From 4f40a04eb442ca2872799f182107a8ed593443e1 Mon Sep 17 00:00:00 2001
From: Ruud Senden <8635138+rsenden@users.noreply.github.com>
Date: Wed, 21 Aug 2024 10:30:10 +0200
Subject: [PATCH 1/2] fix: SSC: Fix application version link in
`appversion-summary` & `bitbucket-sast-report` actions
---
.../cli/ssc/action/cli/cmd/SSCActionRunCommand.java | 7 +++++--
.../fortify/cli/ssc/actions/zip/appversion-summary.yaml | 2 +-
.../fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml | 2 +-
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java b/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java
index d521f47ab2..53587dec42 100644
--- a/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java
+++ b/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java
@@ -97,9 +97,12 @@ public String issueBrowserUrl(ObjectNode issue, ObjectNode filterset) {
}
return templateRunner.getSpelEvaluator().evaluate(SpelHelper.parseTemplateExpression(deepLinkExpression), issue, String.class);
}
- public String appversionBrowserUrl(ObjectNode appversion) {
+ public String appversionBrowserUrl(ObjectNode appversion, ObjectNode filterset) {
var deepLinkExpression = baseUrl()
- +"/html/ssc/index.jsp#!/version/${id}/fix";
+ +"/html/ssc/version/${id}/audit";
+ if ( filterset!=null ) {
+ deepLinkExpression+="?filterSet="+filterset.get("guid").asText();
+ }
return templateRunner.getSpelEvaluator().evaluate(SpelHelper.parseTemplateExpression(deepLinkExpression), appversion, String.class);
}
private String baseUrl() {
diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml
index 35b4bfe8e0..6e5656a938 100644
--- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml
+++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml
@@ -234,7 +234,7 @@ valueTemplates:
contents: |
# SSC Application Version Summary
- ## [${parameters.appversion.project.name} - ${parameters.appversion.name}](${#ssc.appversionBrowserUrl(parameters.appversion)})
+ ## [${parameters.appversion.project.name} - ${parameters.appversion.name}](${#ssc.appversionBrowserUrl(parameters.appversion,null)})
Summary generated on: ${#formatDateTime(dateFmt)}
diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml
index 20695d15dc..3bfa38d01f 100644
--- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml
+++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml
@@ -102,7 +102,7 @@ valueTemplates:
details: Fortify detected ${annotations?.size()?:0} static ${annotations?.size()==1 ? 'vulnerability':'vulnerabilities'}
#external_id:
reporter: Fortify Static Code Analyzer ${lastStaticScan?.engineVersion?:''}
- link: ${#ssc.appversionBrowserUrl(parameters.appversion)}
+ link: ${#ssc.appversionBrowserUrl(parameters.appversion,parameters.filterset)}
# remote_link_enabled:
logo_url: https://bitbucket.org/workspaces/fortifysoftware/avatar
report_type: SECURITY
From 694e7aec4d9a47b8219629cdf4332b227c1a87a8 Mon Sep 17 00:00:00 2001
From: Ruud Senden <8635138+rsenden@users.noreply.github.com>
Date: Wed, 21 Aug 2024 12:42:12 +0200
Subject: [PATCH 2/2] chore: Update FoD/SSC github-pr-comment actions
chore: Remove unused code
fix: FoD/SSC: Improve `github-pr-comment` action output
---
.../cli/fod/actions/zip/github-pr-comment.yaml | 17 +----------------
.../cli/ssc/actions/zip/github-pr-comment.yaml | 18 ++----------------
2 files changed, 3 insertions(+), 32 deletions(-)
diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml
index 32d340f2da..51e1348e46 100644
--- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml
+++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml
@@ -91,9 +91,6 @@ steps:
- if: ${(issue.status=='New' || issue.status=='Reopen')}
name: newIssues
valueTemplate: mdIssueListItem
- - if: ${(issue.status=='New' || issue.status=='Reopen') && issue.engineType=='Static'}
- name: jsonSourceCodeComments
- valueTemplate: jsonSourceCodeComment
- progress: Generating GitHub request
- set:
@@ -125,7 +122,6 @@ valueTemplates:
# For now, we don't include any source code comments, as this will cause
# GitHub to return an error if the source file doesn't exist in the repo.
comments: ${{}}
- # comments: ${jsonSourceCodeComments?:{}}
- name: reviewBody
contents: |
@@ -143,19 +139,8 @@ valueTemplates:
? "* No removed issues were detected"
: ("* "+#join('\n* ',removedIssues))}
- - name: jsonSourceCodeComment
- contents:
- path: ${issue.primaryLocationFull}
- line: ${issue.lineNumber==0?1:issue.lineNumber}
- body: |
- Security Scanning / Fortify SAST
- ${issue.severityString} - ${issue.category}
- ${#htmlToText(issue.details?.summary)}
-
- More information
- name: mdIssueListItem
- contents: >
- ${issue.status} (${issue.scantype}): [${issue.primaryLocationFull}${issue.lineNumber==null?'':':'+issue.lineNumber} - ${issue.category}](${#fod.issueBrowserUrl(issue)})
+ contents: "${issue.status} (${issue.scantype}) - ${issue.category}: \n[${issue.primaryLocationFull}${issue.lineNumber==null?'':':'+issue.lineNumber}](${#fod.issueBrowserUrl(issue)})"
\ No newline at end of file
diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml
index c4d9d9ed60..67ed97d7e1 100644
--- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml
+++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml
@@ -97,9 +97,6 @@ steps:
- if: ${(issue.scanStatus=='NEW' || issue.scanStatus=='REINTRODUCED')}
name: newIssues
valueTemplate: mdIssueListItem
- - if: ${(issue.scanStatus=='NEW' || issue.scanStatus=='REINTRODUCED') && issue.engineType=='SCA'}
- name: jsonSourceCodeComments
- valueTemplate: jsonSourceCodeComment
- progress: Generating GitHub request
- set:
@@ -131,7 +128,6 @@ valueTemplates:
# For now, we don't include any source code comments, as this will cause
# GitHub to return an error if the source file doesn't exist in the repo.
comments: ${{}}
- # comments: ${jsonSourceCodeComments?:{}}
- name: reviewBody
contents: |
@@ -149,16 +145,6 @@ valueTemplates:
? "* No removed issues were detected"
: ("* "+#join('\n* ',removedIssues))}
- - name: jsonSourceCodeComment
- contents:
- path: ${issue.fullFileName}
- line: ${issue.lineNumber==0?1:issue.lineNumber}
- body: |
- Security Scanning / Fortify SAST
- ${issue.details.friority} - ${issue.details.issueName}
- ${issue.details.brief}
-
- More information
- name: mdIssueListItem
- contents: >
- ${issue.scanStatus} (${issue.engineCategory}): [${issue.fullFileName}${issue.lineNumber==null?'':':'+issue.lineNumber} - ${issue.issueName}](${#ssc.issueBrowserUrl(issue,parameters.filterset)})
\ No newline at end of file
+ contents: "${issue.scanStatus} (${issue.engineCategory}) - ${issue.issueName}: \n[${issue.fullFileName}${issue.lineNumber==null?'':':'+issue.lineNumber}](${#ssc.issueBrowserUrl(issue,parameters.filterset)})"
+
\ No newline at end of file