Fix tests

mfyll · mfyll · commit 3df94fea8f20 · 2025-11-20T10:06:29.000+01:00
diff --git a/docs/content/supported_tools/parsers/file/openreports.md b/docs/content/supported_tools/parsers/file/openreports.md
@@ -0,0 +1,21 @@
+---
+title: "OpenReports"
+toc_hide: true
+---
+Import JSON reports from [OpenReports](https://github.com/openreports/reports-api).
+
+### File Types
+
+DefectDojo parser accepts a .json file.
+
+OpenReports JSON files can be exported from Kubernetes clusters using kubectl:
+
+```bash
+kubectl get reports -A -ojson > reports.json
+```
+
+The parser supports single Report objects, arrays of Reports, or Kubernetes List objects.
+
+### Sample Scan Data
+
+Sample OpenReports scans can be found in the [unittests/scans/openreports directory](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/openreports).
diff --git a/dojo/tools/openreports/parser.py b/dojo/tools/openreports/parser.py
@@ -240,11 +240,7 @@ def _create_finding_from_result(self, test, result, service_name, report_name, r
             active = result_status not in {"skip", "pass"}
             verified = result_status in {"fail", "warn"}
 
-            # Create tags
-            tags = [category, source]
-            scope_kind = service_name.split("/")[1] if "/" in service_name else ""
-            if scope_kind:
-                tags.append(scope_kind)
+            # Create finding
             finding = Finding(
                 test=test,
                 title=title,
@@ -261,9 +257,17 @@ def _create_finding_from_result(self, test, result, service_name, report_name, r
                 dynamic_finding=False,
                 fix_available=fix_available,
                 fix_version=fixed_version or None,
-                unsaved_tags=tags,
             )
 
+            # Create tags
+            tags = [category, source]
+            scope_kind = service_name.split("/")[1] if "/" in service_name else ""
+            if scope_kind:
+                tags.append(scope_kind)
+
+            # Set unsaved_tags attribute
+            finding.unsaved_tags = tags
+
             # Add vulnerability ID if it's a CVE
             if policy.startswith("CVE-"):
                 finding.unsaved_vulnerability_ids = [policy]
