Merge pull request #15 from cisagov/improvement/add_hash_to_domain_csv

Add VDP Hash to the Domain Results CSV

README.md

@@ -25,7 +25,7 @@ Python library. Then it will output CSVs with agency and domain level results.
 To run the `cisagov/vdp-scanner` image via Docker:
 
 ```console
-docker run cisagov/vdp-scanner:0.0.2
+docker run cisagov/vdp-scanner:0.0.3
 ```
 
 ### Running with Docker Compose ###
@@ -38,7 +38,7 @@ docker run cisagov/vdp-scanner:0.0.2
 
     services:
       vdp-scanner:
-        image: 'cisagov/vdp-scanner:0.0.2'
+        image: 'cisagov/vdp-scanner:0.0.3'
         volumes:
           - .:/task/host_mount
     ```
@@ -76,7 +76,7 @@ docker run cisagov/vdp-scanner:0.0.2
 1. Pull the new image:
 
     ```console
-    docker pull cisagov/vdp-scanner:0.0.2
+    docker pull cisagov/vdp-scanner:0.0.3
     ```
 
 1. Recreate and run the container by following the [previous instructions](#running-with-docker).
@@ -85,11 +85,11 @@ docker run cisagov/vdp-scanner:0.0.2
 
 The images of this container are tagged with
 [semantic versions](https://semver.org).  It is recommended that most users use
-a version tag (e.g. `:0.0.2`).
+a version tag (e.g. `:0.0.3`).
 
 | Image:tag | Description |
 |-----------|-------------|
-|`cisagov/vdp-scanner:0.0.2`| An exact release version. |
+|`cisagov/vdp-scanner:0.0.3`| An exact release version. |
 |`cisagov/vdp-scanner:0.0`| The most recent release matching the major and minor version numbers. |
 |`cisagov/vdp-scanner:0`| The most recent release matching the major version number. |
 |`cisagov/vdp-scanner:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
@@ -155,7 +155,7 @@ Build the image locally using this git repository as the [build context](https:/
 
 ```console
 docker build \
-  --tag cisagov/vdp-scanner:0.0.2 \
+  --tag cisagov/vdp-scanner:0.0.3 \
   https://github.com/cisagov/vdp-scanner-docker.git#develop
 ```
 
@@ -186,7 +186,7 @@ Docker:
       --file Dockerfile-x \
       --platform linux/amd64 \
       --output type=docker \
-      --tag cisagov/vdp-scanner:0.0.2 .
+      --tag cisagov/vdp-scanner:0.0.3 .
     ```
 
 ## Contributing ##

src/vdp_scanner.py

@@ -54,6 +54,7 @@ class DomainResult(NamedTuple):
     visited_url: str
     is_redirect: bool
     vdp_present: bool
+    vdp_hash: str
 
 
 class VdpScanner:
@@ -82,6 +83,7 @@ class VdpScanner:
         "Visited URL",
         "Was it Redirected",
         "VDP is Published",
+        "VDP Hash",
     ]
 
     def __init__(self, hasher: UrlHasher):
@@ -105,7 +107,7 @@ def _log_vdp_failure(domain: str, err: Exception) -> None:
         logging.debug("Caught %s", type(err).__name__)
         logging.debug(err)
 
-    def check_for_vdp(self, domain: str) -> Tuple[str, bool, bool]:
+    def check_for_vdp(self, domain: str) -> Tuple[str, bool, bool, str]:
         """Check for a VDP at the given domain and return the relavent information."""
         url = urlparse(f"https://{domain}/vulnerability-disclosure-policy")
         result: Optional[UrlResult] = None
@@ -149,12 +151,12 @@ def check_for_vdp(self, domain: str) -> Tuple[str, bool, bool]:
             self._log_vdp_failure(domain, err)
 
         if not result:
-            return ("", False, False)
+            return ("", False, False, "")
 
         if result.status == 200:
-            return (result.visited_url, result.is_redirect, True)
+            return (result.visited_url, result.is_redirect, True, result.hash)
 
-        return (result.visited_url, result.is_redirect, False)
+        return (result.visited_url, result.is_redirect, False, "")
 
     def process_domain(self, domain_info: Dict[str, Any]) -> None:
         """Process a domain entry from the DotGov CSV."""
@@ -173,16 +175,11 @@ def process_domain(self, domain_info: Dict[str, Any]) -> None:
 
     def add_domain_result(self, result: DomainResult) -> None:
         """Process the provided results for a domain."""
-        result_dict = {
-            "Domain": result.domain,
-            "Agency": result.agency,
-            "Organization": result.organization,
-            "Security Contact Email": result.security_contact,
-            "Visited URL": result.visited_url,
-            "Was it Redirected": result.is_redirect,
-            "VDP is Published": result.vdp_present,
-        }
-        self.domain_results.append(result_dict)
+        # Create a dict with the values of domain_csv_header as keys and the
+        # contents of result as values. This leverages the fact that the
+        # DomainResult NamedTuple is positionally aligned with the contents of
+        # the domain_csv_header list.
+        self.domain_results.append(dict(zip(self.domain_csv_header, result)))
 
         self.agency_results[result.agency]["Total Domains"] += 1
 

src/version.txt

@@ -1 +1 @@
-__version__ = "0.0.2"
+__version__ = "0.0.3"