feat(radar): export radar data

backend/src/server/plugins/secret-scanner.ts

@@ -1,3 +1,4 @@
+import type { EmitterWebhookEventName } from "@octokit/webhooks/dist-types/types";
 import { PushEvent } from "@octokit/webhooks-types";
 import { Probot } from "probot";
 import SmeeClient from "smee-client";
@@ -54,14 +55,14 @@ export const registerSecretScannerGhApp = async (server: FastifyZodProvider) =>
         rateLimit: writeLimit
       },
       handler: async (req, res) => {
-        const eventName = req.headers["x-github-event"];
+        const eventName = req.headers["x-github-event"] as EmitterWebhookEventName;
         const signatureSHA256 = req.headers["x-hub-signature-256"] as string;
         const id = req.headers["x-github-delivery"] as string;
+
         await probot.webhooks.verifyAndReceive({
           id,
-          // @ts-expect-error type
           name: eventName,
-          payload: req.body as string,
+          payload: JSON.stringify(req.body),
           signature: signatureSHA256
         });
         void res.send("ok");

frontend/src/lib/fn/csv.ts

@@ -0,0 +1,48 @@
+/**
+ * Converts a JSON array of objects to CSV format
+ * @param {Array} jsonData - Array of objects to convert
+ * @param {string} filename - Name of the file to download (without extension)
+ */
+export const convertJsonToCsv = (jsonData: Record<string, string | number | boolean>[]) => {
+  // Get headers from the first object
+
+  if (jsonData.length === 0) {
+    return new Blob([""], { type: "text/csv;charset=utf-8;" });
+  }
+
+  const headers = Object.keys(jsonData[0]);
+
+  const csvRows = [
+    headers.join(","),
+    // Add all data rows
+    ...jsonData.map((row) => {
+      return headers
+        .map((header) => {
+          // Handle special cases in the data
+          let cell = row[header];
+
+          // Convert null/undefined to empty string
+          if (cell === null || cell === undefined) {
+            return "";
+          }
+
+          // Handle normal values
+          if (typeof cell === "number" || typeof cell === "boolean") {
+            return cell;
+          }
+
+          // Convert objects/arrays to JSON string
+          if (typeof cell === "object") {
+            cell = JSON.stringify(cell);
+          }
+
+          // Escape quotes and wrap in quotes
+          cell = cell.toString().replace(/"/g, '""');
+          return `"${cell}"`;
+        })
+        .join(",");
+    })
+  ].join("\n");
+
+  return new Blob([csvRows], { type: "text/csv;charset=utf-8;" });
+};

frontend/src/pages/organization/SecretScanningPage/SecretScanningPage.tsx

@@ -12,23 +12,29 @@ import {
   useServerConfig
 } from "@app/context";
 import { withPermission } from "@app/hoc";
+import { usePopUp } from "@app/hooks";
 import {
   useCreateNewInstallationSession,
   useGetSecretScanningInstallationStatus,
+  useGetSecretScanningRisks,
   useLinkGitAppInstallationWithOrg
 } from "@app/hooks/api/secretScanning";
 
+import { ExportSecretScansModal } from "./components/ExportResultsModal";
 import { SecretScanningLogsTable } from "./components";
 
 export const SecretScanningPage = withPermission(
   () => {
     const queryParams = useSearch({
       from: ROUTE_PATHS.Organization.SecretScanning.id
-    });
+    }) as Record<string, string>;
+
     const { config } = useServerConfig();
     const { currentOrg } = useOrganization();
     const organizationId = currentOrg.id;
 
+    const { isPending, data: gitRisks } = useGetSecretScanningRisks(organizationId);
+
     const { mutateAsync: linkGitAppInstallationWithOrganization } =
       useLinkGitAppInstallationWithOrg();
     const { mutateAsync: createNewIntegrationSession } = useCreateNewInstallationSession();
@@ -37,13 +43,15 @@ export const SecretScanningPage = withPermission(
     const integrationEnabled =
       !isSecretScanningInstatllationStatusLoading && installationStatus?.appInstallationCompleted;
 
+    const { handlePopUpToggle, popUp } = usePopUp(["exportSecretScans"]);
+
     useEffect(() => {
       const linkInstallation = async () => {
         if (queryParams.state && queryParams.installation_id) {
           try {
             const isLinked = await linkGitAppInstallationWithOrganization({
-              installationId: queryParams.installation_id as string,
-              sessionId: queryParams.state as string
+              installationId: String(queryParams.installation_id),
+              sessionId: String(queryParams.state)
             });
             if (isLinked) {
               window.location.reload();
@@ -60,7 +68,7 @@ export const SecretScanningPage = withPermission(
 
     const generateNewIntegrationSession = async () => {
       const session = await createNewIntegrationSession({ organizationId });
-      window.location.href = `https://github.com/apps/infisical-radar/installations/new?state=${session.sessionId}`;
+      window.location.href = `https://github.com/apps/infisical-radar-dev-2/installations/new?state=${session.sessionId}`;
     };
 
     return (
@@ -132,9 +140,25 @@ export const SecretScanningPage = withPermission(
                 </div>
               )}
             </div>
-            <SecretScanningLogsTable />
+            <div className="mt-8 space-y-3">
+              <div className="flex w-full justify-end">
+                <Button
+                  onClick={() => handlePopUpToggle("exportSecretScans", true)}
+                  variant="solid"
+                  colorSchema="secondary"
+                >
+                  Export
+                </Button>
+              </div>
+              <SecretScanningLogsTable gitRisks={gitRisks} isPending={isPending} />
+            </div>
           </div>
         </div>
+        <ExportSecretScansModal
+          gitRisks={gitRisks || []}
+          handlePopUpToggle={handlePopUpToggle}
+          popUp={popUp}
+        />
       </div>
     );
   },