Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for migrating secret scanning resolution comments #1241

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

dlinares-linux
Copy link

Added support for migrating secret scanning resolution comments

  • Did you write/update appropriate tests
  • Release notes updated (if appropriate)
  • Appropriate logging output
  • Issue linked
  • Docs updated (or issue created)
  • New package licenses are added to ThirdPartyNotices.txt (if applicable)

Fixes #1240

@dlinares-linux dlinares-linux marked this pull request as ready for review May 3, 2024 14:35
Copy link

github-actions bot commented May 3, 2024

Unit Test Results

811 tests   811 ✅  22s ⏱️
  1 suites    0 💤
  1 files      0 ❌

Results for commit cc8aa0c.

♻️ This comment has been updated with latest results.

Copy link
Collaborator

@ArinGhazarian ArinGhazarian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution. Had a few questions but looks good overall.

{
state,
resolution,
resolution_comment = resolutionComment ?? string.Empty
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is it being set to empty string? If nothing is passed it makes sense for the default to be null.

Suggested change
resolution_comment = resolutionComment ?? string.Empty
resolution_comment = resolutionComment

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello, thanks for the comments.
Added it that way to align with what is done for the dismissedComment for code scanning alerts (cf. https://github.com/github/gh-gei/blob/main/src/Octoshift/Services/GithubApi.cs#L933 )

       var payload = state == "open"
            ? (new { state })
            : (object)(new
            {
                state,
                dismissed_reason = dismissedReason,
                dismissed_comment = dismissedComment ?? string.Empty
            });
        await _client.PatchAsync(url, payload);

Your suggestion makes sense though, so would you prefer me to do that in a separate pull request to align both changes, or change both it in this pull request?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋 ok got it. So I guess as you said the other one needs to be changed too. I think it's better to do that one in a separate PR.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Understood. I have opened #1248 and added your suggestions there. Thanks again!

@@ -2782,6 +2789,30 @@ public async Task UpdateSecretScanningAlert_Calls_The_Right_Endpoint_With_Payloa
_githubClientMock.Verify(m => m.PatchAsync(url, It.Is<object>(x => x.ToJson() == payload.ToJson()), null));
}


[Fact]
public async Task UpdateSecretScanningAlert_Replaces_Null_Resolution_Comment_With_Empty_String()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Based on my earlier comment we probably won't need this test.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed.
And if we align with code scanning, we probably don't need that test either: UpdateCodeScanningAlert_Replaces_Null_Dismissed_Comment_With_Empty_String

As per previous comment, happy to do a separate pull request to align both code scanning and secret scanning, or do the changes in this one.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have opened #1248 and added your suggestions there. Thanks again!
Happy to work on it next.

}

[Fact]
public async Task One_Secret_Updated_With_No_Resolution_Comment()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this adds value, seems like a bit of an overkill IMO.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What would be your preferred option:

  1. remove completely that test. This would align with the current tests for code scanning where a dismissedComment is always set (so we are not testing the use case where no comments were set)
  2. rework both code scanning and secret scanning tests to "squeeze" one alert with no comment (to exercise the code, but not as a separate test case).
  3. keep that test separate and add a similar overkill test in code scanning 😄

Copy link
Collaborator

@ArinGhazarian ArinGhazarian May 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I am leaning towards option 1, since the way I think about this is a scenario where no comments are set still means we're setting it but to a null value and we have test coverage that shows we indeed use the passed value and pass it along.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks again for all the comments. I have now removed that test case.

Copy link

Code Coverage

Package Line Rate Branch Rate Complexity Health
bbs2gh 78% 73% 651
ado2gh 84% 78% 627
Octoshift 87% 76% 1275
gei 79% 70% 519
Summary 83% (6835 / 8186) 75% (1536 / 2046) 3072

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[gei] Add support for migrating secret scanning resolution comments
3 participants