foreman_cve_scanner 0.5.0 → 0.6.0

data/webpack/components/__tests__/CveScansTab.test.js

@@ -16,6 +16,9 @@ jest.mock('foremanReact/components/common/dates/RelativeDateTime', () => (
 ) => <span>{date || defaultValue}</span>);
 
 jest.mock('../CveFindingsModal', () => () => <div data-test="modal" />);
+jest.mock('../CveCompareModal', () => ({ isOpen, scanIds }) =>
+  isOpen ? <div data-test="compare-modal">{scanIds.join(',')}</div> : null
+);
 
 const { useAPI } = require('foremanReact/common/hooks/API/APIHooks');
 
@@ -24,13 +27,14 @@ describe('CveScansTab', () => {
     useAPI.mockReset();
   });
 
-  it('renders rows for scans', () => {
+  it('renders overview and reports sub-tabs', () => {
     const scansResponse = {
       results: [
         {
           id: 1,
-          created_at: '2026-02-20',
+          scanned_at: '2026-02-20',
           scanner: 'trivy',
+          source: 'rex',
           total: 10,
           critical: 1,
           high: 2,
@@ -39,8 +43,9 @@ describe('CveScansTab', () => {
         },
         {
           id: 2,
-          created_at: '2026-02-21',
+          scanned_at: '2026-02-21',
           scanner: 'grype',
+          source: 'external',
           total: 5,
           critical: 0,
           high: 1,
@@ -55,9 +60,158 @@ describe('CveScansTab', () => {
 
     const wrapper = mount(<CveScansTab response={{ id: 1 }} />);
 
-    expect(wrapper.text()).toContain('Reported at');
+    expect(wrapper.text()).toContain('Overview');
+    expect(wrapper.text()).toContain('Reports');
+    expect(wrapper.text()).toContain('Trend');
+    expect(wrapper.text()).toContain('Latest total');
+  });
+
+  it('opens compare modal from overview trend selection', () => {
+    const scansResponse = {
+      results: [
+        {
+          id: 1,
+          scanned_at: '2026-02-20',
+          scanner: 'trivy',
+          source: 'rex',
+          total: 10,
+          critical: 1,
+          high: 2,
+          medium: 3,
+          low: 4,
+        },
+        {
+          id: 2,
+          scanned_at: '2026-02-21',
+          scanner: 'grype',
+          source: 'external',
+          total: 5,
+          critical: 0,
+          high: 1,
+          medium: 1,
+          low: 3,
+        },
+      ],
+      total: 2,
+    };
+
+    useAPI.mockReturnValue({ response: scansResponse, status: 'RESOLVED' });
+
+    const wrapper = mount(<CveScansTab response={{ id: 1 }} />);
+
+    wrapper
+      .find('button')
+      .filterWhere(node => node.text() === 'Compare 2 reports')
+      .first()
+      .simulate('click');
+    wrapper.update();
+
+    wrapper.find('button.cve-trend-bar-button').at(0).simulate('click');
+    wrapper.find('button.cve-trend-bar-button').at(1).simulate('click');
+    wrapper.update();
+
+    expect(wrapper.find('[data-test="compare-modal"]').text()).toBe('1,2');
+  });
+
+  it('renders scan rows in the reports sub-tab', () => {
+    const scansResponse = {
+      results: [
+        {
+          id: 1,
+          scanned_at: '2026-02-20',
+          scanner: 'trivy',
+          source: 'rex',
+          total: 10,
+          critical: 1,
+          high: 2,
+          medium: 3,
+          low: 4,
+        },
+        {
+          id: 2,
+          scanned_at: '2026-02-21',
+          scanner: 'grype',
+          source: 'external',
+          total: 5,
+          critical: 0,
+          high: 1,
+          medium: 1,
+          low: 3,
+        },
+      ],
+      total: 2,
+    };
+
+    useAPI.mockReturnValue({ response: scansResponse, status: 'RESOLVED' });
+
+    const wrapper = mount(<CveScansTab response={{ id: 1 }} />);
+
+    wrapper
+      .find('[role="tab"]')
+      .filterWhere(node => node.text() === 'Reports')
+      .first()
+      .simulate('click');
+    wrapper.update();
+
+    expect(wrapper.text()).toContain('Scanned at');
     expect(wrapper.text()).toContain('trivy');
-    expect(wrapper.text()).toContain('grype');
+    expect(wrapper.text()).toContain('grype / external');
+    expect(wrapper.text()).toContain('Export CSV');
+    expect(wrapper.text()).toContain('Compare selected');
+  });
+
+  it('opens compare modal when two scans are selected', () => {
+    const scansResponse = {
+      results: [
+        {
+          id: 1,
+          scanned_at: '2026-02-20',
+          scanner: 'trivy',
+          source: 'rex',
+          total: 10,
+          critical: 1,
+          high: 2,
+          medium: 3,
+          low: 4,
+        },
+        {
+          id: 2,
+          scanned_at: '2026-02-21',
+          scanner: 'grype',
+          source: 'external',
+          total: 5,
+          critical: 0,
+          high: 1,
+          medium: 1,
+          low: 3,
+        },
+      ],
+      total: 2,
+    };
+
+    useAPI.mockReturnValue({ response: scansResponse, status: 'RESOLVED' });
+
+    const wrapper = mount(<CveScansTab response={{ id: 1 }} />);
+
+    wrapper
+      .find('[role="tab"]')
+      .filterWhere(node => node.text() === 'Reports')
+      .first()
+      .simulate('click');
+    wrapper.update();
+
+    wrapper.find('input#cve-scan-select-1').simulate('change');
+    wrapper.find('input#cve-scan-select-2').simulate('change');
+    wrapper.update();
+
+    wrapper
+      .find('button')
+      .filterWhere(node => node.text() === 'Compare selected')
+      .first()
+      .simulate('click');
+    wrapper.update();
+
+    expect(wrapper.find('[data-test="compare-modal"]').text()).toBe('1,2');
   });
 
