feat: update report service and report generation template [26T1-DOC-RR-001]#230
feat: update report service and report generation template [26T1-DOC-RR-001]#230raaidrushdy wants to merge 2 commits into
Conversation
- Updated the current report_service.py to match the new template - Add AutoAudit_Report_Template.docx for Word report generation - Add run_test.py smoke test for local testing - Add fake_dataset.json sample dataset - Add README_report_service.md with schema docs and onboarding notes
raaidrushdy
requested review from
6igby,
du-dhartley and
liyunze-coding
as code owners
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ab222f3d0b
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| return out | ||
|
|
||
|
|
||
| def generate_single_finding_pdf( |
There was a problem hiding this comment.
generate_pdf entry point
Existing entry points still do from security.reports.report_service import generate_pdf in security/evidence_backend/reportgenerator.py and security/evidence_ui/app.py, but this rewrite only exposes the renamed single-finding functions. In an environment with the report dependencies installed, those modules will fail at import time with ImportError before users can generate evidence reports; keep a generate_pdf wrapper/alias or update those callers in the same change.
Useful? React with 👍 / 👎.
| dataset = args[0] if args and not args[0].startswith("--") else "fake_dataset_template_ready.json" | ||
| template = args[1] if len(args) > 1 and not args[1].startswith("--") else "AutoAudit_Report_Template.docx" |
There was a problem hiding this comment.
The default CLI path uses fake_dataset_template_ready.json and AutoAudit_Report_Template.docx, but this commit adds security/reports/fake_dataset.json and updates security/results/report_template.docx instead. Running the documented no-argument command from security/reports therefore fails immediately with FileNotFoundError, so the smoke-test/default path is not usable unless the caller supplies both paths manually.
Useful? React with 👍 / 👎.
- Add generate_pdf() alias so existing callers in evidence_backend/ reportgenerator.py and evidence_ui/app.py continue to work without changes (maps to generate_single_finding_pdf) - Fix CLI default dataset path from fake_dataset_template_ready.json to fake_dataset.json to match the file actually committed
|
Fixed both. Added a generate_pdf backward-compat alias that maps to generate_single_finding_pdf with the same signature both callers use. Also corrected the CLI default filename to fake_dataset.json. |
|
@raaidrushdy Can this be run on the real tenant to avoid needing to use sample data? We have the tenant, we should use it rather than risk an intermediate layer that could potentially have issues. |
|
yeah, the fake dataset is just so anyone can test the report locally without needing tenant access. it never goes near the actual pipeline. when the engine runs against the real tenant that output feeds straight into the report generator, the sample data has nothing to do with that. |
|
@raaidrushdy I understand what the fake dataset is for, but we should generate the dataset from a real tenant, unless that has been done already. |
2 participants
Summary
Updates report_service.py to work with the new Word report template and adds the supporting files needed to generate, test, and understand the report generation pipeline.
Type of Change
Affected Components
/backend-api/frontend/engine(collectors / policies)/security/infrastructure/.github/workflows/docsMotivation
Task 26T1-DOC-RR-001 — build the AutoAudit M365 compliance report template. The previous report_service.py used a different template structure. This update aligns the service with the new Word template, fixes bugs, and adds the files needed for any teammate to run and test report generation locally.
Testing Done
Ran run_test.py against fake_dataset.json with the new template. Generated .docx opened correctly in Word with all placeholders filled.
Security Considerations
No security impact. This change only affects offline report generation from already-collected compliance data. No auth, secrets, API permissions, or data exposure involved.
Breaking Changes
Rollback Plan
Checklist
Screenshots