[scan report] Add --short flag for CI type of use cases (#365)

pvdz · web-flow · commit 1c5b07a6a668 · 2025-03-14T11:12:34.000-04:00
diff --git a/src/commands/scan/cmd-scan-report.test.ts b/src/commands/scan/cmd-scan-report.test.ts
@@ -28,6 +28,7 @@ describe('socket scan report', async () => {
           --markdown        Output result as markdown
           --reportLevel     Which policy level alerts should be reported
           --security        Report the security policy status. Default: true
+          --short           Report only the healthy status
 
         This consumes 1 quota unit plus 1 for each of the requested policy types.
 
@@ -43,6 +44,8 @@ describe('socket scan report', async () => {
         By default only the warn and error policy level alerts are reported. You can
         override this and request more ('defer' < 'ignore' < 'monitor' < 'warn' < 'error')
 
+        Short responses: JSON: \`{healthy:bool}\`, markdown: \`healthy = bool\`, text: \`OK/ERR\`
+
         Examples
           $ socket scan report FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 --json --fold=version"
     `
diff --git a/src/commands/scan/cmd-scan-report.ts b/src/commands/scan/cmd-scan-report.ts
@@ -34,6 +34,11 @@ const config: CliCommandConfig = {
       default: 'warn',
       description: 'Which policy level alerts should be reported'
     },
+    short: {
+      type: 'boolean',
+      default: false,
+      description: 'Report only the healthy status'
+    },
     // license: {
     //   type: 'boolean',
     //   default: true,
@@ -66,6 +71,8 @@ const config: CliCommandConfig = {
     By default only the warn and error policy level alerts are reported. You can
     override this and request more ('defer' < 'ignore' < 'monitor' < 'warn' < 'error')
 
+    Short responses: JSON: \`{healthy:bool}\`, markdown: \`healthy = bool\`, text: \`OK/ERR\`
+
     Examples
       $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 --json --fold=version
   `
@@ -138,6 +145,7 @@ async function run(
     outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
     filePath: file,
     fold: fold as 'none' | 'file' | 'pkg' | 'version',
+    short: !!cli.flags['short'],
     reportLevel: reportLevel as
       | 'warn'
       | 'error'
diff --git a/src/commands/scan/generate-report.ts b/src/commands/scan/generate-report.ts
@@ -12,6 +12,9 @@ type PackageMap = Map<string, ReportLeafNode | VersionMap>
 type EcoMap = Map<string, ReportLeafNode | PackageMap>
 export type ViolationsMap = Map<string, EcoMap>
 
+export interface ShortScanReport {
+  healthy: boolean
+}
 export interface ScanReport {
   orgSlug: string
   scanId: string
@@ -35,14 +38,16 @@ export function generateReport(
     fold,
     orgSlug,
     reportLevel,
-    scanId
+    scanId,
+    short
   }: {
-    orgSlug: string
-    scanId: string
     fold: 'pkg' | 'version' | 'file' | 'none'
+    orgSlug: string
     reportLevel: 'defer' | 'ignore' | 'monitor' | 'warn' | 'error'
+    scanId: string
+    short: boolean
   }
-): ScanReport {
+): ScanReport | ShortScanReport {
   const now = Date.now()
 
   // Lazily access constants.spinner.
@@ -95,20 +100,22 @@ export function generateReport(
           switch (action) {
             case 'error': {
               healthy = false
-              addAlert(
-                artifact,
-                violations,
-                fold,
-                ecosystem,
-                pkgName,
-                version,
-                alert,
-                action
-              )
+              if (!short) {
+                addAlert(
+                  artifact,
+                  violations,
+                  fold,
+                  ecosystem,
+                  pkgName,
+                  version,
+                  alert,
+                  action
+                )
+              }
               break
             }
             case 'warn': {
-              if (reportLevel !== 'error') {
+              if (!short && reportLevel !== 'error') {
                 addAlert(
                   artifact,
                   violations,
@@ -123,7 +130,7 @@ export function generateReport(
               break
             }
             case 'monitor': {
-              if (reportLevel !== 'warn' && reportLevel !== 'error') {
+              if (!short && reportLevel !== 'warn' && reportLevel !== 'error') {
                 addAlert(
                   artifact,
                   violations,
@@ -140,6 +147,7 @@ export function generateReport(
 
             case 'ignore': {
               if (
+                !short &&
                 reportLevel !== 'warn' &&
                 reportLevel !== 'error' &&
                 reportLevel !== 'monitor'
@@ -160,7 +168,7 @@ export function generateReport(
 
             case 'defer': {
               // Not sure but ignore for now. Defer to later ;)
-              if (reportLevel === 'defer') {
+              if (!short && reportLevel === 'defer') {
                 addAlert(
                   artifact,
                   violations,
@@ -186,13 +194,15 @@ export function generateReport(
 
   spinner.successAndStop(`Generated reported in ${Date.now() - now} ms`)
 
-  const report = {
-    healthy,
-    orgSlug,
-    scanId,
-    options: { fold, reportLevel },
-    alerts: violations
-  }
+  const report = short
+    ? { healthy }
+    : {
+        healthy,
+        orgSlug,
+        scanId,
+        options: { fold, reportLevel },
+        alerts: violations
+      }
 
   return report
 }
diff --git a/src/commands/scan/report-full-scan.ts b/src/commands/scan/report-full-scan.ts
@@ -18,7 +18,8 @@ export async function reportFullScan({
   includeSecurityPolicy,
   orgSlug,
   outputKind,
-  reportLevel
+  reportLevel,
+  short
 }: {
   orgSlug: string
   fullScanId: string
@@ -28,6 +29,7 @@ export async function reportFullScan({
   filePath: string
   fold: 'pkg' | 'version' | 'file' | 'none'
   reportLevel: 'defer' | 'ignore' | 'monitor' | 'warn' | 'error'
+  short: boolean
 }): Promise<void> {
   logger.error(
     'output:',
@@ -67,15 +69,22 @@ export async function reportFullScan({
       orgSlug,
       scanId: fullScanId,
       fold,
+      short,
       reportLevel
     }
   )
 
+  if (!scanReport.healthy) {
+    process.exitCode = 1
+  }
+
   if (
     outputKind === 'json' ||
     (outputKind === 'text' && filePath && filePath.endsWith('.json'))
   ) {
-    const json = toJsonReport(scanReport)
+    const json = short
+      ? JSON.stringify(scanReport)
+      : toJsonReport(scanReport as ScanReport)
 
     if (filePath && filePath !== '-') {
       logger.log('Writing json report to', filePath)
@@ -87,7 +96,9 @@ export async function reportFullScan({
   }
 
   if (outputKind === 'markdown' || (filePath && filePath.endsWith('.md'))) {
-    const md = toMarkdownReport(scanReport)
+    const md = short
+      ? `healthy = ${scanReport.healthy}`
+      : toMarkdownReport(scanReport as ScanReport)
 
     if (filePath && filePath !== '-') {
       logger.log('Writing markdown report to', filePath)
@@ -98,7 +109,11 @@ export async function reportFullScan({
     return
   }
 
-  logger.dir(scanReport, { depth: null })
+  if (short) {
+    logger.log(scanReport.healthy ? 'OK' : 'ERR')
+  } else {
+    logger.dir(scanReport, { depth: null })
+  }
 }
 
 export function toJsonReport(report: ScanReport): string {
