SIGINT-2714: ADO: create SARIF with .sarif format for ADO

Author: kiranblackduck

.github/workflows/check-dist.yml

@@ -47,7 +47,7 @@ jobs:
         id: diff
 
       # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

blackduck-security-task/dist/index.js

@@ -430,7 +430,7 @@ export const BRIDGECLI_INSTALL_DIRECTORY_KEY_CLASSIC_EDITOR =
 
 export const UPLOAD_FOLDER_ARTIFACT_NAME = "bridge_cli_diagnostics";
 export const BRIDGE_CLI_LOCAL_DIRECTORY = ".bridge";
-export const SARIF_DEFAULT_FILE_NAME = "report.sarif.json";
+export const SARIF_DEFAULT_FILE_NAME = "report.sarif.sarif";
 export const DEFAULT_BLACKDUCK_SARIF_GENERATOR_DIRECTORY =
   "Blackduck SCA SARIF Generator";
 export const DEFAULT_POLARIS_SARIF_GENERATOR_DIRECTORY =

blackduck-security-task/dist/index.js.map

@@ -6,6 +6,7 @@ export interface AzureData {
   organization: Organization;
   project: Project;
   repository: Repository;
+  sarifExtension: string;
 }
 
 export interface Api {

blackduck-security-task/src/blackduck-security-task/application-constant.ts

@@ -228,6 +228,16 @@ export class BridgeCliToolsParameter {
     if (parseToBoolean(inputs.POLARIS_REPORTS_SARIF_CREATE)) {
       if (!isPullRequest) {
         polData.data.polaris.reports = this.setSarifReportsInputsForPolaris();
+        polData.data.azure = this.setAzureData(
+          "",
+          AZURE_TOKEN,
+          "",
+          "",
+          "",
+          "",
+          ""
+        );
+        polData.data.azure.sarifExtension = "sarif";
       } else {
         console.info(
           "Polaris SARIF report create/upload is ignored for pull request scan"
@@ -396,6 +406,10 @@ export class BridgeCliToolsParameter {
       if (!isPullRequest) {
         blackduckData.data.blackducksca.reports =
           this.setSarifReportsInputsForBlackduck();
+        blackduckData.data.azure = azureData;
+        if (blackduckData.data.azure) {
+          blackduckData.data.azure.sarifExtension = "sarif";
+        }
       } else {
         console.info(
           "Black Duck SCA SARIF report create/upload is ignored for pull request scan"
@@ -908,6 +922,7 @@ export class BridgeCliToolsParameter {
         },
         pull: {},
       },
+      sarifExtension: "sarif",
     };
 
     if (azurePullRequestNumber != null) {

blackduck-security-task/src/blackduck-security-task/model/azure.ts

@@ -54,6 +54,7 @@ describe("getPullRequestIdForClassicEditorFlow", () => {
                 },
                 pull: {},
             },
+            sarifExtension:"sarif"
         };
 
 

blackduck-security-task/src/blackduck-security-task/tools-parameter.ts

@@ -1364,6 +1364,7 @@ describe("Bridge CLI Tools Parameter test", () => {
             expect(jsonData.data.blackducksca.reports.sarif.file.path).to.be.equals('test-path');
             expect(jsonData.data.blackducksca.reports.sarif.severities).to.be.contains('CRITICAL');
             expect(jsonData.data.blackducksca.reports.sarif.groupSCAIssues).to.be.equals(false);
+            expect(jsonData.data.azure.sarifExtension).to.be.equals("sarif")
             expect(formattedCommand).contains('--stage blackducksca');
 
             blackduckStateFile = '"'.concat(blackduckStateFile).concat('"');