scan tool url changes

devtron-labs · Jan 16, 2025 · 7e05949 · 7e05949
1 parent 63110a5
commit 7e05949
Show file tree

Hide file tree

Showing 9 changed files with 46 additions and 21 deletions.
diff --git a/pkg/policyGovernance/security/imageScanning/ImageScanService.go b/pkg/policyGovernance/security/imageScanning/ImageScanService.go
@@ -481,12 +481,13 @@ func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.Image
 	}
 	// setting scan tool name if scan tool id is present
 	if imageScanResponse.ScanToolId > 0 {
-		scanToolName, err := impl.scanToolMetaDataRepository.FindNameById(imageScanResponse.ScanToolId)
+		scanToolName, scanToolUrl, err := impl.scanToolMetaDataRepository.FindNameAndUrlById(imageScanResponse.ScanToolId)
 		if err != nil {
 			impl.Logger.Errorw("error in getting scan tool name by id", "scanToolId", imageScanResponse.ScanToolId, "err", err)
 			return nil, err
 		}
 		imageScanResponse.ScanToolName = scanToolName
+		imageScanResponse.ScanToolUrl = scanToolUrl
 	}
 	return imageScanResponse, nil
 }

diff --git a/pkg/policyGovernance/security/imageScanning/adapter/adapter.go b/pkg/policyGovernance/security/imageScanning/adapter/adapter.go
@@ -41,11 +41,12 @@ func BuildImageVulnerabilityResponse(image string, vulnerabilities parser.Vulner
 	return &parser.ImageVulnerability{Image: image, Vulnerabilities: vulnerabilities, Metadata: metadata}
 }
 
-func BuildMetadata(status string, startedOn time.Time, scanToolName string) *parser.Metadata {
+func BuildMetadata(status string, startedOn time.Time, scanToolName string, scanToolUrl string) *parser.Metadata {
 	return &parser.Metadata{
 		Status:       status,
 		StartedOn:    startedOn,
 		ScanToolName: scanToolName,
+		ScanToolUrl:  scanToolUrl,
 	}
 }
 
@@ -60,7 +61,7 @@ func ExecutionDetailsToResourceScanResponseDto(respFromExecutionDetail *bean.Ima
 	}
 	vulnerabilityResponse := &parser.VulnerabilityResponse{}
 	vulnerabilities := BuildVulnerabilitiesWrapperWithSummary(respFromExecutionDetail.Vulnerabilities)
-	imageVulResp := BuildImageVulnerabilityResponse(respFromExecutionDetail.Image, *vulnerabilities, BuildMetadata(respFromExecutionDetail.Status.String(), respFromExecutionDetail.ExecutionTime, respFromExecutionDetail.ScanToolName))
+	imageVulResp := BuildImageVulnerabilityResponse(respFromExecutionDetail.Image, *vulnerabilities, BuildMetadata(respFromExecutionDetail.Status.String(), respFromExecutionDetail.ExecutionTime, respFromExecutionDetail.ScanToolName, respFromExecutionDetail.ScanToolUrl))
 	vulnerabilityResponse.Append(*imageVulResp)
 	resp.ImageScan = &parser.ImageScanResponse{Vulnerability: vulnerabilityResponse}
 	return resp

diff --git a/pkg/policyGovernance/security/imageScanning/bean/bean.go b/pkg/policyGovernance/security/imageScanning/bean/bean.go
@@ -104,6 +104,7 @@ type ImageScanExecutionDetail struct {
 	ObjectType            string                               `json:"objectType,notnull"`
 	ScanToolId            int                                  `json:"scanToolId,omitempty"`
 	ScanToolName          string                               `json:"scanToolName,omitempty"`
+	ScanToolUrl           string                               `json:"scanToolUrl,omitempty"`
 	Status                repository.ScanExecutionProcessState `json:"status,omitempty"`
 }
 

diff --git a/pkg/policyGovernance/security/imageScanning/helper/parser/types.go b/pkg/policyGovernance/security/imageScanning/helper/parser/types.go
@@ -51,6 +51,7 @@ type Metadata struct {
 	Status       string    `json:"status"`
 	StartedOn    time.Time `json:"StartedOn"`
 	ScanToolName string    `json:"scanToolName"`
+	ScanToolUrl  string    `json:"scanToolUrl"`
 }
 
 type VulnerabilityResponse struct {

diff --git a/pkg/policyGovernance/security/scanTool/repository/ScanToolMetaDataRepository.go b/pkg/policyGovernance/security/scanTool/repository/ScanToolMetaDataRepository.go
@@ -37,6 +37,7 @@ type ScanToolMetadata struct {
 	ToolMetaData             string         `sql:"tool_metadata"`
 	PluginId                 int            `sql:"plugin_id"`
 	IsPreset                 bool           `sql:"is_preset"`
+	Url                      string         `sql:"url"`
 	sql.AuditLog
 }
 
