refactor(engine_risk): ✨ Add hyperlink for findings excluded by tag a…

…ge and findings with tag blacklisted.
bancolombia · Nov 7, 2024 · 7364f1e · 7364f1e
1 parent 7aa0d95
commit 7364f1e
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 18 deletions.
diff --git a/tools/devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py b/tools/devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py
@@ -13,6 +13,7 @@
 
 from collections import Counter
 import copy
+from rich.console import Console
 
 
 class BreakBuild:
@@ -205,6 +206,7 @@ def _tag_blacklist_control(self, report_list: "list[Report]"):
         if report_list:
             tag_blacklist = set(remote_config["THRESHOLD"]["TAG_BLACKLIST"])
             tag_age_threshold = remote_config["THRESHOLD"]["TAG_MAX_AGE"]
+            console = Console()
 
             filtered_reports_above_threshold = [
                 (report, tag)
@@ -222,19 +224,13 @@ def _tag_blacklist_control(self, report_list: "list[Report]"):
 
             for report, tag in filtered_reports_above_threshold:
                 report.reason = "Blacklisted"
-                print(
-                    self.devops_platform_gateway.message(
-                        "error",
-                        f"Report {report.vuln_id_from_tool if report.vuln_id_from_tool else report.id} with tag {tag} is blacklisted and age {report.age} is above threshold {tag_age_threshold}",
-                    )
+                console.print(
+                    f"[red]Report [link={report.vm_id_url}]{report.vm_id}[/link] with tag {tag} is blacklisted and age {report.age} is above threshold {tag_age_threshold}[/red]"
                 )
 
             for report, tag in filtered_reports_below_threshold:
-                print(
-                    self.devops_platform_gateway.message(
-                        "warning",
-                        f"Report {report.vuln_id_from_tool if report.vuln_id_from_tool else report.id} with tag {tag} is blacklisted but age {report.age} is below threshold {tag_age_threshold}",
-                    )
+                console.print(
+                    f"[yellow]Report [link={report.vm_id_url}]{report.vm_id}[/link] with tag {tag} is blacklisted but age {report.age} is below threshold {tag_age_threshold}[/yellow]"
                 )
 
             if filtered_reports_above_threshold:
@@ -269,9 +265,7 @@ def _risk_score_control(self, report_list: "list[Report]"):
                     break_build = True
                     report.reason = "Risk Score"
                     self.report_breaker.append(copy.deepcopy(report))
-            print(
-                "Below are open vulnerabilities from Vulnerability Management Platform"
-            )
+            print("Below are open findings from Vulnerability Management Platform")
             self.printer_table_gateway.print_table_report(
                 report_list,
             )
@@ -295,7 +289,8 @@ def _risk_score_control(self, report_list: "list[Report]"):
         else:
             print(
                 self.devops_platform_gateway.message(
-                    "succeeded", "There are no vulnerabilities"
+                    "succeeded",
+                    "There are no open findings from Vulnerability Management Platform",
                 )
             )
 

diff --git a/tools/devsecops_engine_tools/engine_risk/src/domain/usecases/handle_filters.py b/tools/devsecops_engine_tools/engine_risk/src/domain/usecases/handle_filters.py
@@ -1,6 +1,7 @@
 import copy
 from rich.console import Console
 
+
 class HandleFilters:
     def filter(self, findings):
         active_findings = self._get_active_findings(findings)
@@ -64,7 +65,7 @@ def filter_tags_days(self, remote_config, findings):
                 if tag in tag_exclusion_days and finding.age < tag_exclusion_days[tag]:
                     exclude = True
                     console.print(
-                        f"[yellow]Finding [link={finding.vm_id_url}]{finding.vm_id}[/link] with tag '{tag}' and age {finding.age} days is being excluded. It will be considered in {tag_exclusion_days[tag] - finding.age} days.[/yellow]"
+                        f"[yellow]Report [link={finding.vm_id_url}]{finding.vm_id}[/link] with tag '{tag}' and age {finding.age} days is being excluded. It will be considered in {tag_exclusion_days[tag] - finding.age} days.[/yellow]"
                     )
                     break
             if not exclude:

diff --git a/tools/devsecops_engine_tools/engine_risk/src/infrastructure/entry_points/entry_point_risk.py b/tools/devsecops_engine_tools/engine_risk/src/infrastructure/entry_points/entry_point_risk.py
@@ -45,9 +45,7 @@ def init_engine_risk(
 
     unique_findings = handle_filters.filter_duplicated(active_findings)
 
-    filtered_findings = handle_filters.filter_tags_days(
-        remote_config, unique_findings
-    )
+    filtered_findings = handle_filters.filter_tags_days(remote_config, unique_findings)
 
     data_added = AddData(add_epss_gateway, filtered_findings).process()