remove Json deser from get_validation_errors_data method

gillarramendi · gillarramendi · commit cfb8f59ccc1c · 2026-03-09T13:15:47.000+01:00
diff --git a/crates/cli/src/sarif/sarif_utils.rs b/crates/cli/src/sarif/sarif_utils.rs
@@ -18,7 +18,7 @@ use kernel::model::{
 };
 use path_slash::PathExt;
 use percent_encoding::{utf8_percent_encode, AsciiSet, CONTROLS};
-use secrets::model::secret_result::{SecretResult, SecretValidationStatus};
+use secrets::model::secret_result::{SecretResult, SecretValidationStatus, ValidationErrorInfo};
 use secrets::model::secret_rule::SecretRule;
 use serde_sarif::sarif::{
     self, Artifact, ArtifactBuilder, ArtifactChangeBuilder, ArtifactLocationBuilder, FixBuilder,
@@ -152,27 +152,11 @@ impl SarifViolation {
         }
     }
 
-    fn get_validation_errors_data(&self) -> Option<serde_json::Value> {
-        if let Secret(_, validation_status) = &self {
-            match validation_status {
-                SecretValidationStatus::ValidationError(error_infos) if !error_infos.is_empty() => {
-                    let errors: Vec<serde_json::Value> = error_infos
-                        .iter()
-                        .map(|error_info| {
-                            serde_json::json!({
-                                "type": error_info.error_type.as_str(),
-                                "statusCode": error_info.status_code,
-                                "message": error_info.message
-                            })
-                        })
-                        .collect();
-                    Some(serde_json::Value::Array(errors))
-                }
-                _ => None,
-            }
-        } else {
-            None
-        }
+    fn get_validation_errors_data(&self) -> Option<&[ValidationErrorInfo]> {
+        let Secret(_, SecretValidationStatus::ValidationError(error_infos)) = &self else {
+            return None;
+        };
+        (!error_infos.is_empty()).then_some(error_infos.as_slice())
     }
 }
 
@@ -797,9 +781,10 @@ fn generate_results(
                             let validation_errors_data =
                                 sarif_violation.get_validation_errors_data();
                             if let Some(errors_data) = validation_errors_data {
+                                let json_array = serde_json::to_value(errors_data)?;
                                 properties.additional_properties.insert(
                                     "datadogSecretValidationErrors".to_string(),
-                                    errors_data,
+                                    json_array,
                                 );
                             }
 
@@ -1630,8 +1615,8 @@ mod tests {
                 start: Position { line: 1, col: 1 },
                 end: Position { line: 2, col: 2 },
                 validation_status: SecretValidationStatus::ValidationError(vec![
-                    secrets::model::secret_result::ValidationErrorInfo {
-                        error_type: secrets::model::secret_result::ValidationErrorType::HttpError,
+                    ValidationErrorInfo {
+                        error_type: ValidationErrorType::HttpError,
                         status_code: 400,
                         message: "Invalid token".to_string(),
                     },
@@ -1661,39 +1646,31 @@ mod tests {
         )
         .expect("generate sarif report");
 
-        let expected_subset = serde_json::json!(
-        {
-          "runs": [
-            {
-              "results": [
-                {
-                  "properties": {
-                    "tags": [
-                      "DATADOG_CATEGORY:SECURITY",
-                      "DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR"
-                    ],
-                    "datadogSecretValidationErrors": [
-                      {
-                        "type": "HttpError",
-                        "statusCode": 400,
-                        "message": "Invalid token"
-                      }
-                    ]
-                  }
-                }
-              ]
-            }
-          ]
-        }
-                );
+        // Test the actual data structures
+        let result = &sarif_report.runs[0].results.as_ref().unwrap()[0];
+        let properties = result.properties.as_ref().unwrap();
 
