Merge pull request #117 from snyk/feat/include-snyk-details-url-in-er…

…ror-messages

feat: include snyk details URL in error messages

core/pom.xml

@@ -43,6 +43,12 @@
       <version>5.4.0</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.assertj</groupId>
+      <artifactId>assertj-core</artifactId>
+      <version>3.26.3</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 
   <build>

core/src/main/java/io/snyk/plugins/artifactory/scanner/PackageValidator.java

@@ -58,7 +58,9 @@ private void validateIssues(IssueSummary summary, Severity threshold, boolean ig
     }
 
     LOG.debug("Package has {} with severity {} or higher: {}", issueType, threshold, artifact.getPath());
-    throw new CancelException(format("Artifact has %s with severity %s or higher: %s", issueType, threshold, artifact.getPath()), 403);
+    throw new CancelException(format("Artifact has %s with severity %s or higher: %s. Details: %s",
+      issueType, threshold, artifact.getPath(), artifact.getTestResult().getDetailsUrl()
+    ), 403);
   }
 
 }

core/src/test/java/io/snyk/plugins/artifactory/scanner/PackageValidatorTest.java

@@ -8,8 +8,8 @@
 import java.net.URI;
 import java.util.stream.Stream;
 
-import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
-import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.assertj.core.api.AssertionsForClassTypes.assertThatCode;
+import static org.assertj.core.api.AssertionsForClassTypes.assertThatThrownBy;
 
 class PackageValidatorTest {
 
@@ -28,7 +28,7 @@ void validate_severityBelowThreshold_allowed() {
       new Ignores()
     );
 
-    assertDoesNotThrow(() -> validator.validate(artifact));
+    assertThatCode(() -> validator.validate(artifact)).doesNotThrowAnyException();
   }
 
   @Test
@@ -46,7 +46,7 @@ void validate_vulnIssueAboveThreshold_forbidden() {
       new Ignores()
     );
 
-    assertThrows(CancelException.class, () -> validator.validate(artifact));
+    assertThatThrownBy(() -> validator.validate(artifact)).isExactlyInstanceOf(CancelException.class);
   }
 
   @Test
@@ -64,7 +64,7 @@ void validate_vulnIssuesIgnored_allowed() {
       new Ignores().withIgnoreVulnIssues(true)
     );
 
-    assertDoesNotThrow(() -> validator.validate(artifact));
+    assertThatCode(() -> validator.validate(artifact)).doesNotThrowAnyException();
   }
 
   @Test
@@ -82,7 +82,7 @@ void validate_licenseIssueAboveThreshold_forbidden() {
       new Ignores()
     );
 
-    assertThrows(CancelException.class, () -> validator.validate(artifact));
+    assertThatThrownBy(() -> validator.validate(artifact)).isExactlyInstanceOf(CancelException.class);
   }
 
   @Test
@@ -100,6 +100,25 @@ void validate_licenseIssuesIgnored_allowed() {
       new Ignores().withIgnoreLicenseIssues(true)
     );
 
-    assertDoesNotThrow(() -> validator.validate(artifact));
+    assertThatCode(() -> validator.validate(artifact)).doesNotThrowAnyException();
+  }
+
+  @Test
+  void validate_includesSnykDetailsUrlInCancelException() {
+    ValidationSettings settings = new ValidationSettings()
+      .withVulnSeverityThreshold(Severity.LOW);
+    PackageValidator validator = new PackageValidator(settings);
+    MonitoredArtifact artifact = new MonitoredArtifact("",
+      new TestResult(
+        IssueSummary.from(Stream.of(Severity.LOW)),
+        IssueSummary.from(Stream.empty()),
+        URI.create("https://snyk.io/package/details")
+      ),
+      new Ignores()
+    );
+
+    assertThatThrownBy(() -> validator.validate(artifact))
+      .isExactlyInstanceOf(CancelException.class)
+      .hasMessageContaining("https://snyk.io/package/details");
   }
 }