forked from veracode/veracode-flaws-to-issues
-
Notifications
You must be signed in to change notification settings - Fork 0
/
issue.js
108 lines (92 loc) · 3.64 KB
/
issue.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
//
// GitHub issue importer
//
const { request } = require('@octokit/request');
const core = require('@actions/core');
// add the flaw to GitHub as an Issue
async function addVeracodeIssue(options, issue) {
const label = require('./label');
const ApiError = require('./util').ApiError;
const githubOwner = options.githubOwner;
const githubRepo = options.githubRepo;
const githubToken = options.githubToken;
console.debug(`Adding Issue for ${issue.title}`);
var authToken = 'token ' + githubToken;
await request('POST /repos/{owner}/{repo}/issues', {
headers: {
authorization: authToken
},
owner: githubOwner,
repo: githubRepo,
data: {
"title": issue.title,
"labels": [label.severityToLabel(issue.severity), issue.label],
"body": issue.body+`/nDon't know how to fix this? Don't know why this was reported?<br><a href="http://www.veracode.com">Get Assistance from Veracode</a>`
}
})
.then( async result => {
console.log(`Issue successfully created, result: ${result.status}`);
var issue_number = result.data.number
if ( options.debug == "true" ){
core.info('#### DEBUG START ####')
core.info('issues.js')
console.log("isPr?: "+options.isPR)
core.info('#### DEBUG END ####')
}
// const mailToLink = buildMailToLink(
// `https://github.com/${githubOwner}/${githubRepo}/issues/${issue_number}`,
// issue.flaw
// );
// await request('POST /repos/{owner}/{repo}/issues/{issue_number}/comments', {
// headers: {
// authorization: authToken
// },
// owner: githubOwner,
// repo: githubRepo,
// issue_number: issue_number,
// data: {
// "body": `Don't know how to fix this? Don't know why this was reported?<br>
// <a href="${mailToLink}">Get Assistance from Veracode</a>`
// }
// });
if ( issue.pr_link != "" && options.isPR >=1 ){
console.log('Running on a PR, adding PR to the issue.')
//console.log('pr_link: '+issue.pr_link+'\nissue_number: '+issue_number)
await request('POST /repos/{owner}/{repo}/issues/{issue_number}/comments', {
headers: {
authorization: authToken
},
owner: githubOwner,
repo: githubRepo,
issue_number: issue_number,
data: {
"body": issue.pr_link
}
})
}
return issue_number
})
.catch( error => {
// 403 possible rate-limit error
if((error.status == 403) && (error.message.indexOf('abuse detection') > 0) ) {
console.warn(`GitHub rate limiter tripped, ${error.message}`);
throw new ApiError('Rate Limiter tripped');
} else {
throw new Error (`Error ${error.status} creating Issue for \"${issue.title}\": ${error.message}`);
}
});
}
function buildMailToLink(issueUrl, flaw) {
return 'mailto:[email protected]?subject=' +
encodeURIComponent('[veracode/veracode-flaws-to-issues] Get Assistance') +
'&body=' +
encodeURIComponent(`Hi,
Could you please help me with: ${issueUrl}.
A CWE-${flaw.cwe.id}: ${flaw.cwe.name} flaw reported on line ${flaw.lineNumber} of ${flaw.file} .
I'd like help with:
[ ] Understanding why this flaw was reported
[ ] Fixing this flaw
[ ] Other, namely: [[ please describe here ]]
Thank you.`);
}
module.exports = { addVeracodeIssue };