foreman_cve_scanner 0.5.1 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +101 -3
- data/app/controllers/api/v2/cve_scans_controller.rb +170 -1
- data/app/models/foreman_cve_scanner/cve_scan.rb +15 -2
- data/app/models/host_status/cve_status.rb +3 -1
- data/app/services/concerns/foreman_cve_scanner/profiles_uploader.rb +25 -0
- data/app/services/foreman_cve_scanner/cve_report_scanner.rb +3 -6
- data/app/services/foreman_cve_scanner/scan_cleanup.rb +34 -0
- data/app/services/foreman_cve_scanner/scan_comparison.rb +145 -0
- data/app/services/foreman_cve_scanner/scan_importer.rb +17 -15
- data/app/views/api/v2/cve_scans/base.json.rabl +1 -1
- data/app/views/api/v2/cve_scans/main.json.rabl +1 -1
- data/app/views/foreman_cve_scanner/job_templates/install_cve_scanners.erb +3 -3
- data/app/views/foreman_cve_scanner/job_templates/run_cve_scanner.erb +5 -3
- data/config/routes.rb +6 -1
- data/db/migrate/20260514080000_add_source_and_scanned_at_to_foreman_cve_scanner_cve_scans.rb +26 -0
- data/lib/foreman_cve_scanner/engine.rb +68 -17
- data/lib/foreman_cve_scanner/template_helpers.rb +28 -0
- data/lib/foreman_cve_scanner/version.rb +1 -1
- data/lib/tasks/foreman_cve_scanner_tasks.rake +11 -0
- data/package.json +1 -1
- data/test/controllers/api/v2/cve_scans_controller_test.rb +260 -5
- data/test/lib/foreman_cve_scanner/profiles_uploader_test.rb +84 -0
- data/test/lib/foreman_cve_scanner/template_helpers_test.rb +29 -0
- data/test/models/foreman_cve_scanner/cve_scan_test.rb +120 -0
- data/test/models/host_status/cve_status_test.rb +12 -3
- data/test/services/foreman_cve_scanner/scan_cleanup_test.rb +69 -0
- data/test/services/foreman_cve_scanner/scan_comparison_test.rb +84 -0
- data/test/services/foreman_cve_scanner/scan_importer_test.rb +68 -5
- data/webpack/components/CveCompareModal.js +298 -0
- data/webpack/components/CveDetailsCard.js +141 -121
- data/webpack/components/CveFindingsModal.js +131 -111
- data/webpack/components/CveScansReports.js +227 -0
- data/webpack/components/CveScansTab.js +122 -119
- data/webpack/components/CveTrendChart.js +264 -0
- data/webpack/components/__tests__/CveCompareModal.test.js +104 -0
- data/webpack/components/__tests__/CveDetailsCard.test.js +106 -20
- data/webpack/components/__tests__/CveFindingsModal.test.js +54 -2
- data/webpack/components/__tests__/CveScansTab.test.js +185 -5
- data/webpack/components/__tests__/CveTrendChart.test.js +122 -0
- data/webpack/components/__tests__/cve_helpers.test.js +18 -0
- data/webpack/components/cve_helpers.js +139 -0
- data/webpack/components/cve_scans.scss +464 -9
- data/webpack/components/useModalScan.js +26 -0
- metadata +24 -3
- data/webpack/components/CveHistoryTable.js +0 -58
- data/webpack/components/CveOverviewCard.js +0 -67
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_cve_scanner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Bernhard Suttner
|
|
@@ -72,7 +72,10 @@ files:
|
|
|
72
72
|
- app/models/concerns/foreman_cve_scanner/host_extensions.rb
|
|
73
73
|
