Add summary line to secret scan (#1167)

harness · Mar 29, 2024 · 594cb3b · 594cb3b
1 parent e4db4dc
commit 594cb3b
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 4 deletions.
diff --git a/app/api/controller/githook/pre_receive_scan_secrets.go b/app/api/controller/githook/pre_receive_scan_secrets.go
@@ -76,8 +76,6 @@ func (c *Controller) scanSecrets(
 
  // pretty print output
  printScanSecretsFindings(output, scanResult.findings)
- output.Messages = append(output.Messages, "", "")
- output.Error = ptr.String("Changes blocked by security scan results")
 
  return nil
 }

diff --git a/app/api/controller/githook/print.go b/app/api/controller/githook/print.go
@@ -21,21 +21,24 @@ import (
  "github.com/harness/gitness/git/hook"
 
  "github.com/fatih/color"
+ "github.com/gotidy/ptr"
 )
 
 var (
- colorScanHeaderFound = color.New(color.BgRed, color.FgHiWhite, color.Bold)
+ colorScanHeader = color.New(color.BgRed, color.FgHiWhite, color.Bold)
+ colorScanSummary = color.New(color.FgHiRed, color.Bold)
 )
 
 func printScanSecretsFindings(out *hook.Output, findings []api.Finding) {
  findingsCnt := len(findings)
  out.Messages = append(
  out.Messages,
- colorScanHeaderFound.Sprintf(
+ colorScanHeader.Sprintf(
  " Detected leaked %s ",
  stringSecretOrSecrets(findingsCnt > 1),
  ),
  )
+
  for _, finding := range findings {
  out.Messages = append(
  out.Messages,
@@ -63,6 +66,20 @@ func printScanSecretsFindings(out *hook.Output, findings []api.Finding) {
  "",
  )
  }
+
+ out.Messages = append(out.Messages, "")
+
+ out.Messages = append(
+ out.Messages,
+ colorScanSummary.Sprintf(
+ "%d %s found",
+ findingsCnt,
+ stringSecretOrSecrets(findingsCnt > 1),
+ ),
+ )
+
+ // block the commit
+ out.Error = ptr.String("Changes blocked by security scan results")
 }
 
 func stringSecretOrSecrets(plural bool) string {