Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ui: add caching to vulnerability reports (PROJQUAY-7250) #2900

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

ui: add caching to vulnerability reports (PROJQUAY-7250) #2900

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
49393b7
leverage react query and caching for secscan display
dmesser May 20, 2024
0580c7d
remove unneeded prop
dmesser May 20, 2024
d6235d3
only load sec scan results when manifest list expands
dmesser May 20, 2024
b67d69d
adjust error message in cypress test
dmesser May 20, 2024
0201719
correct cypress test for new empty state
dmesser May 20, 2024
a9b8bda
simplify conditions via optional chaining
dmesser May 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions web/cypress/e2e/packages-report.cy.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,8 @@ describe('Packages Report Page', () => {
{fixture: 'security/noPackages.json'},
).as('getSecurityReport');
cy.visit('/repository/user1/hello-world/tag/security?tab=packages');
cy.contains('Quay Security Reporting does not recognize any packages');
cy.contains('No known patches are available');
cy.get('[data-testid="packages-chart"]').contains('0').should('exist');
cy.get('td[data-label="Package Name"]').should('have.length', 0);
cy.contains('Security scan is not supported.');
cy.contains('Image does not have content the scanner recognizes.');
});

it('filter by name', () => {
Expand Down
12 changes: 0 additions & 12 deletions web/src/atoms/SecurityDetailsState.ts
View file
Open in desktop

This file was deleted.

33 changes: 33 additions & 0 deletions web/src/hooks/UseManifestSecurity.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
import {useQuery} from '@tanstack/react-query';
import {fetchSecurityDetails} from 'src/resources/ManifestSecurityResource';

export function useManifestSecurity(
org: string,
repo: string,
digest: string,
enabled = true,
) {
const {
data: securityDetails,
isLoading: isSecurityDetailsLoading,
isError: isSecurityDetailsError,
error: securityDetailsError,
} = useQuery(
['manifestsecurity', org, repo, digest],
({signal}) => fetchSecurityDetails(org, repo, digest, signal),
{
enabled: enabled,
staleTime: 1000 * 60 * 5,
cacheTime: 1000 * 60 * 15,
retry: 3,
retryDelay: (attempt) => attempt * 1000, // 1s, 2s, 3s
},
);

return {
securityDetails,
isSecurityDetailsError,
securityDetailsError,
isSecurityDetailsLoading: isSecurityDetailsLoading,
};
}
2 changes: 1 addition & 1 deletion web/src/libs/utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import {VulnerabilitySeverity} from 'src/resources/TagResource';
import moment from 'moment';
import {ITeamMember} from 'src/hooks/UseMembers';
import {VulnerabilitySeverity} from 'src/resources/ManifestSecurityResource';

export function getSeverityColor(severity: VulnerabilitySeverity) {
switch (severity) {
Expand Down
84 changes: 84 additions & 0 deletions web/src/resources/ManifestSecurityResource.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
import axios, {AxiosResponse} from 'axios';
import {assertHttpCode} from './ErrorHandling';

export interface Data {
Layer: Layer;
}
export interface Layer {
Name: string;
ParentName: string;
NamespaceName: string;
IndexedByVersion: number;
Features: Feature[];
}

export interface Feature {
Name: string;
VersionFormat: string;
NamespaceName: string;
AddedBy: string;
Version: string;
Vulnerabilities?: Vulnerability[];
}

export interface Vulnerability {
Severity: VulnerabilitySeverity;
NamespaceName: string;
Link: string;
FixedBy: string;
Description: string;
Name: string;
Metadata: VulnerabilityMetadata;
}

export interface VulnerabilityMetadata {
UpdatedBy: string;
RepoName: string;
RepoLink: string;
DistroName: string;
DistroVersion: string;
NVD: {
CVSSv3: {
Vectors: string;
Score: number;
};
};
}

export enum VulnerabilitySeverity {
Critical = 'Critical',
High = 'High',
Medium = 'Medium',
Low = 'Low',
Negligible = 'Negligible',
None = 'None',
Unknown = 'Unknown',
}

export const VulnerabilityOrder = {
[VulnerabilitySeverity.Critical]: 0,
[VulnerabilitySeverity.High]: 1,
[VulnerabilitySeverity.Medium]: 2,
[VulnerabilitySeverity.Low]: 3,
[VulnerabilitySeverity.Negligible]: 4,
[VulnerabilitySeverity.Unknown]: 5,
};

export interface SecurityDetailsResponse {
status: string;
data: Data;
}

export async function fetchSecurityDetails(
org: string,
repo: string,
digest: string,
signal: AbortSignal,
) {
const response: AxiosResponse<SecurityDetailsResponse> = await axios.get(
`/api/v1/repository/${org}/${repo}/manifest/${digest}/security?vulnerabilities=true`,
{signal},
);
assertHttpCode(response.status, 200);
return response.data as SecurityDetailsResponse;
}
79 changes: 1 addition & 78 deletions web/src/resources/TagResource.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import {
ResourceError,
throwIfError,
} from './ErrorHandling';
import {SecurityDetailsResponse} from './ManifestSecurityResource';

export interface TagsResponse {
page: number;
Expand Down Expand Up @@ -72,72 +73,6 @@ export interface ManifestByDigestResponse {
layers?: any;
}

export interface SecurityDetailsResponse {
status: string;
data: Data;
}
export interface Data {
Layer: Layer;
}
export interface Layer {
Name: string;
ParentName: string;
NamespaceName: string;
IndexedByVersion: number;
Features: Feature[];
}
export interface Feature {
Name: string;
VersionFormat: string;
NamespaceName: string;
AddedBy: string;
Version: string;
Vulnerabilities?: Vulnerability[];
}

export interface Vulnerability {
Severity: VulnerabilitySeverity;
NamespaceName: string;
Link: string;
FixedBy: string;
Description: string;
Name: string;
Metadata: VulnerabilityMetadata;
}

export interface VulnerabilityMetadata {
UpdatedBy: string;
RepoName: string;
RepoLink: string;
DistroName: string;
DistroVersion: string;
NVD: {
CVSSv3: {
Vectors: string;
Score: number;
};
};
}

export enum VulnerabilitySeverity {
Critical = 'Critical',
High = 'High',
Medium = 'Medium',
Low = 'Low',
Negligible = 'Negligible',
None = 'None',
Unknown = 'Unknown',
}

export const VulnerabilityOrder = {
[VulnerabilitySeverity.Critical]: 0,
[VulnerabilitySeverity.High]: 1,
[VulnerabilitySeverity.Medium]: 2,
[VulnerabilitySeverity.Low]: 3,
[VulnerabilitySeverity.Negligible]: 4,
[VulnerabilitySeverity.Unknown]: 5,
};

// TODO: Support cancelation signal here
export async function getTags(
org: string,
Expand Down Expand Up @@ -334,18 +269,6 @@ export async function getManifestByDigest(
return response.data;
}

export async function getSecurityDetails(
org: string,
repo: string,
digest: string,
) {
const response: AxiosResponse<SecurityDetailsResponse> = await axios.get(
`/api/v1/repository/${org}/${repo}/manifest/${digest}/security?vulnerabilities=true`,
);
assertHttpCode(response.status, 200);
return response.data;
}

export async function createTag(
org: string,
repo: string,
Expand Down
Loading
Loading