feat: show URL for GitHub resources

StefanFl · StefanFl · commit a4f9926c2fef · 2026-03-04T08:59:13.000Z
diff --git a/backend/application/core/api/serializers_observation.py b/backend/application/core/api/serializers_observation.py
@@ -94,6 +94,7 @@ class ObservationSerializer(ModelSerializer):
     references = NestedReferenceSerializer(many=True)
     evidences = NestedEvidenceSerializer(many=True)
     origin_source_file_url = SerializerMethodField()
+    origin_cloud_resource_url = SerializerMethodField()
     issue_tracker_issue_url = SerializerMethodField()
     duplicates = NestedObservationIdSerializer(many=True)
     assessment_needs_approval = SerializerMethodField()
@@ -116,6 +117,9 @@ def get_branch_name(self, observation: Observation) -> str:
     def get_origin_source_file_url(self, observation: Observation) -> Optional[str]:
         return _get_origin_source_file_url(observation)
 
+    def get_origin_cloud_resource_url(self, observation: Observation) -> Optional[str]:
+        return _get_origin_cloud_resource_url(observation)
+
     def get_issue_tracker_issue_url(self, observation: Observation) -> Optional[str]:
         issue_url = None
 
@@ -164,6 +168,7 @@ class ObservationListSerializer(ModelSerializer):
     origin_component_name_version = SerializerMethodField()
     origin_source_file_short = SerializerMethodField()
     origin_source_file_url = SerializerMethodField()
+    origin_cloud_resource_url = SerializerMethodField()
     vulnerability_id_aliases = SerializerMethodField()
     cve_found_in = SerializerMethodField()
 
@@ -195,6 +200,9 @@ def get_origin_source_file_short(self, observation: Observation) -> Optional[str
     def get_origin_source_file_url(self, observation: Observation) -> Optional[str]:
         return _get_origin_source_file_url(observation)
 
+    def get_origin_cloud_resource_url(self, observation: Observation) -> Optional[str]:
+        return _get_origin_cloud_resource_url(observation)
+
     def get_vulnerability_id_aliases(self, observation: Observation) -> list[dict[str, str]]:
         return _get_vulnerability_id_aliases(observation)
 
@@ -225,6 +233,22 @@ def _get_origin_source_file_url(observation: Observation) -> Optional[str]:
     return origin_source_file_url
 
 
+def _get_origin_cloud_resource_url(observation: Observation) -> Optional[str]:
+    if (
+        observation.origin_cloud_provider.lower() == "github"
+        and observation.origin_cloud_account_subscription_project
+        and observation.origin_cloud_resource
+    ):
+        if observation.origin_cloud_resource_type.lower() == "githubrepository":
+            return (
+                f"https://github.com/{observation.origin_cloud_account_subscription_project}/"
+                + f"{observation.origin_cloud_resource}"
+            )
+        if observation.origin_cloud_resource_type.lower() == "githuborganization":
+            return f"https://github.com/{observation.origin_cloud_resource}"
+    return None
+
+
 def _create_azure_devops_url(observation: Observation, origin_source_file_url: str) -> str:
     origin_source_file_url += f"?path={observation.origin_source_file}"
     if observation.branch:
diff --git a/backend/application/import_observations/parsers/ocsf/parser.py b/backend/application/import_observations/parsers/ocsf/parser.py
@@ -128,12 +128,14 @@ def get_origins(finding: DetectionFinding) -> list[Origin]:
             )
     elif finding.cloud:
         account_name = ""
-        if finding.cloud.account:
+        if finding.finding_info.uid.startswith("prowler-github") and finding.cloud.region:
+            account_name = finding.cloud.region
+        elif finding.cloud.account:
             account_name = finding.cloud.account.name
         for resource in finding.resources:
             origins.append(
                 Origin(
-                    origin_cloud_provider=finding.cloud.provider.capitalize(),
+                    origin_cloud_provider=get_provider(finding.cloud.provider),
                     origin_cloud_account_subscription_project=account_name,
                     origin_cloud_resource=resource.name,
                     origin_cloud_resource_type=resource.type,
@@ -143,6 +145,14 @@ def get_origins(finding: DetectionFinding) -> list[Origin]:
     return origins
 
 
+def get_provider(provider: str) -> str:
+    if provider.lower() == "github":
+        return "GitHub"
+    if provider.lower() == "aws":
+        return "AWS"
+    return provider.capitalize()
+
+
 def get_description(finding: DetectionFinding) -> str:
     description = finding.finding_info.desc
 
diff --git a/frontend/src/core/observations/ObservationShowOrigins.tsx b/frontend/src/core/observations/ObservationShowOrigins.tsx
@@ -211,7 +211,12 @@ const ObservationShowOrigins = ({ observation, showDependencies, elevated }: Obs
                                     )}
                                     {observation.origin_cloud_resource != "" && (
                                         <Labeled>
-                                            <TextField source="origin_cloud_resource" label="Resource" />
+                                            <TextUrlField
+                                                text={observation.origin_cloud_resource}
+                                                url={observation.origin_cloud_resource_url}
+                                                label="Resource"
+                                                new_tab={true}
+                                            />
                                         </Labeled>
                                     )}
                                 </Stack>
