From bb2a470dd13830a797e47d23aacd7b59638976bd Mon Sep 17 00:00:00 2001
From: Ilianna Papastefanou <ilianna.papastefanou@snyk.io>
Date: Mon, 7 Dec 2020 15:51:05 +0000
Subject: [PATCH] feat: Add impact and resolve fields in sarif output.

Adds fields in sarif output but also markdown text for the Github Security tab.
CC-517

refactor: Format helpText with a replace function
---
 src/cli/commands/test/iac-output.ts                | 10 ++++++++--
 src/lib/snyk-test/iac-test-result.ts               |  7 ++++++-
 test/acceptance/cli-test/iac/cli-test.iac-utils.ts |  3 ++-
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/cli/commands/test/iac-output.ts b/src/cli/commands/test/iac-output.ts
index 3f0e671ef3..484bb34193 100644
--- a/src/cli/commands/test/iac-output.ts
+++ b/src/cli/commands/test/iac-output.ts
@@ -222,8 +222,14 @@ export function extractReportingDescriptor(
         text: `${iacTypeToText[issue.type]} ${issue.subType}`,
       },
       help: {
-        text: '',
-        markdown: issue.description,
+        text: `The issue is... \n${issue.iacDescription.issue}\n\n The impact of this is... \n ${issue.iacDescription.impact}\n\n You can resolve this by... \n${issue.iacDescription.resolve}`.replace(
+          /^\s+/g,
+          '',
+        ),
+        markdown: `**The issue is...** \n${issue.iacDescription.issue}\n\n **The impact of this is...** \n ${issue.iacDescription.impact}\n\n **You can resolve this by...** \n${issue.iacDescription.resolve}`.replace(
+          /^\s+/g,
+          '',
+        ),
       },
       defaultConfiguration: {
         level: getIssueLevel(issue.severity),
diff --git a/src/lib/snyk-test/iac-test-result.ts b/src/lib/snyk-test/iac-test-result.ts
index 228a6c036a..8056ae6464 100644
--- a/src/lib/snyk-test/iac-test-result.ts
+++ b/src/lib/snyk-test/iac-test-result.ts
@@ -1,4 +1,4 @@
-import { BasicResultData, TestDepGraphMeta, SEVERITY } from './legacy';
+import { BasicResultData, SEVERITY, TestDepGraphMeta } from './legacy';
 
 export interface AnnotatedIacIssue {
   id: string;
@@ -14,6 +14,11 @@ export interface AnnotatedIacIssue {
   name?: string;
   from?: string[];
   lineNumber?: number;
+  iacDescription: {
+    issue: string;
+    impact: string;
+    resolve: string;
+  };
 }
 
 type FILTERED_OUT_FIELDS = 'cloudConfigPath' | 'name' | 'from';
diff --git a/test/acceptance/cli-test/iac/cli-test.iac-utils.ts b/test/acceptance/cli-test/iac/cli-test.iac-utils.ts
index 253c721e9f..c692822b9d 100644
--- a/test/acceptance/cli-test/iac/cli-test.iac-utils.ts
+++ b/test/acceptance/cli-test/iac/cli-test.iac-utils.ts
@@ -281,6 +281,7 @@ export function iacTestSarifAssertions(
 
 function generateDummyIssue(severity): AnnotatedIacIssue {
   return {
+    iacDescription: { issue: '', impact: '', resolve: '' },
     id: 'SNYK-CC-K8S-1',
     title: 'Reducing the admission of containers with dropped capabilities',
     name: 'Reducing the admission of containers with dropped capabilities',
@@ -303,7 +304,7 @@ function generateDummyIssue(severity): AnnotatedIacIssue {
 }
 
 function generateDummyTestData(
-  cloudConfigResults: Array<AnnotatedIacIssue>,
+  cloudConfigResults: AnnotatedIacIssue[],
 ): IacTestResponse {
   return {
     path: '',