Show secrets findings in comment (#108)

m-mizutani · Jun 10, 2024 · 9b7cea9 · 9b7cea9
1 parent 39408ed
commit 9b7cea9
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/pkg/usecase/comment_githug_pr_test.go b/pkg/usecase/comment_githug_pr_test.go
@@ -30,6 +30,19 @@ func TestRenderScanReport(t *testing.T) {
 					{VulnerabilityID: "CVE-0000-0003", PkgName: "pkg4", Vulnerability: trivy.Vulnerability{Title: "Vuln title3", Severity: "CRITICAL"}},
 				},
 			},
+			{
+				Target: "target3",
+				Secrets: []trivy.SecretFinding{
+					{
+						RuleID:    "slack-web-hook",
+						Category:  "Slack",
+						Severity:  "HIGH",
+						Title:     "Slack Web Hook",
+						StartLine: 14,
+						EndLine:   15,
+					},
+				},
+			},
 		},
 	}
 	added := trivy.Results{

diff --git a/pkg/usecase/templates/comment_body.md b/pkg/usecase/templates/comment_body.md
@@ -57,11 +57,24 @@
 {{ if ne .Metadata.TotalVulnCount 0 }}
 ## ⚠️ All detected vulnerabilities
 {{ range .Report.Results }}
+
+{{ if gt (len .Vulnerabilities) 0 }}
 <details>
 <summary>{{ .Target }}: ({{ .Vulnerabilities | len }})</summary>
 
 {{ range .Vulnerabilities }}- {{ .VulnerabilityID }}: ( `{{ .PkgName }}` ) {{ .Title }}
 {{ end }}
 </details>
+{{ end }}
+
+{{ if gt (len .Secrets) 0 }}
+<details>
+<summary>{{ .Target }}: ({{ .Secrets | len }})</summary>
+
+{{ range .Secrets }}- `{{ .RuleID }}`: {{ .Title }} ({{ .StartLine }}L-{{ .EndLine }}L)
+{{ end }}
+</details>
+{{ end }}
+
 {{ end }}
 {{ end }}