Merge pull request #46 from Contrast-Security-OSS/AIML-77_misc_reporting_and_error_handling_improvements

AIML-77 misc reporting and error handling improvements

Author: JacobMagesHaskinsContrast

hooks/pre-commit

@@ -0,0 +1,76 @@
+#!/bin/bash
+
+# Pre-commit hook to clean whitespace
+# This script will clean whitespace and include it in the commit
+
+set -e
+
+echo "🔍 Running pre-commit checks..."
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Function to print colored output
+print_error() {
+    echo -e "${RED}❌ $1${NC}"
+}
+
+print_success() {
+    echo -e "${GREEN}✅ $1${NC}"
+}
+
+print_warning() {
+    echo -e "${YELLOW}⚠️  $1${NC}"
+}
+
+print_info() {
+    echo -e "${BLUE}ℹ️  $1${NC}"
+}
+
+# Check if we're in the right directory
+if [ ! -f "action.yml" ] || [ ! -d "src" ]; then
+    print_error "This doesn't appear to be the contrast-ai-smartfix-action repository root"
+    exit 1
+fi
+
+# Clean trailing whitespace from staged files
+echo ""
+print_info "Cleaning trailing whitespace from staged files..."
+
+# Get list of staged files
+STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM)
+
+if [ -n "$STAGED_FILES" ]; then
+    echo "📁 Processing staged files:"
+    echo "$STAGED_FILES" | sed 's/^/  /'
+    
+    WHITESPACE_CLEANED=false
+    
+    # Apply sed command to each staged file
+    for file in $STAGED_FILES; do
+        if [ -f "$file" ]; then
+            echo "  🧹 Cleaning whitespace in: $file"
+            # Clean trailing whitespace
+            sed -i '' 's/[[:space:]]*$//' "$file"
+            # Re-stage the file with cleaned whitespace
+            git add "$file"
+            WHITESPACE_CLEANED=true
+        fi
+    done
+    
+    if [ "$WHITESPACE_CLEANED" = true ]; then
+        print_success "Whitespace cleanup completed and re-staged!"
+    else
+        print_info "No files needed whitespace cleanup"
+    fi
+else
+    print_info "No staged files detected for whitespace cleanup"
+fi
+
+echo ""
+print_success "All pre-commit checks completed successfully!"
+echo "✨ Commit proceeding..."

hooks/pre-push

@@ -0,0 +1,93 @@
+#!/bin/bash
+
+# Pre-push hook to run Python linting
+# This script will block the push if linting fails
+
+set -e
+
+echo "🔍 Running pre-push checks..."
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Function to print colored output
+print_error() {
+    echo -e "${RED}❌ $1${NC}"
+}
+
+print_success() {
+    echo -e "${GREEN}✅ $1${NC}"
+}
+
+print_warning() {
+    echo -e "${YELLOW}⚠️  $1${NC}"
+}
+
+print_info() {
+    echo -e "${BLUE}ℹ️  $1${NC}"
+}
+
+# Check if we're in the right directory
+if [ ! -f "action.yml" ] || [ ! -d "src" ]; then
+    print_error "This doesn't appear to be the contrast-ai-smartfix-action repository root"
+    exit 1
+fi
+
+# Run Python linting
+echo ""
+print_info "Running Python linter..."
+
+# Check if flake8 is installed, if not try to install it
+if ! command -v flake8 &> /dev/null; then
+    print_warning "flake8 not found. Attempting to install..."
+    if command -v pip &> /dev/null; then
+        pip install flake8
+    elif command -v pip3 &> /dev/null; then
+        pip3 install flake8
+    else
+        print_error "Neither pip nor pip3 found. Please install flake8 manually:"
+        print_error "pip install flake8"
+        exit 1
+    fi
+fi
+
+# Find all Python files in src/ and test/ directories
+PYTHON_FILES=$(find src/ test/ -name "*.py" 2>/dev/null || true)
+
+if [ -z "$PYTHON_FILES" ]; then
+    print_warning "No Python files found in src/ or test/ directories"
+    exit 0
+fi
+
+echo "📁 Found Python files:"
+echo "$PYTHON_FILES" | sed 's/^/  /'
+
+# Run flake8 on the Python files
+echo ""
+echo "🧹 Running flake8 linter..."
+
+if flake8 $PYTHON_FILES; then
+    print_success "All Python files passed linting!"
+    echo ""
+    print_success "Pre-push linting check completed successfully!"
+    echo "🚀 Push proceeding..."
+    exit 0
+else
+    echo ""
+    print_error "Linting failed! Push blocked."
+    echo ""
+    echo "💡 To fix linting issues:"
+    echo "   1. Review the errors above"
+    echo "   2. Fix the issues in your code"
+    echo "   3. Commit your fixes"
+    echo "   4. Try pushing again"
+    echo ""
+    echo "🔧 To skip all pre-push checks (not recommended):"
+    echo "   git push --no-verify"
+    echo ""
+    exit 1
+fi

src/closed_handler.py

@@ -25,7 +25,7 @@
 from src import contrast_api
 from src.config import get_config  # Using get_config function instead of direct import
 from src.utils import debug_log, extract_remediation_id_from_branch, extract_remediation_id_from_labels, log
-from src.git_handler import extract_issue_number_from_branch
+from src.git_handler import extract_issue_number_from_branch, get_pr_changed_files_count
 import src.telemetry_handler as telemetry_handler
 