   it('renders empty state with no scans', () => {
@@ -67,6 +221,32 @@ describe('CveScansTab', () => {
     expect(wrapper.text()).toContain('No CVE reports for this host');
   });
 
+  it('renders trend overview when recent scans have no cves', () => {
+    const scansResponse = {
+      results: [
+        {
+          id: 1,
+          scanned_at: '2026-02-20',
+          scanner: 'trivy',
+          source: 'rex',
+          total: 0,
+          critical: 0,
+          high: 0,
+          medium: 0,
+          low: 0,
+        },
+      ],
+      total: 1,
+    };
+
+    useAPI.mockReturnValue({ response: scansResponse, status: 'RESOLVED' });
+
+    const wrapper = mount(<CveScansTab response={{ id: 1 }} />);
+    expect(wrapper.text()).toContain('Trend');
+    expect(wrapper.text()).toContain('Latest total');
+    expect(wrapper.text()).toContain('0');
+  });
+
   it('does not render when host id is missing', () => {
     useAPI.mockReturnValue({ response: { results: [] }, status: 'RESOLVED' });
 

data/webpack/components/__tests__/CveTrendChart.test.js

@@ -0,0 +1,122 @@
+/* eslint-disable import/no-unresolved */
+import React from 'react';
+import { mount } from 'enzyme';
+import CveTrendChart from '../CveTrendChart';
+
+describe('CveTrendChart', () => {
+  it('renders the last scan summary and legend', () => {
+    const wrapper = mount(
+      <CveTrendChart
+        scans={[
+          {
+            id: 12,
+            scanned_at: '2026-05-14T10:00:00Z',
+            total: 18,
+            critical: 2,
+            high: 4,
+            medium: 5,
+            low: 7,
+          },
+          {
+            id: 11,
+            scanned_at: '2026-05-10T10:00:00Z',
+            total: 15,
+            critical: 1,
+            high: 3,
+            medium: 5,
+            low: 6,
+          },
+        ]}
+      />
+    );
+
+    expect(wrapper.text()).toContain('Trend');
+    expect(wrapper.text()).toContain('Last 2 scans');
+    expect(wrapper.text()).toContain('Latest total');
+    expect(wrapper.text()).toContain('18');
+    expect(wrapper.text()).toContain('Critical');
+    expect(wrapper.text()).toContain('Low');
+  });
+
+  it('opens the selected scan when a bar is clicked', () => {
+    const onOpen = jest.fn();
+    const wrapper = mount(
+      <CveTrendChart
+        scans={[
+          {
+            id: 2,
+            scanned_at: '2026-05-14T10:00:00Z',
+            total: 12,
+            critical: 2,
+            high: 3,
+            medium: 3,
+            low: 4,
+          },
+          {
+            id: 1,
+            scanned_at: '2026-05-10T10:00:00Z',
+            total: 8,
+            critical: 1,
+            high: 1,
+            medium: 2,
+            low: 4,
+          },
+        ]}
+        onOpen={onOpen}
+      />
+    );
+
+    wrapper.find('button.cve-trend-bar-button').at(0).simulate('click');
+
+    expect(onOpen).toHaveBeenCalledWith(1);
+  });
+
+  it('renders compare mode controls and uses bar clicks for selection', () => {
+    const onToggleSelection = jest.fn();
+    const onToggleCompareMode = jest.fn();
+    const onOpen = jest.fn();
+    const wrapper = mount(
+      <CveTrendChart
+        scans={[
+          {
+            id: 2,
+            scanned_at: '2026-05-14T10:00:00Z',
+            total: 12,
+            critical: 2,
+            high: 3,
+            medium: 3,
+            low: 4,
+          },
+          {
+            id: 1,
+            scanned_at: '2026-05-10T10:00:00Z',
+            total: 8,
+            critical: 1,
+            high: 1,
+            medium: 2,
+            low: 4,
+          },
+        ]}
+        compareMode
+        selectedScanIds={[2]}
+        onOpen={onOpen}
+        onToggleSelection={onToggleSelection}
+        onToggleCompareMode={onToggleCompareMode}
+      />
+    );
+
+    expect(wrapper.text()).toContain('Cancel compare');
+    expect(wrapper.text()).toContain('1/2 selected');
+
+    wrapper.find('button.cve-trend-bar-button').at(1).simulate('click');
+    wrapper
+      .find('button')
+      .filterWhere(node => node.text() === 'Cancel compare')
+      .first()
+      .simulate('click');
+
+    expect(onToggleSelection).toHaveBeenCalledWith(2);
+    expect(onOpen).not.toHaveBeenCalled();
+    expect(onToggleCompareMode).toHaveBeenCalled();
+  });
+});

