Make QSS multiple notification messaging nicer

endpoints/notificationevent.py

@@ -169,8 +169,15 @@ class VulnerabilityFoundEvent(NotificationEvent):
   def get_summary(self, event_data, notification_data):
     multiple_vulns = event_data.get(VulnerabilityFoundEvent.MULTIPLE_VULNERABILITY_KEY)
     if multiple_vulns is not None:
-      msg = '%s vulnerabilities were detected in repository %s in %s tags'
+      top_priority = multiple_vulns[0].get('priority', 'Unknown')
-      return msg % (len(multiple_vulns), event_data['repository'], len(event_data['tags']))
+      matching = [v for v in multiple_vulns if v.get('priority', 'Unknown') == top_priority]
+
+      msg = '%s %s' % (len(matching), top_priority)
+      if len(matching) < len(multiple_vulns):
+        msg += ' and %s more' % (len(multiple_vulns) - len(matching))
+
+      msg += ' vulnerabilities were detected in repository %s in %s tags'
+      return msg % (event_data['repository'], len(event_data['tags']))
     else:
       msg = '%s vulnerability detected in repository %s in %s tags'
       return msg % (event_data['vulnerability']['priority'], event_data['repository'],

test/test_secscan.py

@@ -353,8 +353,8 @@ class TestSecurityScanner(unittest.TestCase):
 
       # Ensure we get the correct event message out as well.
       event = VulnerabilityFoundEvent()
-      self.assertEquals('2 vulnerabilities were detected in repository devtable/simple in 2 tags',
+      msg = '1 Low and 1 more vulnerabilities were detected in repository devtable/simple in 2 tags'
-                        event.get_summary(body['event_data'], {}))
+      self.assertEquals(msg, event.get_summary(body['event_data'], {}))
     else:
       self.assertIsNone(queue_item)