use related description only when description is empty

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
kubescape · Jun 1, 2023 · 329f3e4 · 329f3e4
1 parent e29dad0
commit 329f3e4
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 5 deletions.
diff --git a/adapters/v1/domain_to_armo.go b/adapters/v1/domain_to_armo.go
@@ -51,13 +51,13 @@ func domainToArmo(ctx context.Context, grypeDocument v1beta1.GrypeDocument, vuln
 		for _, match := range grypeDocument.Matches {
 			var isFixed int
 			var version string
-			var description string
+			description := match.Vulnerability.Description
 			link := "https://nvd.nist.gov/vuln/detail/" + match.Vulnerability.ID
 			if len(match.Vulnerability.Fix.Versions) != 0 {
 				isFixed = 1
 				version = match.Vulnerability.Fix.Versions[0]
 			}
-			if len(match.RelatedVulnerabilities) != 0 {
+			if description == "" && len(match.RelatedVulnerabilities) > 0 {
 				description = match.RelatedVulnerabilities[0].Description
 			}
 			// create a vulnerability result for this vulnerability

diff --git a/adapters/v1/domain_to_armo_test.go b/adapters/v1/domain_to_armo_test.go
@@ -26,7 +26,39 @@ func Test_domainToArmo(t *testing.T) {
 		wantErr                          bool
 	}{
 		{
-			name: "Test domainToArmo",
+			name: "Test domainToArmo with description",
+			grypeDocument: v1beta1.GrypeDocument{
+				Source: &v1beta1.Source{
+					Target: json.RawMessage(`{"userInput":"","imageID":"","manifestDigest":"","mediaType":"","tags":null,"imageSize":0,"layers":[{"mediaType":"","digest":"dummyLayer","size":0}],"manifest":null,"config":null,"repoDigests":null,"architecture":"","os":""}`),
+				},
+				Matches: []v1beta1.Match{{
+					Vulnerability: v1beta1.Vulnerability{
+						VulnerabilityMetadata: v1beta1.VulnerabilityMetadata{
+							ID:          "CVE-2021-21300",
+							Description: "test description",
+						},
+						Fix: v1beta1.Fix{
+							Versions: []string{"1.0.0"},
+						},
+					},
+				}},
+			},
+			want: []containerscan.CommonContainerVulnerabilityResult{{
+				IntroducedInLayer: dummyLayer,
+				Vulnerability: containerscan.Vulnerability{
+					Description: "test description",
+					Name:        "CVE-2021-21300",
+					Link:        "https://nvd.nist.gov/vuln/detail/CVE-2021-21300",
+					Fixes:       containerscan.VulFixes{{Version: "1.0.0"}},
+				},
+				Layers:        []containerscan.ESLayer{{LayerHash: dummyLayer}},
+				RelevantLinks: []string{"https://nvd.nist.gov/vuln/detail/CVE-2021-21300", ""},
+				IsLastScan:    1,
+				IsFixed:       1,
+			}},
+		},
+		{
+			name: "Test domainToArmo with related description",
 			grypeDocument: v1beta1.GrypeDocument{
 				Source: &v1beta1.Source{
 					Target: json.RawMessage(`{"userInput":"","imageID":"","manifestDigest":"","mediaType":"","tags":null,"imageSize":0,"layers":[{"mediaType":"","digest":"dummyLayer","size":0}],"manifest":null,"config":null,"repoDigests":null,"architecture":"","os":""}`),
@@ -41,14 +73,14 @@ func Test_domainToArmo(t *testing.T) {
 						},
 					},
 					RelatedVulnerabilities: []v1beta1.VulnerabilityMetadata{{
-						Description: "test description",
+						Description: "related description",
 					}},
 				}},
 			},
 			want: []containerscan.CommonContainerVulnerabilityResult{{
 				IntroducedInLayer: dummyLayer,
 				Vulnerability: containerscan.Vulnerability{
-					Description: "test description",
+					Description: "related description",
 					Name:        "CVE-2021-21300",
 					Link:        "https://nvd.nist.gov/vuln/detail/CVE-2021-21300",
 					Fixes:       containerscan.VulFixes{{Version: "1.0.0"}},