data/webpack/components/__tests__/cve_helpers.test.js

@@ -3,7 +3,10 @@ import {
   severityRank,
   riskLevelFromWorst,
   formatDateTime,
+  formatScanOrigin,
+  formatScannedAt,
   compareStrings,
+  visibleScanSource,
 } from '../cve_helpers';
 
 describe('cve_helpers', () => {
@@ -33,10 +36,25 @@ describe('cve_helpers', () => {
     expect(formatDateTime('not-a-date')).toBe('not-a-date');
   });
 
+  it('formats scan origin without rex source noise', () => {
+    expect(formatScanOrigin('trivy', 'rex')).toBe('trivy');
+    expect(formatScanOrigin('grype', 'external')).toBe('grype / external');
+  });
+
+  it('formats scanned_at with unknown fallback', () => {
+    expect(formatScannedAt('2026-02-22T10:05:00Z')).toContain('2026-02-22');
+    expect(formatScannedAt('')).toBe('Unknown time');
+  });
+
   it('compares strings safely', () => {
     expect(compareStrings('a', 'b')).toBeLessThan(0);
     expect(compareStrings('b', 'a')).toBeGreaterThan(0);
     expect(compareStrings('a', 'a')).toBe(0);
     expect(compareStrings(null, 'a')).toBeLessThan(0);
   });
+
+  it('hides rex source and keeps external source visible', () => {
+    expect(visibleScanSource('rex')).toBe('');
+    expect(visibleScanSource('external')).toBe('external');
+  });
 });

data/webpack/components/cve_helpers.js

@@ -7,6 +7,47 @@ const SEVERITY_RANK = {
   MEDIUM: 2,
   LOW: 1,
 };
+const COMPARE_STATUS_RANK = {
+  new: 4,
+  resolved: 3,
+  updated: 2,
+  unchanged: 1,
+};
+const COMPARISON_DIFF_LABELS = {
+  severity: __('Severity'),
+  version: __('Version'),
+  fixed: __('Fixed'),
+  scan_status: __('Scan status'),
+  title: __('Title'),
+  published: __('Published'),
+  url: __('URL'),
+};
+
+export const comparisonFilters = [
+  { key: 'all', label: __('All') },
+  { key: 'new', label: __('New') },
+  { key: 'resolved', label: __('Resolved') },
+  { key: 'updated', label: __('Updated') },
+  { key: 'unchanged', label: __('Unchanged') },
+];
+export const comparisonColumns = [
+  { key: 'status', label: __('Status') },
+  { key: 'id', label: __('CVE') },
+  { key: 'name', label: __('Package') },
+  { key: 'severity', label: __('Severity') },
+  { key: 'version', label: __('Version') },
+  { key: 'fixed', label: __('Fixed') },
+  { key: 'scan_status', label: __('Scan status') },
+  { key: 'diff', label: __('Diff') },
+  { key: 'published', label: __('Published') },
+  { key: 'title', label: __('Title') },
+];
+export const comparisonStatusLabels = {
+  new: __('New'),
+  resolved: __('Resolved'),
+  updated: __('Updated'),
+  unchanged: __('Unchanged'),
+};
 
 export const severityRank = sev =>
   SEVERITY_RANK[(sev || '').toUpperCase()] || 0;
@@ -31,5 +72,103 @@ export const formatDateTime = value => {
 export const compareStrings = (a, b) =>
   (a || '').toString().localeCompare((b || '').toString());
 
