Merge pull request #662 from kadraman/fod-release-summary-update

Updating `release-summary` FoD action for latest API updates
fortify · Dec 17, 2024 · 6f7989a · 6f7989a
2 parents b9c4655 + b7e16c4
commit 6f7989a
Showing 1 changed file with 5 additions and 31 deletions.
diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml
@@ -30,11 +30,11 @@ steps:
       # Define output date format
     - name: dateFmt
       value: YYYY-MM-dd HH:mm
-  # Note: change/remove the following when Open Source counts are available on the release object     
+  # Update Note: although open source counts are now available on the release object, the date of last open source scan is not so still need below 
   - progress: Loading Scans
   - requests:
     - name: scans
-      # we can't filter on scan type so we have to trawl through in to find "latest" open source scan :(
+      # we can't filter on scan type so we have to trawl through scans to find "latest" open source scan :(
       uri: /api/v3/releases/${r.releaseId}/scans?limit=50
       query:
         orderBy: completedDateTime
@@ -50,32 +50,6 @@ steps:
               value: ${scan.scanType}
             - name: ossScanDate
               value: ${scan.completedDateTime} 
-          #- write:
-          #  - to: stdout
-          #    value: ${scanType} - ${ossScanDate}                     
-  - progress: Loading Vulnerabilities
-  - requests:
-    - name: issues
-      if: ${ossScanDate!=null}
-      uri: /api/v3/releases/${r.releaseId}/vulnerabilities?filters=category%3AOpen%20Source&limit=1 
-      onResponse:
-        - steps:
-          - set:
-            - name: ossTotal
-              value: ${issues_raw.totalCount}
-          - set:
-            - name: ossCritical
-              value: ${issues_raw.filters.^[#this.fieldName == 'severity']?.fieldFilterValues?.^[#this.value == "Critical"]?.count?:0}       
-          - set:
-            - name: ossHigh
-              value: ${issues_raw.filters.^[#this.fieldName == 'severity']?.fieldFilterValues?.^[#this.value == "High"]?.count?:0}   
-          - set:
-            - name: ossMedium
-              value: ${issues_raw.filters.^[#this.fieldName == 'severity']?.fieldFilterValues?.^[#this.value == "Medium"]?.count?:0}   
-          - set:
-            - name: ossLow
-              value: ${issues_raw.filters.^[#this.fieldName == 'severity']?.fieldFilterValues?.^[#this.value == "Low"]?.count?:0}                      
-  # replace up to here
 
   - write:
     - to: ${parameters.file}
@@ -85,7 +59,7 @@ steps:
       value: |
         Output written to ${parameters.file}
 
-# Note: update references when Open Source counts are available on the release object, e.g. r.ossScanDate, r.ossCritical ...
+# Note: update ossScanDate when it is available on release object ...
 valueTemplates:
   - name: summary-md
     contents: |
@@ -105,7 +79,7 @@ valueTemplates:
       | **Static**      | ${(#isBlank(r.staticScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.staticScanDate))  +' | '+#fmt('%8s', r.staticCritical)                                   +' | '+#fmt('%8s', r.staticHigh)                           +' | '+#fmt('%8s', r.staticMedium)                               +' | '+#fmt('%8s', r.staticLow)                         +' |'}
       | **Dynamic**     | ${(#isBlank(r.dynamicScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.dynamicScanDate))+' | '+#fmt('%8s', r.dynamicCritical)                                  +' | '+#fmt('%8s', r.dynamicHigh)                          +' | '+#fmt('%8s', r.dynamicMedium)                              +' | '+#fmt('%8s', r.dynamicLow)                        +' |'}
       | **Mobile**      | ${(#isBlank(r.mobileScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.mobileScanDate))  +' | '+#fmt('%8s', r.mobileCritical)                                   +' | '+#fmt('%8s', r.mobileHigh)                           +' | '+#fmt('%8s', r.mobileMedium)                               +' | '+#fmt('%8s', r.mobileLow)                         +' |'}
-      | **Open Source** | ${(#isBlank(ossScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, ossScanDate))  +' | '+#fmt('%8s', (ossCritical!=null?ossCritical:0))                                   +' | '+#fmt('%8s', (ossHigh!=null?ossHigh:0))                           +' | '+#fmt('%8s', (ossMedium!=null?ossMedium:0))                               +' | '+#fmt('%8s', (ossLow!=null?ossLow:0))                         +' |'}
-      | **Total**       |                  | ${#fmt('%8s', r.staticCritical+r.dynamicCritical+r.mobileCritical+(ossCritical!=null?ossCritical:0))+' | '+#fmt('%8s', r.staticHigh+r.dynamicHigh+r.mobileHigh+(ossHigh!=null?ossHigh:0))+' | '+#fmt('%8s', r.staticMedium+r.dynamicMedium+r.mobileMedium+(ossMedium!=null?ossMedium:0))+' | '+#fmt('%8s', r.staticLow+r.dynamicLow+r.mobileLow+(ossLow!=null?ossLow:0))+' |'}
+      | **Open Source** | ${(#isBlank(ossScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, ossScanDate))  +' | '+#fmt('%8s', r.openSourceCritical)                                   +' | '+#fmt('%8s', r.openSourceHigh)                           +' | '+#fmt('%8s', r.openSourceMedium)                               +' | '+#fmt('%8s', r.openSourceLow)                         +' |'}
+      | **Total**       |                  | ${#fmt('%8s', r.staticCritical+r.dynamicCritical+r.mobileCritical+r.openSourceCritical)+' | '+#fmt('%8s', r.staticHigh+r.dynamicHigh+r.mobileHigh+r.openSourceHigh)+' | '+#fmt('%8s', r.staticMedium+r.dynamicMedium+r.mobileMedium+r.openSourceMedium)+' | '+#fmt('%8s', r.staticLow+r.dynamicLow+r.mobileLow+r.openSourceLow)+' |'}