Bug 1826354: Container Security Fixes #5326
Conversation
spadgett
changed the title
openshift-ci-robot
added
the
bugzilla/severity-medium
|
@alecmerdler: This pull request references Bugzilla bug 1826354, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
bugzilla/invalid-bug
|
/bugzilla refresh |
openshift-ci-robot
added
the
bugzilla/valid-bug
|
@spadgett: This pull request references Bugzilla bug 1826354, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
removed
the
bugzilla/invalid-bug
| Header={ImageManifestVulnTableHeader} | ||
| Row={ImageManifestVulnTableRow} | ||
| EmptyMsg={() => <MsgBox title="No Image Vulnerabilities Found" detail="" />} |
There was a problem hiding this comment.
This will unmount and remount the empty msg component on each render. It would be better not to inline.
| .color.value | ||
| } | ||
| <ExclamationTriangleIcon | ||
| color={priorityFor(_.get(v.status, 'highestSeverity')).color.value} |
There was a problem hiding this comment.
We've been trying to remove _.get in favor of optional chaining when already updating the code.
| color={priorityFor(_.get(v.status, 'highestSeverity')).color.value} | |
| color={priorityFor(v.status?.highestSeverity).color.value} |
Having said that, I'm not sure _.get even helps here since we'll have a runtime error on lin 142 if v.status is undefined.
| @@ -378,7 +380,7 @@ export const ContainerVulnerabilities: React.FC<ContainerVulnerabilitiesProps> = | |||
| title={vuln.metadata.uid} | |||
| displayName={`${totalFor( | |||
| vulnPriority.findKey( | |||
| ({ title }) => vuln.status.highestSeverity === title, | |||
| ({ title }) => _.get(vuln.status, 'highestSeverity') === title, | |||
There was a problem hiding this comment.
| ({ title }) => _.get(vuln.status, 'highestSeverity') === title, | |
| ({ title }) => vuln.status?.highestSeverity === title, |
| vulnPriority.find(({ title }) => vuln.status.highestSeverity === title) | ||
| .color.value | ||
| } | ||
| color={priorityFor(_.get(vuln.status, 'highestSeverity')).color.value} |
There was a problem hiding this comment.
| color={priorityFor(_.get(vuln.status, 'highestSeverity')).color.value} | |
| color={priorityFor(vuln.status?.highestSeverity).color.value} |
| color={vulnPriority.find(({ title }) => obj.status.highestSeverity === title).color.value} | ||
| /> | ||
| {obj.status.highestSeverity} | ||
| {_.get(obj.status, 'highestSeverity') ? ( |
There was a problem hiding this comment.
| {_.get(obj.status, 'highestSeverity') ? ( | |
| {obj.status?.highestSeverity ? ( |
| {obj.status.highestSeverity} | ||
| {_.get(obj.status, 'highestSeverity') ? ( | ||
| <> | ||
| <SecurityIcon color={priorityFor(_.get(obj.status, 'highestSeverity')).color.value} /> |
There was a problem hiding this comment.
This _.get shouldn't be needed since we already check for highSeverity above.
| <SecurityIcon color={priorityFor(_.get(obj.status, 'highestSeverity')).color.value} /> | |
| <SecurityIcon color={priorityFor(obj.status.highestSeverity).color.value} /> |
|
/assign |
|
Does this PR also change the nav item and IMV list to "Image Vulnerabilities?"
|
|
The top section is showing a count of containers? And the bottom is images? Image Vulnerabilities And the top section's heading to: |
|
@itsptk The top section is unique container images in the cluster, deduplicated by namespace and pod. That way it aligns with the section below, which is unique container images and shows the impacted namespaces as a column. |
alecmerdler
force-pushed
the
bugzilla-1826354
branch
from
900dc9b
to
78bc48e
Compare
alecmerdler
force-pushed
the
bugzilla-1826354
branch
from
78bc48e
to
01423b8
Compare
|
@alecmerdler: This pull request references Bugzilla bug 1826354, which is valid. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@spadgett Addressed the issues you pointed out. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alecmerdler, spadgett The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
@alecmerdler: All pull requests linked via external trackers have merged: openshift/console#5326. Bugzilla bug 1826354 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Description
Addresses a few issues in the UI for the Container Security Operator, including clarification of text on the popover card, fixing link creation, and fixing page crashes caused by unsafe k8s property access.
Screenshots
Image Security breakdown card (vulns present):
Image Security breakdown card (no vulns present):
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1826354
Fixes https://issues.redhat.com/browse/PROJQUAY-676
Addresses https://issues.redhat.com/browse/PROJQUAY-482