Skip to content

Commit

Permalink
updates (#32)
Browse files Browse the repository at this point in the history 
* Fix string equation

* Making changes so the alerts counts get shown again
  • Loading branch information
@rajbos
rajbos authored Oct 24, 2023
1 parent 1c88e6e commit d981d79
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 32 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/createExampleRepos.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
MANUAL_RUN: ${{ github.event.inputs.provisionCount }}
run: |
# check if we are running from workflow_dispatch
if ("${{ github.event_name }}" == 'workflow_dispatch') {
if ("${{ github.event_name }}" -eq "workflow_dispatch") {
# override the provision count from the input
$env:PROVISIONCOUNT = $env:MANUAL_RUN
}
Expand Down
2 changes: 1 addition & 1 deletion vss-extension-dev.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"manifestVersion": 1,
"id": "GHAzDoWidget-DEV",
"version": "0.2.194",
"version": "0.2.209",
"public": false,
"name": "Advanced Security dashboard Widgets [DEV]",
"description": "[DEV] GitHub Advanced Security for Azure DevOps dashboard widgets",
Expand Down
55 changes: 32 additions & 23 deletions widgets/library.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,37 +82,46 @@ async function getAlerts(organization, projectName, repoId) {
try {
// first check if GHAzDo is enabled or not
url = `https://advsec.dev.azure.com/${organization}/${projectName}/_apis/Management/repositories/${repoId}/enablement?api-version=7.2-preview.1`
const featuresEnabledResult = await authenticatedGet(url);
if (!featuresEnabledResult || !featuresEnabledResult.advSecEnabled) {
consoleLog(`GHAzDo is not enabled for this repo [${repoId}]`);
return values;
}
//const featuresEnabledResult = await authenticatedGet(url);

//authenticatedGet(url).then(featuresEnabledResult => {
// if (!featuresEnabledResult || !featuresEnabledResult.advSecEnabled) {
// consoleLog(`GHAzDo is not enabled for this repo [${repoId}]`);
// return values;
// }

// todo: use pagination option, now: get the first 5000 alerts
url = `https://advsec.dev.azure.com/${organization}/${projectName}/_apis/AdvancedSecurity/repositories/${repoId}/alerts?top=5000&criteria.onlyDefaultBranchAlerts=true&criteria.states=1&api-version=7.2-preview.1`;
//consoleLog(`Calling url: [${url}]`);
const alertResult = await authenticatedGet(url);
//authenticatedGet(url).then(alertResult => {
if (!alertResult || !alertResult.count) {
//consoleLog('alertResult is null');
return values;
}
else {
//consoleLog('alertResult count: ' + alertResult.count);

// no pagination option, so just get the first 5000 alerts
url = `https://advsec.dev.azure.com/${organization}/${projectName}/_apis/AdvancedSecurity/repositories/${repoId}/alerts?top=5000&criteria.onlyDefaultBranchAlerts=true&criteria.states=1&api-version=7.2-preview.1`;
//consoleLog(`Calling url: [${url}]`);
const alertResult = await authenticatedGet(url);
if (!alertResult || !alertResult.count) {
//consoleLog('alertResult is null');
}
else {
//consoleLog('alertResult count: ' + alertResult.count);
const dependencyAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.DEPENDENCY.name);
const secretAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.SECRET.name);
const codeAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.CODE.name);

const dependencyAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.DEPENDENCY.name);
const secretAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.SECRET.name);
const codeAlerts = alertResult.value.filter(alert => alert.alertType === AlertType.CODE.name);
values.count = alertResult.count;
values.dependencyAlerts = dependencyAlerts.length;
values.secretAlerts = secretAlerts.length;
values.codeAlerts = codeAlerts.length;

return values;
}
//});
//});

values.count = alertResult.count;
values.dependencyAlerts = dependencyAlerts.length;
values.secretAlerts = secretAlerts.length;
values.codeAlerts = codeAlerts.length;
}
}
catch (err) {
consoleLog('error in calling the advec api: ' + err);
}

return values;
//return values;
}

async function getAlertsTrendLines(organization, projectName, repoId) {
Expand Down
41 changes: 34 additions & 7 deletions widgets/widgets/testing_widget/testing.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,31 +64,58 @@
}

function showAlertInfo(organization, project, repo, repoAlerts, $queryinfocontainer) {
const $projectli = $queryinfocontainer.find(`#${project.id}`);
const $projectul = $projectli.find('ul');
//consoleLog(`Found [${JSON.stringify(repoAlerts)}] dependency alerts for repo [${repo.name}]`)
$projectul.append(`<li>${repo.name} (${repoAlerts.dependencyAlerts}/${repoAlerts.secretAlerts}/${repoAlerts.codeAlerts})</li>\n`);
if (repoAlerts) {
const $projectli = $queryinfocontainer.find(`#${project.id}`);
const $projectul = $projectli.find('ul');
//consoleLog(`Found [${JSON.stringify(repoAlerts)}] dependency alerts for repo [${repo.name}]`)
$projectul.append(`<li>${repo.name} (${repoAlerts.dependencyAlerts}/${repoAlerts.secretAlerts}/${repoAlerts.codeAlerts})</li>\n`);

setAlertValues(repoAlerts, organization, project.name);
setAlertValues(repoAlerts, organization, project.name);
}
}

function showRepoInfo(repos, project, organization) {
//consoleLog(`Found [${repos?.length}] repos for project [${project.name}]`);

var repoCounter = $('p.repoCount');
var currentValue = parseInt(repoCounter.text());
repoCounter.text(currentValue + repos.length);
var repoCount = 0
if (Array.isArray(repos)) {
repoCount = repos.length;
}
else {
repoCount = 1;
}
repoCounter.text(currentValue + repoCount);

if (repos.length > 0) {
if (repoCount > 0) {
const $projectli = $queryinfocontainer.find(`#${project.id}`);
$projectli.append(`<ul>\n`);
}

for (let repoIndex in repos) {
const repo = repos[repoIndex];
// call and let the promise handle the rest
getAlerts(organization, project.name, repo.id).then(
repoAlerts => showAlertInfo(organization, project, repo, repoAlerts, $queryinfocontainer)
);
// wait .250 seconds between calls
setTimeout(() => { }, 250);
// new Promise((resolve, reject) => {
// getAlerts(organization, project.name, repo.id)
// .then(repoAlerts => {
// resolve(repoAlerts);
// })
// .catch(error => {
// reject(error);
// });
// }).then(repoAlerts => {
// showAlertInfo(organization, project, repo, repoAlerts, $queryinfocontainer);
// }).catch(error => {
// console.error(error);
// });
// wait .2 seconds between calls
//sleep(200);
}

if (repos.length > 0) {
Expand Down

0 comments on commit d981d79

Please sign in to comment.