From 3090bb21e351d104d55360df580c9415f79e38ae Mon Sep 17 00:00:00 2001
From: LirShindalman <49649760+lirshindalman@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:06:32 +0200
Subject: [PATCH] feat(general): add logs for suppression (#6873)

* add logs for suppression

* add logs for suppression

* add logs for suppression

* add logs for suppression
---
 .../features/suppressions_integration.py                    | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/checkov/common/bridgecrew/integration_features/features/suppressions_integration.py b/checkov/common/bridgecrew/integration_features/features/suppressions_integration.py
index 6dc27691763..a74c6198179 100644
--- a/checkov/common/bridgecrew/integration_features/features/suppressions_integration.py
+++ b/checkov/common/bridgecrew/integration_features/features/suppressions_integration.py
@@ -108,7 +108,7 @@ def post_runner(self, scan_report: Report) -> None:
         self._apply_suppressions_to_report(scan_report)
 
     def _apply_suppressions_to_report(self, scan_report: Report) -> None:
-
+        logging.debug('Start apply_suppressions_to_report')
         # holds the checks that are still not suppressed
         still_failed_checks = []
         still_passed_checks = []
@@ -124,7 +124,8 @@ def _apply_suppressions_to_report(self, scan_report: Report) -> None:
             relevant_suppressions_v2 = self.suppressions_v2.get(check.check_id)
 
             has_suppression = relevant_suppressions or relevant_suppressions_v2
-
+            if isinstance(has_suppression, list):
+                logging.debug(f'(_apply_suppressions_to_report) - number of suppression {len(has_suppression)}')
             applied_suppression = self._check_suppressions(check, relevant_suppressions, relevant_suppressions_v2) if has_suppression else None
             if applied_suppression:
                 suppress_comment = applied_suppression['comment'] if applied_suppression['isV1'] else applied_suppression['justificationComment']
@@ -188,6 +189,7 @@ def _check_suppression(self, record: Record, suppression: dict[str, Any]) -> boo
             # But checking here adds some resiliency against bugs if that changes.
             return any(self.bc_integration.repo_matches(account) for account in suppression['accountIds'])
         elif type == 'Resources':
+            logging.debug(f'check_suppression type Resources {suppression}. resource_id = {record.repo_file_path}:{record.resource} repo_id = {self.bc_integration.repo_id}')
             for resource in suppression['resources']:
                 if self.bc_integration.repo_matches(resource['accountId']) \
                         and (resource['resourceId'] == f'{record.repo_file_path}:{record.resource}'