Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Vulnerability Scan Execution Result in Build History in security tab gets modified for all the previous builds #4476

Closed
2 tasks done
tayalrishabh96 opened this issue Dec 28, 2023 · 0 comments · Fixed by #4691
Closed
2 tasks done

Bug: Vulnerability Scan Execution Result in Build History in security tab gets modified for all the previous builds #4476

tayalrishabh96 opened this issue Dec 28, 2023 · 0 comments · Fixed by #4691
Assignees
@prakarsh-dt @vikramdevtron @vivek-devtron @kripanshdevtron
Labels
bug Something isn't working To be prioritized Issues that are yet to be prioritized

Comments

@tayalrishabh96
Copy link
Contributor

tayalrishabh96 commented Dec 28, 2023
edited
Loading

📜 Description

Vulnerability Scan Execution Result in Build History in security tab gets modified for all the previous builds. If older build had 100 Critical vulnerabilities and latest build has 5 vulnerabilities then devtron modifies the older image scan execution result and we would see just 5 vulnerabilities in older build as well.

Criticality

P1 - High

Impact on Enterprise

  • Devtron is changing the source of truth with respect to Vulnerability Scan Execution Result.
  • Devs / DevOps will not be able to evaluate how many vulnerabilities actually got fixed.

👟 Steps to replicate the Issue

  1. Build an image with some OS level vulnerabilities (Make sure to enable the scanning). Note the timestamp of the image scan.
  2. Enable vulnerability scanning plugin in post CI and build the image again. Again Note the timestamp of the image scan.
  3. Check back the image scanning timestamp for older build again, it will get modified with the new one.
  4. This means we are modifying Vulnerability Scan Execution Result

👍 Expected behavior

Vulnerability Scan Execution Result should not be modified.

👎 Actual Behavior

Vulnerability Scan Execution Result get modified to latest scan.

☸ Kubernetes version

NA

Cloud provider

NA

🌍 Browser

Chrome

🧱 Your Environment

NA

✅ Proposed Solution

NA

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?

AB#7749
@tayalrishabh96 tayalrishabh96 added bug Something isn't working pager-duty Bugs / Issues found while on pager duty labels Dec 28, 2023
@deepak-devtron deepak-devtron removed the pager-duty Bugs / Issues found while on pager duty label Dec 29, 2023
@vikramdevtron vikramdevtron added the To be prioritized Issues that are yet to be prioritized label Dec 29, 2023
@adi6859 adi6859 mentioned this issue Feb 21, 2024
Merged
7 tasks
@adi6859 adi6859 closed this as completed Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@prakarsh-dt prakarsh-dt

@vikramdevtron vikramdevtron

@vivek-devtron vivek-devtron

@kripanshdevtron kripanshdevtron

Labels
bug Something isn't working To be prioritized Issues that are yet to be prioritized
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: wrong image scan execution result devtron-labs/devtron
6 participants
@prakarsh-dt @vikramdevtron @vivek-devtron @deepak-devtron @kripanshdevtron @tayalrishabh96