> Date: Tue, 28 May 2024 10:26:41 +0530 Subject: [PATCH] Fixed Jira description overflow issue (#1351) * Fixed Jira description overflow issue * Added constant for Jira description --- docs/Bug-Trackers-and-Feedback-Channels.md | 1 + .../com/checkmarx/flow/config/JiraProperties.java | 2 ++ .../checkmarx/flow/constants/JiraConstants.java | 1 + .../com/checkmarx/flow/service/JiraService.java | 15 +++++++++++---- 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/docs/Bug-Trackers-and-Feedback-Channels.md b/docs/Bug-Trackers-and-Feedback-Channels.md index bff8805af..05394152a 100644 --- a/docs/Bug-Trackers-and-Feedback-Channels.md +++ b/docs/Bug-Trackers-and-Feedback-Channels.md @@ -109,6 +109,7 @@ jira: sast-issue-summary-branch-format: "[VULNERABILITY] in [PROJECT] with severity [SEVERITY] @ [FILENAME][[BRANCH]]" sca-issue-summary-branch-format: "[PREFIX] : [VULNERABILITY] in [PACKAGE] and [VERSION] @ [REPO].[BRANCH][POSTFIX]" sca-issue-summary-format: "[PREFIX] : [VULNERABILITY] in [PACKAGE] and [VERSION] @ [REPO][POSTFIX]" + max-description-length : suppress-code-snippets: - Hardcoded_Password_in_Connection_String - Password_In_Comment diff --git a/src/main/java/com/checkmarx/flow/config/JiraProperties.java b/src/main/java/com/checkmarx/flow/config/JiraProperties.java index 6162f0947..c35ce6c2a 100644 --- a/src/main/java/com/checkmarx/flow/config/JiraProperties.java +++ b/src/main/java/com/checkmarx/flow/config/JiraProperties.java @@ -66,6 +66,8 @@ public class JiraProperties { private String DeployType; @Getter @Setter private TokenType TokenType; + @Getter @Setter + private int maxDescriptionLength =20000; public String getUrl() { return this.url; diff --git a/src/main/java/com/checkmarx/flow/constants/JiraConstants.java b/src/main/java/com/checkmarx/flow/constants/JiraConstants.java index eaf28983f..c5ed4d3bd 100644 --- a/src/main/java/com/checkmarx/flow/constants/JiraConstants.java +++ b/src/main/java/com/checkmarx/flow/constants/JiraConstants.java @@ -7,6 +7,7 @@ private JiraConstants(){} public static final String UPDATED_TICKET = "updated"; public static final String CLOSED_TICKET = "closed"; public static final int JIRA_MAX_DESCRIPTION = 32760; + public static final int JIRA_MAX_ISSUE_DESCRIPTION = 20000; public static final int MAX_RESULTS_ALLOWED = 1000000; public static final String JIRA_ISSUE_BODY_WITH_BRANCH = "*%s* issue exists @ *%s* in branch *%s*"; diff --git a/src/main/java/com/checkmarx/flow/service/JiraService.java b/src/main/java/com/checkmarx/flow/service/JiraService.java index b1f97e932..83e942149 100644 --- a/src/main/java/com/checkmarx/flow/service/JiraService.java +++ b/src/main/java/com/checkmarx/flow/service/JiraService.java @@ -1492,7 +1492,9 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil if (useBranch) { if (Optional.ofNullable(issue.getScaDetails()).isPresent()) { issue.getScaDetails().stream().findAny().ifPresent(any -> { - body.append(any.getFinding().getDescription()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); + //minimum length can be 4 because description will have a... + int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength(); + body.append(StringUtils.abbreviate(any.getFinding().getDescription(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); body.append(String.format(SCATicketingConstants.SCA_JIRA_ISSUE_BODY, any.getFinding().getSeverity(), any.getVulnerabilityPackage().getName(), request.getBranch())).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); }); } else { @@ -1502,7 +1504,9 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil } else { if (Optional.ofNullable(issue.getScaDetails()).isPresent()) { issue.getScaDetails().stream().findAny().ifPresent(any -> { - body.append(any.getFinding().getDescription()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); + //minimum length can be 4 because description will have a... + int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength(); + body.append(StringUtils.abbreviate(any.getFinding().getDescription(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); body.append(String.format(SCATicketingConstants.SCA_JIRA_ISSUE_BODY_WITHOUT_BRANCH, any.getFinding().getSeverity(), any.getVulnerabilityPackage().getName())).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); }); } else { @@ -1511,8 +1515,11 @@ private String getBody(ScanResults.XIssue issue, ScanRequest request, String fil } Optional.ofNullable(issue.getDescription()) - .ifPresent(d -> body.append(d.trim()).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF)); - + .ifPresent(d -> { + //minimum length can be 4 because description will have a... + int maxLength = (jiraProperties.getMaxDescriptionLength() < 4 || jiraProperties.getMaxDescriptionLength() > JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION) ? JiraConstants.JIRA_MAX_ISSUE_DESCRIPTION : jiraProperties.getMaxDescriptionLength(); + body.append(StringUtils.abbreviate(d.trim(), maxLength)).append(HTMLHelper.CRLF).append(HTMLHelper.CRLF); + }); String repoUrl = request.getRepoUrl(); if ( !ScanUtils.empty(repoUrl) && repoUrl.contains("gitlab-ci-token") && repoUrl.contains("@")) {