- app/models/foreman_cve_scanner/cve_scan.rb
|
|
74
74
|
- app/models/host_status/cve_status.rb
|
|
75
|
+
- app/services/concerns/foreman_cve_scanner/profiles_uploader.rb
|
|
75
76
|
- app/services/foreman_cve_scanner/cve_report_scanner.rb
|
|
77
|
+
- app/services/foreman_cve_scanner/scan_cleanup.rb
|
|
78
|
+
- app/services/foreman_cve_scanner/scan_comparison.rb
|
|
76
79
|
- app/services/foreman_cve_scanner/scan_importer.rb
|
|
77
80
|
- app/views/api/v2/cve_scans/base.json.rabl
|
|
78
81
|
- app/views/api/v2/cve_scans/index.json.rabl
|
|
@@ -83,9 +86,11 @@ files:
|
|
|
83
86
|
- app/views/foreman_cve_scanner/job_templates/run_cve_scanner.erb
|
|
84
87
|
- config/routes.rb
|
|
85
88
|
- db/migrate/20260221000000_create_foreman_cve_scanner_cve_scans.rb
|
|
89
|
+
- db/migrate/20260514080000_add_source_and_scanned_at_to_foreman_cve_scanner_cve_scans.rb
|
|
86
90
|
- db/seeds.d/75_job_templates.rb
|
|
87
91
|
- lib/foreman_cve_scanner.rb
|
|
88
92
|
- lib/foreman_cve_scanner/engine.rb
|
|
93
|
+
- lib/foreman_cve_scanner/template_helpers.rb
|
|
89
94
|
- lib/foreman_cve_scanner/version.rb
|
|
90
95
|
- lib/tasks/foreman_cve_scanner_seeds.rake
|
|
91
96
|
- lib/tasks/foreman_cve_scanner_tasks.rake
|
|
@@ -95,23 +100,32 @@ files:
|
|
|
95
100
|
- test/controllers/api/v2/cve_scans_controller_test.rb
|
|
96
101
|
- test/fixtures/grype.json
|
|
97
102
|
- test/fixtures/trivy.json
|
|
103
|
+
- test/lib/foreman_cve_scanner/profiles_uploader_test.rb
|
|
104
|
+
- test/lib/foreman_cve_scanner/template_helpers_test.rb
|
|
105
|
+
- test/models/foreman_cve_scanner/cve_scan_test.rb
|
|
98
106
|
- test/models/host_status/cve_status_test.rb
|
|
99
107
|
- test/services/foreman_cve_scanner/cve_report_scanner_test.rb
|
|
108
|
+
- test/services/foreman_cve_scanner/scan_cleanup_test.rb
|
|
109
|
+
- test/services/foreman_cve_scanner/scan_comparison_test.rb
|
|
100
110
|
- test/services/foreman_cve_scanner/scan_importer_test.rb
|
|
101
111
|
- test/test_plugin_helper.rb
|
|
112
|
+
- webpack/components/CveCompareModal.js
|
|
102
113
|
- webpack/components/CveDetailsCard.js
|
|
103
114
|
- webpack/components/CveFindingsModal.js
|
|
104
|
-
- webpack/components/
|
|
105
|
-
- webpack/components/CveOverviewCard.js
|
|
115
|
+
- webpack/components/CveScansReports.js
|
|
106
116
|
- webpack/components/CveScansTab.js
|
|
107
117
|
- webpack/components/CveSummaryCell.js
|
|
118
|
+
- webpack/components/CveTrendChart.js
|
|
108
119
|
- webpack/components/SeverityIcon.js
|
|
120
|
+
- webpack/components/__tests__/CveCompareModal.test.js
|
|
109
121
|
- webpack/components/__tests__/CveDetailsCard.test.js
|
|
110
122
|
- webpack/components/__tests__/CveFindingsModal.test.js
|
|
111
123
|
- webpack/components/__tests__/CveScansTab.test.js
|
|
124
|
+
- webpack/components/__tests__/CveTrendChart.test.js
|
|
112
125
|
- webpack/components/__tests__/cve_helpers.test.js
|
|
113
126
|
- webpack/components/cve_helpers.js
|
|
114
127
|
- webpack/components/cve_scans.scss
|
|
128
|
+