 
@@ -119,10 +119,37 @@ def _extract_vulnerability_info(labels: list) -> str:
     return vuln_uuid
 
 
-def _notify_remediation_service(remediation_id: str):
+def _notify_remediation_service(remediation_id: str, pr_number: int = None):
     """Notify the Remediation backend service about the closed PR."""
     log(f"Notifying Remediation service about closed PR for remediation {remediation_id}...")
     config = get_config()
+
+    # Check if PR has no changed files (for external agents like Copilot)
+    if pr_number is not None:
+        changed_files_count = get_pr_changed_files_count(pr_number)
+        if changed_files_count == 0:
+            # PR has no changes - report as failed remediation
+            log(f"PR {pr_number} has no changed files. Reporting as failed remediation.")
+            remediation_notified = contrast_api.notify_remediation_failed(
+                remediation_id=remediation_id,
+                failure_category="GENERATE_PR_FAILURE",
+                contrast_host=config.CONTRAST_HOST,
+                contrast_org_id=config.CONTRAST_ORG_ID,
+                contrast_app_id=config.CONTRAST_APP_ID,
+                contrast_auth_key=config.CONTRAST_AUTHORIZATION_KEY,
+                contrast_api_key=config.CONTRAST_API_KEY
+            )
+
+            if remediation_notified:
+                log(f"Successfully notified Remediation service about failed remediation {remediation_id} (no changes).")
+            else:
+                log(f"Failed to notify Remediation service about failed remediation {remediation_id} (no changes).", is_error=True)
+            return
+        elif changed_files_count == -1:
+            # Error getting count, fall back to standard closed notification
+            log(f"Could not determine changed files count for PR {pr_number}. Proceeding with standard closed notification.")
+
+    # Standard PR closed notification
     remediation_notified = contrast_api.notify_remediation_pr_closed(
         remediation_id=remediation_id,
         contrast_host=config.CONTRAST_HOST,
@@ -159,7 +186,8 @@ def handle_closed_pr():
     telemetry_handler.update_telemetry("vulnInfo.vulnRule", "unknown")
 
     # Notify the Remediation backend service
-    _notify_remediation_service(remediation_id)
+    pr_number = pull_request.get("number")
+    _notify_remediation_service(remediation_id, pr_number)
 
     # Complete telemetry and finish
     telemetry_handler.update_telemetry("additionalAttributes.prStatus", "CLOSED")

src/external_coding_agent.py

@@ -163,17 +163,22 @@ def generate_fixes(self, vuln_uuid: str, remediation_id: str, vuln_title: str, i
         # Use git_handler to find if there's an existing issue with this label
         issue_number = git_handler.find_issue_with_label(vulnerability_label)
 
-        if issue_number:
-            debug_log(f"Found existing GitHub issue #{issue_number} with label {vulnerability_label}")
-            if not git_handler.reset_issue(issue_number, remediation_label):
-                log(f"Failed to reset issue #{issue_number} with labels {vulnerability_label}, {remediation_label}", is_error=True)
-                error_exit(remediation_id, FailureCategory.AGENT_FAILURE.value)
-        else:
+        if issue_number is None:
+            # Check if this is because Issues are disabled
+            if not git_handler.check_issues_enabled():
+                log("GitHub Issues are disabled for this repository. External coding agent requires Issues to be enabled.", is_error=True)
+                error_exit(remediation_id, FailureCategory.GIT_COMMAND_FAILURE.value)
+
             debug_log(f"No GitHub issue found with label {vulnerability_label}")
             issue_number = git_handler.create_issue(issue_title, issue_body, vulnerability_label, remediation_label)
             if not issue_number:
                 log(f"Failed to create issue with labels {vulnerability_label}, {remediation_label}", is_error=True)
                 error_exit(remediation_id, FailureCategory.AGENT_FAILURE.value)
+        else:
+            debug_log(f"Found existing GitHub issue #{issue_number} with label {vulnerability_label}")
+            if not git_handler.reset_issue(issue_number, remediation_label):
+                log(f"Failed to reset issue #{issue_number} with labels {vulnerability_label}, {remediation_label}", is_error=True)
+                error_exit(remediation_id, FailureCategory.AGENT_FAILURE.value)
 
         telemetry_handler.update_telemetry("additionalAttributes.externalIssueNumber", issue_number)