canonical · DnPlas · Aug 20, 2024 · Aug 15, 2024 · Aug 16, 2024 · Aug 16, 2024
diff --git a/scripts/cve-reports/README.md b/scripts/cve-reports/README.md
@@ -14,6 +14,8 @@ send-scan.py --report-path <path-to-report(s)> --jira-url <URL-to-Jira>
 
 - `--report-path` - Specifies location of report(s). If it is single file, it will be parsed on its own. If it is a directory all files in the directory will be parsed one by one. Only JSON and SARIF formats are supported.
 - `--jira-url` - Specifies URL of Jira automation to which reports should be sent.
+- `--add-github-meta` - Adds GitHub metadata to sent request.
+- `--verbose` - Prints out sent body and return code of request.
 
 ## Testing
 

diff --git a/scripts/cve-reports/send-scan.py b/scripts/cve-reports/send-scan.py
@@ -1,5 +1,5 @@
 #!/usr/bin/python3
-# Copyright 2023 Canonical Ltd.
+# Copyright 2024 Canonical Ltd.
 # See LICENSE file for licensing details.
 #
 
@@ -19,6 +19,16 @@
 }
 
 
+def get_github_meta():
+    """Get GitHub Metadata"""
+    return {
+        "github_server_url": os.getenv("GITHUB_SERVER_URL"),
+        "github_run_id": os.getenv("GITHUB_RUN_ID"),
+        "github_sha": os.getenv("GITHUB_SHA"),
+        "github_repository": os.getenv("GITHUB_REPOSITORY"),
+    }
+
+
 def parse_json(filename):
     """Parse JSON file"""
     record_list = []
@@ -58,7 +68,6 @@ def parse_json(filename):
                     "priority": severity_to_priority_map.get(vuln["Severity"], "Lowest"),
                 }
             )
-
     return record_list
 
 
@@ -100,13 +109,12 @@ def parse_sarif(filename):
                 "priority": severity_to_priority_map.get(severity, "Lowest"),
             }
         )
-
     return record_list
 
 
-def main(report_path, jira_url):
+def main(report_path, jira_url, gh_meta=False, verbose=False):
     input_path = Path(report_path)
-
+    gh_metadata = get_github_meta() if gh_meta else None
     file_list = []
     if input_path.is_dir():
         # directory is supplied, retrieve list of files
@@ -133,12 +141,19 @@ def main(report_path, jira_url):
 
         # send records
         for record in records:
-            requests.post(jira_url, json=record)
+            if gh_metadata is not None:
+                record = {**record, **gh_metadata}
+            res = requests.post(jira_url, json=record)
+            if verbose:
+                print(record)
+                print(res)
 
 
 if __name__ == "__main__":
     parser = argparse.ArgumentParser()
     parser.add_argument("--report-path")
     parser.add_argument("--jira-url")
+    parser.add_argument("--add-github-meta", action="store_true")
+    parser.add_argument("--verbose", action="store_true")
     args = parser.parse_args()
-    main(args.report_path, args.jira_url)
+    main(args.report_path, args.jira_url, args.add_github_meta, args.verbose)