Closed dwertent closed 5 months ago
PR Description updated to latest commit (https://github.com/kubescape/kubevuln/commit/f2eabc249a7f11c6e26c3e6d1e72472b2bdf00aa)
AttributeApiVersion
handling in the SubmitCVE
function, includes ApiVersion
in the summary report, adds PackageType
and Coordinates
to the vulnerability result, introduces a new function GetCVESummary
to the CVERepository
interface, updates ScanCVE
function to store summary CVE if it does not exist, and implements GetCVESummary
function in various files. It also updates the version of github.com/armosec/armoapi-go
from v0.0.254
to v0.0.294
in go.mod
.๐ก General suggestions: The PR seems to be well-structured and follows good coding practices. However, it would be beneficial to include tests for the new functions introduced in this PR. This would help ensure the correctness of the code and prevent potential bugs in the future. Also, it would be helpful to add comments explaining the purpose and functionality of the new functions and changes for better maintainability.
relevant file | adapters/v1/backend.go |
suggestion | Consider handling the error when converting the `Resource` to `AttributeApiVersion`. If the conversion fails, it could lead to unexpected behavior. [important] |
relevant line | finalReport.Designators.Attributes[identifiers.AttributeApiVersion] = k8sinterface.GroupVersionResourceToString(&schema.GroupVersionResource{Resource: val}) |
relevant file | core/services/scan.go |
suggestion | The error returned by `s.cveRepository.GetCVESummary(ctx)` is not handled. It would be better to handle this error to prevent potential issues. [important] |
relevant line | if cveSumm, err := s.cveRepository.GetCVESummary(ctx); err != nil || cveSumm == nil { |
relevant file | repositories/apiserver.go |
suggestion | The error returned by `GetCVESummaryK8sResourceName(ctx)` is not handled. It would be better to handle this error to prevent potential issues. [important] |
relevant line | name, err := GetCVESummaryK8sResourceName(ctx) |
relevant file | go.mod |
suggestion | Ensure that the updated version of `github.com/armosec/armoapi-go` is compatible with the rest of the codebase and does not introduce any breaking changes. [medium] |
relevant line | github.com/armosec/armoapi-go v0.0.294 |
Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.
๐ฆ GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
Type
enhancement, bug_fix
Description
This PR primarily focuses on enhancing the reporting and handling of CVEs:
AttributeApiVersion
handling in theSubmitCVE
function inadapters/v1/backend.go
.ApiVersion
in the summary report inadapters/v1/backend_utils.go
.PackageType
andCoordinates
to the vulnerability result inadapters/v1/domain_to_armo.go
.GetCVESummary
to theCVERepository
interface incore/ports/repositories.go
.ScanCVE
function incore/services/scan.go
to store summary CVE if it does not exist.GetCVESummary
function inrepositories/apiserver.go
,repositories/broken.go
, andrepositories/memory.go
.github.com/armosec/armoapi-go
fromv0.0.254
tov0.0.294
ingo.mod
.PR changes walkthrough
1 files
mockplatform.go
adapters/mockplatform.go
**Removed unused import and error handling related to empty
reports in the `SubmitCVE` function.**
8 files
backend.go
adapters/v1/backend.go
**Added handling for `AttributeApiVersion` in the `SubmitCVE`
function.**
backend_utils.go
adapters/v1/backend_utils.go
**Added `ApiVersion` to the summary report in the `summarize`
function.**
domain_to_armo.go
adapters/v1/domain_to_armo.go
**Added `PackageType` and `Coordinates` to the vulnerability
result. Also added a function to convert syft coordinates to
coordinates.**
repositories.go
core/ports/repositories.go
**Added `GetCVESummary` function to the `CVERepository`
interface.**
scan.go
core/services/scan.go
**Added handling for storing summary CVE if it does not exist
in the `ScanCVE` function. Also added `instanceID` to the
logging information.**
apiserver.go
repositories/apiserver.go
**Added `GetCVESummary` function to retrieve summary CVE
manifest. Also updated the `StoreCVESummary` function to
handle update conflicts.**
broken.go
repositories/broken.go
**Added `GetCVESummary` function that returns a new
`VulnerabilityManifestSummary`.**
memory.go
repositories/memory.go
**Added `GetCVESummary` function that returns nil.**
1 files
go.mod
go.mod
**Updated the version of `github.com/armosec/armoapi-go` from
`v0.0.254` to `v0.0.294`.**
User description
Overview