Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

154 vulnerability scans accessible through api or grafana #115

Merged
merged 13 commits into from
Feb 21, 2025
Merged

154 vulnerability scans accessible through api or grafana #115

merged 13 commits into from
Feb 21, 2025

Conversation

Richard87
Copy link
Contributor

@Richard87 Richard87 commented Feb 20, 2025
edited
Loading

Summary is shown on get application and get environment, when component or job is specified, full list of vulnerabilities is shown.

Relevant Flags:
  -a, --application string       Name of the application
  -e, --environment string       Optional, name of the environment
      --component string         Optional, name of a component or job. Requires 'environment'
      --fail-on-critical         Fail with exitcode 2 if a critical vulnerability is found
      --output string            Optional, output json instead of text formatting (default "text")tput

image

@Richard87 Richard87 requested a review from satr February 20, 2025 14:54
@Richard87 Richard87 self-assigned this Feb 20, 2025
@Richard87 Richard87 marked this pull request as ready for review February 20, 2025 14:54
satr
satr reviewed Feb 20, 2025
View reviewed changes
satr
satr reviewed Feb 20, 2025
View reviewed changes
cmd/getVulnerability.go
rx get vulnerability --application radix-test --copmonent frontend

# Get a vulnerability scan results for job compute for an application radix-test, this also includes details about the vulnerability instead of a summary
rx get vulnerability --application radix-test --job compute
Copy link
Contributor

@satr satr Feb 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do not distinguish between component and job-component in another commands, maybe job can be confusing with pipeline-job. Can we use job-component or just figure out this internally, using only component?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, we could by sending a few api calls extra, but the vulnerability api is seperate for jobs vs components?

satr
satr reviewed Feb 20, 2025
View reviewed changes
cmd/getVulnerability.go Outdated
os.Exit(2)
}
return nil
} else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unnecessary else

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

satr
satr reviewed Feb 20, 2025
View reviewed changes
satr
satr previously approved these changes Feb 20, 2025
View reviewed changes
Copy link
Contributor

@satr satr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With suggestions

@Richard87 @satr
Update cmd/getVulnerability.go
5f919f3 
Co-authored-by: Sergey Smolnikov <ssmol@equinor.com>
satr
satr previously approved these changes Feb 21, 2025
View reviewed changes
@Richard87 @satr
Update cmd/getVulnerability.go
93e973d 
Co-authored-by: Sergey Smolnikov <ssmol@equinor.com>
@Richard87
Copy link
Contributor Author

removed job flag and kept only component

@Richard87 Richard87 requested a review from satr February 21, 2025 09:47
@Richard87 Richard87 merged commit 13a6146 into master Feb 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@satr satr satr approved these changes

Assignees

@Richard87 Richard87

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Richard87 @satr