From f56aa3ba0392d381cd4973a00c6194d243efe4d4 Mon Sep 17 00:00:00 2001
From: cknowles-moz <cknowles@mozilla.com>
Date: Wed, 20 Mar 2024 21:17:00 -0400
Subject: [PATCH] Updated org_secret_alerts.py to include resolution and
 comment information (#130)

---
 org_secret_alerts.py | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/org_secret_alerts.py b/org_secret_alerts.py
index dd384f5..6a88d96 100755
--- a/org_secret_alerts.py
+++ b/org_secret_alerts.py
@@ -38,13 +38,35 @@ def get_secret_alerts(org, token, page=1, url="api.github.com"):
     return result
 
 
+def get_secret_comment(orgrepo, alert, token, url="api.github.com"):
+    """
+    Get the comment for an alert.  Works only if there's just one page of alert - which is what should be.
+    :param orgrepo: org/repo name
+    :param alert: the nubmer of the alert
+    :param url: host to connect to
+    :result: comma delimited data of interest.  (date closed, closer, status of closure, comment)
+    """
+    headers = {"content-type": "application/json", "Authorization": "token " + token}
+    query = f"https://{url}/repos/{orgrepo}/secret-scanning/alerts/{alert}"
+    # print(f"{query=}")
+    data = requests.get(headers=headers, url=query)
+    jsondata = data.json()
+    # Have to check to see if things are None before doing things.
+    if jsondata["resolved_by"] is None:
+        name = "None"
+    else:
+        name = jsondata["resolved_by"]["login"]
+    result_str = f"{jsondata['resolved_at']},{name},{jsondata['resolution']},{jsondata['resolution_comment']}"
+    return result_str
+
+
 def main():
     """
     Setup the lists, and loop through, handling pagination, and then printing the results at the end.
     """
     args = parse_arguments()
 
-    print("Created At,Repo,State,Secret Type,URL")
+    print("Created At,Repo,State,Secret Type,URL,Date Closed,Closer,Status,Comment")
 
     done = False
     page = 1
@@ -60,9 +82,11 @@ def main():
                 state = jsondata[item]["state"]
                 secret_type = jsondata[item]["secret_type_display_name"]
                 created_at = jsondata[item]["created_at"]
+                number = jsondata[item]["number"]
                 url = jsondata[item]["html_url"]
                 # url = f'=HYPERLINK("{jsondata[item]["html_url"]}")'
-                print(f"{created_at},{repo},{state},{secret_type},{url}")
+                commentdata = get_secret_comment(repo, number, args.token)
+                print(f"{created_at},{repo},{state},{secret_type},{url},{commentdata}")
             # print(f"{keys=}")
             page += 1
         elif data.status_code == 404: