From a0a9aac482c5ee69cb0f2d93ff4d94c3b7b98a21 Mon Sep 17 00:00:00 2001
From: i050994 <thibault.lefaix@sap.com>
Date: Mon, 7 Oct 2024 13:35:04 +0200
Subject: [PATCH] Fix influx counter for whitesource

---
 cmd/whitesourceExecuteScan.go      | 6 +++---
 cmd/whitesourceExecuteScan_test.go | 9 +++++++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/cmd/whitesourceExecuteScan.go b/cmd/whitesourceExecuteScan.go
index 1987466d13..80574cf98a 100644
--- a/cmd/whitesourceExecuteScan.go
+++ b/cmd/whitesourceExecuteScan.go
@@ -847,9 +847,9 @@ func checkProjectSecurityViolations(config *ScanOptions, cvssSeverityLimit float
 	}
 
 	severeVulnerabilities, nonSevereVulnerabilities := ws.CountSecurityVulnerabilities(&alerts, cvssSeverityLimit)
-	influx.whitesource_data.fields.minor_vulnerabilities = nonSevereVulnerabilities
-	influx.whitesource_data.fields.major_vulnerabilities = severeVulnerabilities
-	influx.whitesource_data.fields.vulnerabilities = nonSevereVulnerabilities + severeVulnerabilities
+	influx.whitesource_data.fields.minor_vulnerabilities += nonSevereVulnerabilities
+	influx.whitesource_data.fields.major_vulnerabilities += severeVulnerabilities
+	influx.whitesource_data.fields.vulnerabilities += (nonSevereVulnerabilities + severeVulnerabilities)
 	if nonSevereVulnerabilities > 0 {
 		log.Entry().Warnf("WARNING: %v Open Source Software Security vulnerabilities with "+
 			"CVSS score below threshold %.1f detected in project %s.", nonSevereVulnerabilities,
diff --git a/cmd/whitesourceExecuteScan_test.go b/cmd/whitesourceExecuteScan_test.go
index b9c7e22b59..f130abd064 100644
--- a/cmd/whitesourceExecuteScan_test.go
+++ b/cmd/whitesourceExecuteScan_test.go
@@ -729,6 +729,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
 		assert.Equal(t, 0, severeVulnerabilities)
 		assert.Equal(t, 0, len(alerts))
 		assert.Equal(t, 0, len(assessedAlerts))
+		assert.Equal(t, 0, influx.whitesource_data.fields.minor_vulnerabilities)
+		assert.Equal(t, 0, influx.whitesource_data.fields.major_vulnerabilities)
+		assert.Equal(t, 0, influx.whitesource_data.fields.vulnerabilities)
 	})
 
 	t.Run("error - some vulnerabilities", func(t *testing.T) {
@@ -744,6 +747,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
 		assert.Equal(t, 1, severeVulnerabilities)
 		assert.Equal(t, 2, len(alerts))
 		assert.Equal(t, 0, len(assessedAlerts))
+		assert.Equal(t, 1, influx.whitesource_data.fields.minor_vulnerabilities)
+		assert.Equal(t, 1, influx.whitesource_data.fields.major_vulnerabilities)
+		assert.Equal(t, 2, influx.whitesource_data.fields.vulnerabilities)
 	})
 
 	t.Run("success - assessed vulnerabilities", func(t *testing.T) {
@@ -759,6 +765,9 @@ func TestCheckProjectSecurityViolations(t *testing.T) {
 		assert.Equal(t, 0, severeVulnerabilities)
 		assert.Equal(t, 0, len(alerts))
 		assert.Equal(t, 2, len(assessedAlerts))
+		assert.Equal(t, 0, influx.whitesource_data.fields.minor_vulnerabilities)
+		assert.Equal(t, 0, influx.whitesource_data.fields.major_vulnerabilities)
+		assert.Equal(t, 0, influx.whitesource_data.fields.vulnerabilities)
 	})
 
 	t.Run("error - WhiteSource failure", func(t *testing.T) {