feat: add support for custom PR comments (#16)

action.yml

@@ -51,6 +51,25 @@ inputs:
     description: 'Comment pull requests if no violations found'
     required: false
     default: 'true'
+  no-policy-violations-found-comment:
+    description: 'PR comment to post when no policy violations are found'
+    required: false
+    # language=markdown
+    default: |-
+      # :white_check_mark: Black Duck - None of your dependencies violate policy!
+  policy-violations-found-comment-warning:
+    description: 'Warning PR comment to post when policy violations are found'
+    required: false
+    # language=markdown
+    default: |-
+      # :warning: Black Duck - Found dependencies violating policy!
+  policy-violations-found-comment-failure:
+    description: 'Failure PR comment to post when policy violations are found'
+    required: false
+    # language=markdown
+    default: |-
+      # :x: Black Duck - Found dependencies violating policy!
+
 outputs:
   detect-exit-code:
     description: 'A number indicating Detect exit code'

src/detect/detect-facade.ts

@@ -155,6 +155,12 @@ export class DetectFacade {
     const reportResult = await this.blackDuckReportGenerator.generateReport(
       scanJsonPaths[0],
       {
+        noPolicyViolationsFoundComment:
+          this.inputs.noPolicyViolationsFoundComment,
+        policyViolationsFoundCommentWarning:
+          this.inputs.policyViolationsFoundCommentWarning,
+        policyViolationsFoundCommentFailure:
+          this.inputs.policyViolationsFoundCommentFailure,
         failureConditionsMet,
         maxSize: MAX_REPORT_SIZE
       }

src/input/inputs.ts

@@ -11,6 +11,9 @@ export interface Inputs {
   detectTrustCertificate: string
   failIfDetectFails: boolean
   commentPrOnSuccess: boolean
+  noPolicyViolationsFoundComment: string
+  policyViolationsFoundCommentWarning: string
+  policyViolationsFoundCommentFailure: string
 }
 
 export enum Input {
@@ -24,7 +27,10 @@ export enum Input {
   OUTPUT_PATH_OVERRIDE = 'output-path-override',
   DETECT_TRUST_CERTIFICATE = 'detect-trust-cert',
   FAIL_IF_DETECT_FAILS = 'fail-if-detect-fails',
-  COMMENT_PR_ON_SUCCESS = 'comment-pr-on-success'
+  COMMENT_PR_ON_SUCCESS = 'comment-pr-on-success',
+  NO_POLICY_VIOLATIONS_FOUND_COMMENT = 'no-policy-violations-found-comment',
+  POLICY_VIOLATIONS_FOUND_COMMENT_WARNING = 'policy-violations-found-comment-warning',
+  POLICY_VIOLATIONS_FOUND_COMMENT_FAILURE = 'policy-violations-found-comment-failure'
 }
 
 export function gatherInputs(): Inputs {
@@ -38,6 +44,11 @@ export function gatherInputs(): Inputs {
   const detectTrustCertificate = getInputDetectTrustCertificate()
   const failIfDetectFails = getInputFailIfDetectFails()
   const commentPrOnSuccess = getInputCommentPrOnSuccess()
+  const noPolicyViolationsFoundComment = getNoPolicyViolationsFoundComment()
+  const policyViolationsFoundCommentWarning =
+    getPolicyViolationsFoundCommentWarning()
+  const policyViolationsFoundCommentFailure =
+    getPolicyViolationsFoundCommentFailure()
   return {
     token,
     blackDuckUrl,
@@ -48,7 +59,10 @@ export function gatherInputs(): Inputs {
     outputPathOverride,
     detectTrustCertificate,
     failIfDetectFails,
-    commentPrOnSuccess
+    commentPrOnSuccess,
+    noPolicyViolationsFoundComment,
+    policyViolationsFoundCommentWarning,
+    policyViolationsFoundCommentFailure
   }
 }
 
@@ -91,3 +105,15 @@ function getInputFailIfDetectFails(): boolean {
 function getInputCommentPrOnSuccess(): boolean {
   return core.getBooleanInput(Input.COMMENT_PR_ON_SUCCESS)
 }
+
+function getNoPolicyViolationsFoundComment(): string {
+  return core.getInput(Input.NO_POLICY_VIOLATIONS_FOUND_COMMENT)
+}
+
+function getPolicyViolationsFoundCommentWarning(): string {
+  return core.getInput(Input.POLICY_VIOLATIONS_FOUND_COMMENT_WARNING)
+}
+
+function getPolicyViolationsFoundCommentFailure(): string {
+  return core.getInput(Input.POLICY_VIOLATIONS_FOUND_COMMENT_FAILURE)
+}

src/report/blackduck-report-generator.ts

@@ -15,13 +15,6 @@ const HEADER =
   '| Policies Violated | Dependency | License(s) | Vulnerabilities | Short Term Recommended Upgrade | Long Term Recommended Upgrade |'
 const HEADER_ALIGNMENT = '|-|-|-|-|-|-|'
 
-const SUCCESS_COMMENT =
-  '# :white_check_mark: Black Duck - None of your dependencies violate policy!'
-const FAIL_COMMENT = (fail: boolean): string =>
-  `# ${
-    fail ? ':x:' : ':warning:'
-  } Black Duck - Found dependencies violating policy!`
-
 export class BlackDuckReportGenerator
   implements ReportGenerator<ReportProperties, ReportResult>
 {
@@ -39,7 +32,10 @@ export class BlackDuckReportGenerator
     textBuilder: TextBuilder,
     properties: ReportProperties
   ): void {
-    textBuilder.addLines(FAIL_COMMENT(properties.failureConditionsMet))
+    const comment = properties.failureConditionsMet
+      ? properties.policyViolationsFoundCommentFailure
+      : properties.policyViolationsFoundCommentWarning
+    textBuilder.addLines(comment)
   }
 
   private addHeaderToTextBuilder(textBuilder: TextBuilder): void {
@@ -78,9 +74,11 @@ export class BlackDuckReportGenerator
     return isContentTruncated
   }
 
-  private async generateSuccessReport(): Promise<ReportResult> {
+  private async generateSuccessReport(
+    properties: ReportProperties
+  ): Promise<ReportResult> {
     return {
-      report: SUCCESS_COMMENT,
+      report: properties.noPolicyViolationsFoundComment,
       failed: false,
       truncated: false,
       hasPolicyViolations: false
@@ -116,7 +114,7 @@ export class BlackDuckReportGenerator
       await this.blackDuckScanReportGenerator.generateReport(path)
     return blackDuckScanReport.hasPolicyViolations
       ? this.generateFailureReport(blackDuckScanReport.reports, properties)
-      : this.generateSuccessReport()
+      : this.generateSuccessReport(properties)
   }
 
   private getViolatedPolicies(violatedPolicies: string[]): string {

src/report/report-properties.ts

@@ -1,4 +1,7 @@
 export interface ReportProperties {
+  noPolicyViolationsFoundComment: string
+  policyViolationsFoundCommentWarning: string
+  policyViolationsFoundCommentFailure: string
   failureConditionsMet: boolean
   maxSize?: number
 }