@@ -51,7 +52,7 @@ type ScanToolMetadataRepository interface {
 	MarkToolAsActive(toolName, version string, tx *pg.Tx) error
 	MarkOtherToolsInActive(toolName string, tx *pg.Tx, version string) error
 	FindActiveTool() (*ScanToolMetadata, error)
-	FindNameById(id int) (string, error)
+	FindNameAndUrlById(id int) (string, string, error)
 }
 
 type ScanToolMetadataRepositoryImpl struct {
@@ -174,12 +175,12 @@ func (repo *ScanToolMetadataRepositoryImpl) FindActiveTool() (*ScanToolMetadata,
 
 }
 
-func (repo *ScanToolMetadataRepositoryImpl) FindNameById(id int) (string, error) {
+func (repo *ScanToolMetadataRepositoryImpl) FindNameAndUrlById(id int) (string, string, error) {
 	model := &ScanToolMetadata{}
 	err := repo.dbConnection.Model(model).Column("name").Where("id = ?", id).Select()
 	if err != nil {
 		repo.logger.Errorw("error in getting tool name by id", "err", err, "id", id)
-		return "", err
+		return "", "", err
 	}
-	return model.Name, nil
+	return model.Name, model.Url, nil
 }
diff --git a/scripts/sql/31602800_aws_inspector.down.sql b/scripts/sql/31602800_aws_inspector.down.sql
@@ -0,0 +1,12 @@
+-- Begin Transaction
+BEGIN;
+---------------------------------------
+ALTER TABLE public.plugin_parent_metadata DROP COLUMN is_exposed;
+ALTER TABLE public.plugin_metadata DROP COLUMN is_exposed ;
+ALTER TABLE public.scan_tool_metadata DROP COLUMN is_preset ;
+ALTER TABLE public.scan_tool_metadata DROP COLUMN plugin_id;
+ALTER TABLE public.scan_tool_metadata DROP CONSTRAINT IF EXISTS scan_tool_metadata_name_version_unique;
+ALTER TABLE public.scan_tool_metadata ADD COLUMN url;
+
+-- ---------------------------------------------------
+COMMIT;
diff --git a/scripts/sql/31602800_aws_inspector.up.sql b/scripts/sql/31602800_aws_inspector.up.sql
@@ -0,0 +1,22 @@
+-- Begin Transaction
+BEGIN;
+-- Adding Exposed on plugin metadata and plugin parent metadata
+ALTER TABLE public.plugin_parent_metadata ADD COLUMN is_exposed bool NOT NULL DEFAULT true;
+ALTER TABLE public.plugin_metadata ADD COLUMN is_exposed bool NOT NULL DEFAULT true;
+
+-- Preset flag is added to scan_tool_metadata to define tool added by user or devtron system
+ALTER TABLE public.scan_tool_metadata ADD COLUMN is_preset bool NOT NULL DEFAULT true;
+-- Plugin Id is added to scan_tool_metadata as foreign key
+ALTER TABLE public.scan_tool_metadata ADD COLUMN plugin_id int;
+ALTER TABLE "public"."scan_tool_metadata" ADD FOREIGN KEY ("plugin_id") REFERENCES "public"."plugin_metadata" ("id");
+ALTER TABLE public.scan_tool_metadata ADD CONSTRAINT scan_tool_metadata_name_version_unique UNIQUE ("name", "version");
+
+ALTER TABLE public.scan_tool_metadata ADD COLUMN url varchar(100);
+
+UPDATE public.scan_tool_metadata SET url='https://cdn.devtron.ai/images/ic-clair.webp' WHERE name='CLAIR';
+UPDATE public.scan_tool_metadata SET url='https://cdn.devtron.ai/images/ic-trivy.webp' WHERE name='TRIVY';
+
+-- ---------------------------------------------------
+-- Commit Transaction
+-- ---------------------------------------------------
+COMMIT;
diff --git a/scripts/sql/31602801_scan_tool_metadata_patch.down.sql b/scripts/sql/31602801_scan_tool_metadata_patch.down.sql
diff --git a/scripts/sql/31602801_scan_tool_metadata_patch.up.sql b/scripts/sql/31602801_scan_tool_metadata_patch.up.sql