Merge pull request #45 from Br3nd3n/do-not-stop-on-failed-comment

willem-delbare · web-flow · commit 1c1bbfb575ff · 2024-04-05T17:02:41.000+02:00
Fix for minor issues after production testing 🔥
diff --git a/dist/index.js b/dist/index.js
@@ -283,7 +283,7 @@ async function createReviewComments(secretKey, scanId) {
             path: finding.file,
             line: finding.end_line,
             start_line: finding.start_line,
-            body: `${finding.title}\n${finding.description}\n**Remediation:** ${finding.remediation}\n**Details**: [View details](https://app.aikido.dev/featurebranch/scan/${scanId})`
+            body: `${finding.title}\n${finding.description}\n**Remediation:** ${finding.remediation}\n**Aikido Security:**: [View details](https://app.aikido.dev/featurebranch/scan/${scanId}?groupId=${findingResponse.group_id})`
         }));
         if (findings.length > 0) {
             await (0, postReviewComment_1.postFindingsAsReviewComments)(findings);
@@ -485,15 +485,25 @@ const postFindingsAsReviewComments = async (findings) => {
             existingFinding = comment;
         }
         if (typeof existingFinding === 'undefined') {
-            await octokit.rest.pulls.createReviewComment({
-                ...context.repo,
-                pull_number: pullRequestNumber,
-                commit_id: finding.commit_id,
-                path: finding.path,
-                body: finding.body,
-                line: finding.line,
-                ...(finding.start_line != finding.line) && { start_line: finding.start_line }
-            });
+            try {
+                await octokit.rest.pulls.createReviewComment({
+                    ...context.repo,
+                    pull_number: pullRequestNumber,
+                    commit_id: finding.commit_id,
+                    path: finding.path,
+                    body: finding.body,
+                    line: finding.line,
+                    ...(finding.start_line != finding.line) && { start_line: finding.start_line }
+                });
+            }
+            catch (error) {
+                if (error instanceof Error) {
+                    core.info(`unable to post scan status comment due to error: ${error.message}. Tried posting ${JSON.stringify(finding)}`);
+                }
+                else {
+                    core.info(`unable to post scan status comment due to unknown error`);
+                }
+            }
         }
     }
 };
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/api.ts b/src/api.ts
@@ -25,6 +25,7 @@ export type GetScanStatusResponse =
 
 export type GetScanFindingsResponse =
 		{
+			group_id: number,
 			start_commit_id?: string,
 			end_commit_id: string,
 			introduced_sast_issues: [
diff --git a/src/main.ts b/src/main.ts
@@ -204,7 +204,7 @@ async function createReviewComments(secretKey: string, scanId: number): Promise<
 				path: finding.file,
 				line: finding.end_line,
 				start_line: finding.start_line,
-				body: `${finding.title}\n${finding.description}\n**Remediation:** ${finding.remediation}\n**Details**: [View details](https://app.aikido.dev/featurebranch/scan/${scanId})`
+				body: `${finding.title}\n${finding.description}\n**Remediation:** ${finding.remediation}\n**Aikido Security:**: [View details](https://app.aikido.dev/featurebranch/scan/${scanId}?groupId=${findingResponse.group_id})`
 			}
 		))
 		
diff --git a/src/postReviewComment.ts b/src/postReviewComment.ts
@@ -66,15 +66,24 @@ export const postFindingsAsReviewComments = async (findings: TFinding[]): Promis
 		}
 
 		if (typeof existingFinding === 'undefined') {
-			await octokit.rest.pulls.createReviewComment({
-				...context.repo,
-				pull_number: pullRequestNumber,
-				commit_id: finding.commit_id,
-				path: finding.path,
-				body: finding.body,
-				line: finding.line,
-				...(finding.start_line != finding.line) && { start_line: finding.start_line }
-			});
+			try {
+				await octokit.rest.pulls.createReviewComment({
+					...context.repo,
+					pull_number: pullRequestNumber,
+					commit_id: finding.commit_id,
+					path: finding.path,
+					body: finding.body,
+					line: finding.line,
+					...(finding.start_line != finding.line) && { start_line: finding.start_line }
+				});
+			} catch (error) {
+				if (error instanceof Error) {
+					core.info(`unable to post scan status comment due to error: ${error.message}. Tried posting ${JSON.stringify(finding)}`);
+				} else {
+					core.info(`unable to post scan status comment due to unknown error`);
+				}
+			}
+			
 		}
 	}
 };

Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,7 @@ export type GetScanStatusResponse =`
`25`	`25`
`26`	`26`	`export type GetScanFindingsResponse =`
`27`	`27`	`{`
	`28`	`+ group_id: number,`
`28`	`29`	`start_commit_id?: string,`
`29`	`30`	`end_commit_id: string,`
`30`	`31`	`introduced_sast_issues: [`
Original file line number	Diff line number	Diff line change
`@@ -204,7 +204,7 @@ async function createReviewComments(secretKey: string, scanId: number): Promise<`
`204`	`204`	`path: finding.file,`
`205`	`205`	`line: finding.end_line,`
`206`	`206`	`start_line: finding.start_line,`
`207`		- body: `${finding.title}\n${finding.description}\nRemediation: ${finding.remediation}\nDetails: [View details](https://app.aikido.dev/featurebranch/scan/${scanId})`
	`207`	+ body: `${finding.title}\n${finding.description}\nRemediation: ${finding.remediation}\nAikido Security:: [View details](https://app.aikido.dev/featurebranch/scan/${scanId}?groupId=${findingResponse.group_id})`
`208`	`208`	`}`
`209`	`209`	`))`
`210`	`210`