- webpack/components/useModalScan.js
|
|
115
129
|
- webpack/fills.js
|
|
116
130
|
- webpack/fills_index.js
|
|
117
131
|
- webpack/index.js
|
|
@@ -145,11 +159,18 @@ test_files:
|
|
|
145
159
|
- test/controllers/api/v2/cve_scans_controller_test.rb
|
|
146
160
|
- test/fixtures/grype.json
|
|
147
161
|
- test/fixtures/trivy.json
|
|
162
|
+
- test/lib/foreman_cve_scanner/profiles_uploader_test.rb
|
|
163
|
+
- test/lib/foreman_cve_scanner/template_helpers_test.rb
|
|
164
|
+
- test/models/foreman_cve_scanner/cve_scan_test.rb
|
|
148
165
|
- test/models/host_status/cve_status_test.rb
|
|
149
166
|
- test/services/foreman_cve_scanner/cve_report_scanner_test.rb
|
|
167
|
+
- test/services/foreman_cve_scanner/scan_cleanup_test.rb
|
|
168
|
+
- test/services/foreman_cve_scanner/scan_comparison_test.rb
|
|
150
169
|
- test/services/foreman_cve_scanner/scan_importer_test.rb
|
|
151
170
|
- test/test_plugin_helper.rb
|
|
171
|
+
- webpack/components/__tests__/CveCompareModal.test.js
|
|
152
172
|
- webpack/components/__tests__/CveDetailsCard.test.js
|
|
153
173
|
- webpack/components/__tests__/CveFindingsModal.test.js
|
|
154
174
|
- webpack/components/__tests__/CveScansTab.test.js
|
|
175
|
+
- webpack/components/__tests__/CveTrendChart.test.js
|
|
155
176
|
- webpack/components/__tests__/cve_helpers.test.js
|
|
@@ -1,58 +0,0 @@
|
|
|
1
|
-
/* eslint-disable import/no-unresolved */
|
|
2
|
-
import React from 'react';
|
|
3
|
-
import PropTypes from 'prop-types';
|
|
4
|
-
import { Table, Thead, Tbody, Tr, Th, Td } from '@patternfly/react-table';
|
|
5
|
-
import { Button } from '@patternfly/react-core';
|
|
6
|
-
import { translate as __ } from 'foremanReact/common/I18n';
|
|
7
|
-
import RelativeDateTime from 'foremanReact/components/common/dates/RelativeDateTime';
|
|
8
|
-
|
|
9
|
-
const CveHistoryTable = ({ scans, onOpen }) => (
|
|
10
|
-
<Table
|
|
11
|
-
variant="compact"
|
|
12
|
-
aria-label="CVE scan history table"
|
|
13
|
-
ouiaId="cve-details-history-table"
|
|
14
|
-
>
|
|
15
|
-
<Thead>
|
|
16
|
-
<Tr ouiaId="cve-details-history-header">
|
|
17
|
-
<Th>{__('Reported at')}</Th>
|
|
18
|
-
<Th>{__('Scanner')}</Th>
|
|
19
|
-
<Th>{__('Total')}</Th>
|
|
20
|
-
</Tr>
|
|
21
|
-
</Thead>
|
|
22
|
-
<Tbody>
|
|
23
|
-
{scans.map((scan, index) => (
|
|
24
|
-
<Tr key={scan.id} ouiaId={`cve-details-history-row-${index}`}>
|
|
25
|
-
<Td dataLabel={__('Reported at')}>
|
|
26
|
-
<Button
|
|
27
|
-
variant="link"
|
|
28
|
-
className="cve-summary-link"
|
|
29
|
-
onClick={() => onOpen(scan.id, 'all')}
|
|
30
|
-
ouiaId={`cve-details-history-open-${scan.id}`}
|
|
31
|
-
>
|
|
32
|
-
<RelativeDateTime
|
|
33
|
-
date={scan.created_at}
|
|
34
|
-
defaultValue={__('Unknown time')}
|
|
35
|
-
/>
|
|
36
|
-
</Button>
|
|
37
|
-
</Td>
|
|
38
|
-
<Td dataLabel={__('Scanner')}>{scan.scanner}</Td>
|
|
39
|
-
<Td dataLabel={__('Total')}>{scan.total}</Td>
|
|
40
|
-
</Tr>
|
|
41
|
-
))}
|
|
42
|
-
</Tbody>
|
|
43
|
-
</Table>
|
|
44
|
-
);
|
|
45
|
-
|
|
46
|
-
CveHistoryTable.propTypes = {