-        let sarif_json = serde_json::to_value(sarif_report).unwrap();
-        assert_json_include!(
-            actual: sarif_json,
-            expected: expected_subset,
-        );
+        // Check tags
+        let tags = properties.tags.as_ref().unwrap();
+        assert!(tags.contains(&"DATADOG_CATEGORY:SECURITY".to_string()));
+        assert!(tags.contains(&"DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR".to_string()));
+
+        // Check validation errors data
+        let json_value = properties
+            .additional_properties
+            .get("datadogSecretValidationErrors")
+            .unwrap();
+        let parsed: Vec<ValidationErrorInfo> = serde_json::from_value(json_value.clone()).unwrap();
+
+        let expected_errors = vec![ValidationErrorInfo {
+            error_type: ValidationErrorType::HttpError,
+            status_code: 400,
+            message: "Invalid token".to_string(),
+        }];
+        assert_eq!(parsed, expected_errors);
 
         // validate the schema
+        let sarif_json = serde_json::to_value(sarif_report).unwrap();
         assert!(validate_data(&sarif_json));
     }
 
@@ -1725,9 +1702,8 @@ mod tests {
                 start: Position { line: 1, col: 1 },
                 end: Position { line: 2, col: 2 },
                 validation_status: SecretValidationStatus::ValidationError(vec![
-                    secrets::model::secret_result::ValidationErrorInfo {
-                        error_type:
-                            secrets::model::secret_result::ValidationErrorType::UnknownResponseType,
+                    ValidationErrorInfo {
+                        error_type: ValidationErrorType::UnknownResponseType,
                         status_code: 0, // Using 0 as placeholder when no status code is available
                         message: "Connection timeout".to_string(),
                     },
@@ -1757,39 +1733,31 @@ mod tests {
         )
         .expect("generate sarif report");
 
-        let expected_subset = serde_json::json!(
-        {
-          "runs": [
-            {
-              "results": [
-                {
-                  "properties": {
-                    "tags": [
-                      "DATADOG_CATEGORY:SECURITY",
-                      "DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR"
-                    ],
-                    "datadogSecretValidationErrors": [
-                      {
-                        "type": "UnknownResponseType",
-                        "statusCode": 0,
-                        "message": "Connection timeout"
-                      }
-                    ]
-                  }
-                }
-              ]
-            }
-          ]
-        }
-                );
+        // Test the actual data structures
+        let result = &sarif_report.runs[0].results.as_ref().unwrap()[0];
+        let properties = result.properties.as_ref().unwrap();
 
-        let sarif_json = serde_json::to_value(sarif_report).unwrap();
-        assert_json_include!(
-            actual: sarif_json,
-            expected: expected_subset,
-        );
+        // Check tags
+        let tags = properties.tags.as_ref().unwrap();
+        assert!(tags.contains(&"DATADOG_CATEGORY:SECURITY".to_string()));
+        assert!(tags.contains(&"DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR".to_string()));
+
+        // Check validation errors data
+        let json_value = properties
+            .additional_properties
+            .get("datadogSecretValidationErrors")
+            .unwrap();
+        let parsed: Vec<ValidationErrorInfo> = serde_json::from_value(json_value.clone()).unwrap();
+
+        let expected_errors = vec![ValidationErrorInfo {
+            error_type: ValidationErrorType::UnknownResponseType,
+            status_code: 0,
+            message: "Connection timeout".to_string(),
+        }];
+        assert_eq!(parsed, expected_errors);
 
         // validate the schema
+        let sarif_json = serde_json::to_value(sarif_report).unwrap();
         assert!(validate_data(&sarif_json));
     }
 
@@ -2161,19 +2129,18 @@ mod tests {
                 start: Position { line: 1, col: 1 },
                 end: Position { line: 2, col: 2 },
                 validation_status: SecretValidationStatus::ValidationError(vec![
-                    secrets::model::secret_result::ValidationErrorInfo {
-                        error_type: secrets::model::secret_result::ValidationErrorType::HttpError,
+                    ValidationErrorInfo {
+                        error_type: ValidationErrorType::HttpError,
                         status_code: 400,
                         message: "Invalid token".to_string(),
                     },
-                    secrets::model::secret_result::ValidationErrorInfo {
-                        error_type: secrets::model::secret_result::ValidationErrorType::HttpError,
+                    ValidationErrorInfo {
+                        error_type: ValidationErrorType::HttpError,
                         status_code: 401,
                         message: "Unauthorized access".to_string(),
                     },
-                    secrets::model::secret_result::ValidationErrorInfo {
-                        error_type:
-                            secrets::model::secret_result::ValidationErrorType::UnknownResponseType,
+                    ValidationErrorInfo {
+                        error_type: ValidationErrorType::UnknownResponseType,
                         status_code: 0, // Test error without status code
                         message: "Connection timeout".to_string(),
                     },
@@ -2203,49 +2170,43 @@ mod tests {
         )
         .expect("generate sarif report");
 