+export const normalizeSearchInputValue = (value, event) => {
+  if (typeof value === 'string') return value;
+  if (typeof event === 'string') return event;
+  return value?.target?.value || event?.target?.value || '';
+};
+
+export const findingMatchesSearch = (finding, query) =>
+  [
+    finding.id,
+    finding.name,
+    finding.version,
+    finding.fixed,
+    finding.status,
+    finding.title,
+    finding.url,
+    finding.severity,
+  ].some(value =>
+    (value || '')
+      .toString()
+      .toLowerCase()
+      .includes(query)
+  );
+
+export const findingSorters = {
+  published: (a, b) => new Date(a.published || 0) - new Date(b.published || 0),
+  name: (a, b) => compareStrings(a.name, b.name),
+  version: (a, b) => compareStrings(a.version, b.version),
+  fixed: (a, b) => compareStrings(a.fixed, b.fixed),
+  id: (a, b) => compareStrings(a.id, b.id),
+  status: (a, b) => compareStrings(a.status, b.status),
+  title: (a, b) => compareStrings(a.title, b.title),
+  severity: (a, b) => severityRank(a.severity) - severityRank(b.severity),
+};
+
+export const comparisonStatusRank = status => COMPARE_STATUS_RANK[status] || 0;
+
+export const comparisonDiffEntries = diff =>
+  Object.entries(diff || {}).map(([field, values]) => ({
+    field,
+    label: COMPARISON_DIFF_LABELS[field] || field,
+    oldValue: values.old || '-',
+    newValue: values.new || '-',
+  }));
+
+export const formatComparisonDiff = diff =>
+  comparisonDiffEntries(diff).map(
+    entry => `${entry.label}: ${entry.oldValue} -> ${entry.newValue}`
+  );
+
+export const comparisonMatchesSearch = (row, query) =>
+  [
+    row.id,
+    row.name,
+    row.title,
+    row.published,
+    row.severity,
+    row.version,
+    row.fixed,
+    row.scan_status,
+    row.status,
+    ...formatComparisonDiff(row.diff),
+  ].some(value =>
+    (value || '')
+      .toString()
+      .toLowerCase()
+      .includes(query)
+  );
+
+export const comparisonSorters = {
+  status: (a, b) =>
+    comparisonStatusRank(a.status) - comparisonStatusRank(b.status),
+  id: (a, b) => compareStrings(a.id, b.id),
+  name: (a, b) => compareStrings(a.name, b.name),
+  published: (a, b) => new Date(a.published || 0) - new Date(b.published || 0),
+  severity: (a, b) => severityRank(a.severity) - severityRank(b.severity),
+  version: (a, b) => compareStrings(a.version, b.version),
+  fixed: (a, b) => compareStrings(a.fixed, b.fixed),
+  scan_status: (a, b) => compareStrings(a.scan_status, b.scan_status),
+  diff: (a, b) =>
+    compareStrings(
+      formatComparisonDiff(a.diff).join(' '),
+      formatComparisonDiff(b.diff).join(' ')
+    ),
+  title: (a, b) => compareStrings(a.title, b.title),
+};
+
 export const noReportsTitle = () => __('No CVE reports for this host');
 export const noReportsBody = () => __('Run a CVE scan to see results here.');
+export const noFindingsTitle = () => __('No CVEs found');
+export const noFindingsBody = () =>
+  __('The latest CVE scan found no vulnerabilities for this host.');
+export const visibleScanSource = source =>
+  (source || '').toLowerCase() === 'rex' ? '' : source || '';
+export const formatScanOrigin = (scanner, source, fallback = __('Unknown')) => {
+  const scannerLabel = scanner || fallback;
+  const visibleSource = visibleScanSource(source);
+  return visibleSource ? `${scannerLabel} / ${visibleSource}` : scannerLabel;
+};
+export const formatScannedAt = value =>
+  formatDateTime(value) || __('Unknown time');