Skip to content

ROX-29531: include advisory in output #431

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
janisz merged 7 commits into from
Dec 15, 2025
Merged

ROX-29531: include advisory in output #431

janisz merged 7 commits into from
Dec 15, 2025

Conversation

@RTann
Copy link
Contributor

@RTann RTann commented May 29, 2025

Description

@RTann
Copy link
Contributor Author

RTann commented May 29, 2025

@janisz would you be able to help me out here? I don't know how to update the stackrox.model, so I don't know how to use the newer fields. Thanks

@janisz
Copy link
Contributor

janisz commented May 30, 2025

@RTann it's described here https://github.com/stackrox/jenkins-plugin/blob/master/README.md#updating-api-schema
It assumes the updated schema is on the demo cluster but you can take it from your local build as well.

@RTann
Copy link
Contributor Author

RTann commented May 30, 2025

@RTann it's described here https://github.com/stackrox/jenkins-plugin/blob/master/README.md#updating-api-schema It assumes the updated schema is on the demo cluster but you can take it from your local build as well.

Thanks! I missed this README and only saw the other one

RTann
RTann commented May 30, 2025
View reviewed changes
stackrox-container-image-scanner/api.yaml
Copy link
Contributor Author

@RTann RTann May 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was generated by going to <staging environment>/main/apidocs then pressing the Download button. From there, I went to https://www.geeksforgeeks.org/json-to-yaml-converter/ and copy/pasted the JSON into the converter and saved the output to this file

Copy link
Contributor Author

@RTann RTann Jul 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also re-added the security stuff at the bottom of the file

@RTann RTann force-pushed the ROX-29531 branch 5 times, most recently from 21d1484 to 4f97d1c Compare June 1, 2025 02:42
@RTann RTann marked this pull request as ready for review July 25, 2025 19:43
@RTann RTann requested a review from rhybrillou as a code owner July 25, 2025 19:43
@RTann RTann requested a review from janisz July 25, 2025 19:43
@RTann
Copy link
Contributor Author

RTann commented Jul 25, 2025

Wondering if someone can help me test this. I can't seem to build locally. I haven't used Java in over 6 years, so I don't remember how to properly set this up 😄

@janisz
Copy link
Contributor

janisz commented Jul 29, 2025

Here you are a description how to run it: https://github.com/stackrox/jenkins-plugin?tab=readme-ov-file#setup
Or you can use ./mvnw hpi:run -Djetty.port=8090 to run jenkins with installed plugin. Run it from stackrox-container-image-scanner

@janisz
Copy link
Contributor

janisz commented Jul 29, 2025

I tested it with quay.io/openshifttest/nginx-alpine:latest and Jenkins 2.395 and Stackrox v4.8.0
image

COMPONENT,VERSION,CVE,SEVERITY,FIXABLE,CVSS SCORE,SCORE TYPE,LINK,ADVISORY,ADVISORY LINK
libcrypto1.1,1.1.1l-r0,CVE-2022-0778,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2022-0778,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0464,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0464,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0215,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0215,-,-
libcrypto1.1,1.1.1l-r0,CVE-2022-4450,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2022-4450,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0286,IMPORTANT,true,7.4,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0286,-,-

You need to update js code to render new columns

jenkins-plugin/stackrox-container-image-scanner/src/main/webapp/js/renderTables.js

Line 1 in 5124135

function renderCVETable(tableId, cves) {

janisz and others added 5 commits September 2, 2025 10:51
@janisz
fix: wait for scanner
c9398ab 
Signed-off-by: Tomasz Janiszewski <tomek@redhat.com>
@janisz
Apply suggestion from @janisz
dc4c6a7
@RTann @janisz
ROX-29531: include advisory in output
e256c54
@RTann @janisz
update api schema to 4.8.0
724e691
@janisz
add advisory in table
f9ebf4a 
Signed-off-by: Tomasz Janiszewski <tomek@redhat.com>
@janisz
Copy link
Contributor

janisz commented Sep 3, 2025

Added advisory to the table
localhost_8080_job_dsdaf_1_stackrox-image-security-results-b31706c8_

@janisz janisz merged commit 1d35eee into master Dec 15, 2025
5 of 6 checks passed
@janisz janisz deleted the ROX-29531 branch December 15, 2025 12:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janisz janisz janisz approved these changes

@rhybrillou rhybrillou Awaiting requested review from rhybrillou rhybrillou is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@RTann @janisz