-        let expected_subset = serde_json::json!(
-        {
-          "runs": [
-            {
-              "results": [
-                {
-                  "properties": {
-                    "tags": [
-                      "DATADOG_CATEGORY:SECURITY",
-                      "DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR"
-                    ],
-                    "datadogSecretValidationErrors": [
-                      {
-                        "type": "HttpError",
-                        "statusCode": 400,
-                        "message": "Invalid token"
-                      },
-                      {
-                        "type": "HttpError",
-                        "statusCode": 401,
-                        "message": "Unauthorized access"
-                      },
-                      {
-                        "type": "UnknownResponseType",
-                        "statusCode": 0,
-                        "message": "Connection timeout"
-                      }
-                    ]
-                  }
-                }
-              ]
-            }
-          ]
-        }
-                );
+        // Test the actual data structures
+        let result = &sarif_report.runs[0].results.as_ref().unwrap()[0];
+        let properties = result.properties.as_ref().unwrap();
 
-        let sarif_json = serde_json::to_value(sarif_report).unwrap();
-        assert_json_include!(
-            actual: sarif_json,
-            expected: expected_subset,
-        );
+        // Check tags
+        let tags = properties.tags.as_ref().unwrap();
+        assert!(tags.contains(&"DATADOG_CATEGORY:SECURITY".to_string()));
+        assert!(tags.contains(&"DATADOG_SECRET_VALIDATION_STATUS:VALIDATION_ERROR".to_string()));
+
+        // Check validation errors data
+        let json_value = properties
+            .additional_properties
+            .get("datadogSecretValidationErrors")
+            .unwrap();
+        let parsed: Vec<ValidationErrorInfo> = serde_json::from_value(json_value.clone()).unwrap();
+
+        let expected_errors = vec![
+            ValidationErrorInfo {
+                error_type: ValidationErrorType::HttpError,
+                status_code: 400,
+                message: "Invalid token".to_string(),
+            },
+            ValidationErrorInfo {
+                error_type: ValidationErrorType::HttpError,
+                status_code: 401,
+                message: "Unauthorized access".to_string(),
+            },
+            ValidationErrorInfo {
+                error_type: ValidationErrorType::UnknownResponseType,
+                status_code: 0,
+                message: "Connection timeout".to_string(),
+            },
+        ];
+        assert_eq!(parsed, expected_errors);
 
         // validate the schema
+        let sarif_json = serde_json::to_value(sarif_report).unwrap();
         assert!(validate_data(&sarif_json));
     }
 }
diff --git a/crates/secrets/src/model/secret_result.rs b/crates/secrets/src/model/secret_result.rs
@@ -73,7 +73,9 @@ pub struct SecretResult {
 }
 
 #[derive(Debug, PartialEq, PartialOrd, Ord, Eq, Clone, Hash, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
 pub struct ValidationErrorInfo {
+    #[serde(rename = "type")]
     pub error_type: ValidationErrorType,
     pub status_code: u16,
     pub message: String,

Original file line number	Diff line number	Diff line change
`@@ -73,7 +73,9 @@ pub struct SecretResult {`
`73`	`73`	`}`
`74`	`74`
`75`	`75`	`#[derive(Debug, PartialEq, PartialOrd, Ord, Eq, Clone, Hash, Serialize, Deserialize)]`
	`76`	`+#[serde(rename_all = "camelCase")]`
`76`	`77`	`pub struct ValidationErrorInfo {`
	`78`	`+ #[serde(rename = "type")]`
`77`	`79`	`pub error_type: ValidationErrorType,`
`78`	`80`	`pub status_code: u16,`
`79`	`81`	`pub message: String,`