|
|
47
|
-
scans: PropTypes.arrayOf(
|
|
48
|
-
PropTypes.shape({
|
|
49
|
-
id: PropTypes.number.isRequired,
|
|
50
|
-
created_at: PropTypes.string,
|
|
51
|
-
scanner: PropTypes.string,
|
|
52
|
-
total: PropTypes.number,
|
|
53
|
-
})
|
|
54
|
-
).isRequired,
|
|
55
|
-
onOpen: PropTypes.func.isRequired,
|
|
56
|
-
};
|
|
57
|
-
|
|
58
|
-
export default CveHistoryTable;
|
|
@@ -1,67 +0,0 @@
|
|
|
1
|
-
/* eslint-disable import/no-unresolved */
|
|
2
|
-
import React from 'react';
|
|
3
|
-
import PropTypes from 'prop-types';
|
|
4
|
-
import { Text, TextContent, TextVariants } from '@patternfly/react-core';
|
|
5
|
-
import { useAPI } from 'foremanReact/common/hooks/API/APIHooks';
|
|
6
|
-
import { foremanUrl } from 'foremanReact/common/helpers';
|
|
7
|
-
import { translate as __ } from 'foremanReact/common/I18n';
|
|
8
|
-
import CardTemplate from 'foremanReact/components/HostDetails/Templates/CardItem/CardTemplate';
|
|
9
|
-
import SkeletonLoader from 'foremanReact/components/common/SkeletonLoader';
|
|
10
|
-
import { STATUS } from 'foremanReact/constants';
|
|
11
|
-
import SeverityIcon from './SeverityIcon';
|
|
12
|
-
import { noReportsTitle } from './cve_helpers';
|
|
13
|
-
import './cve_scans.scss';
|
|
14
|
-
|
|
15
|
-
const CveOverviewCard = ({ hostDetails }) => {
|
|
16
|
-
const hostId = hostDetails?.id;
|
|
17
|
-
const url = hostId
|
|
18
|
-
? foremanUrl(`/api/v2/hosts/${hostId}/cve_scans/latest`)
|
|
19
|
-
: null;
|
|
20
|
-
const { response, status } = useAPI('get', url, {
|
|
21
|
-
key: `CVE_OVERVIEW_${hostId}`,
|
|
22
|
-
});
|
|
23
|
-
|
|
24
|
-
if (!hostId) return null;
|
|
25
|
-
|
|
26
|
-
const total = response?.total || 0;
|
|
27
|
-
const worst = response?.summary?.worst || 'none';
|
|
28
|
-
|
|
29
|
-
return (
|
|
30
|
-
<CardTemplate header={__('CVE findings')}>
|
|
31
|
-
<SkeletonLoader status={status || STATUS.PENDING}>
|
|
32
|
-
{!response ? (
|
|
33
|
-
<TextContent ouiaId="cve-overview-empty">
|
|
34
|
-
<Text
|
|
35
|
-
component={TextVariants.small}
|
|
36
|
-
ouiaId="cve-overview-empty-text"
|
|
37
|
-
>
|
|
38
|
-
{noReportsTitle()}
|
|
39
|
-
</Text>
|
|
40
|
-
</TextContent>
|
|
41
|
-
) : (
|
|
42
|
-
<div className="cve-overview">
|
|
43
|
-
<div className="cve-summary">
|
|
44
|
-
<SeverityIcon severity={worst} />
|
|
45
|
-
<Text component={TextVariants.h2} ouiaId="cve-overview-total">
|
|
46
|
-
{total}
|
|
47
|
-
</Text>
|
|
48
|
-
</div>
|
|
49
|
-
<Text component={TextVariants.small} ouiaId="cve-overview-caption">
|
|
50
|
-
{__('Total findings in latest scan')}
|
|
51
|
-
</Text>
|
|
52
|
-
</div>
|
|
53
|
-
)}
|
|
54
|
-
</SkeletonLoader>
|
|
55
|
-
</CardTemplate>
|
|
56
|
-
);
|
|
57
|
-
};
|
|
58
|
-
|
|
59
|
-
CveOverviewCard.propTypes = {
|
|
60
|
-
hostDetails: PropTypes.shape({ id: PropTypes.number }),
|
|
61
|
-
};
|
|
62
|
-
|
|
63
|
-
CveOverviewCard.defaultProps = {
|
|
64
|
-
hostDetails: undefined,
|
|
65
|
-
};
|
|
66
|
-
|
|
67
|
-
export default CveOverviewCard;
|