devtron-labs · gireesh-naidu · Aug 23, 2024 · Aug 2, 2024 · Aug 2, 2024 · Aug 5, 2024
@@ -177,7 +177,7 @@ func (impl ImageScanDeployInfoRepositoryImpl) scanListQueryWithoutObject(request
 		query = query + " AND res.cve_store_name ILIKE '%" + request.CVEName + "%'"
 	}
 	if len(request.Severity) > 0 {
-		severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprintf("%d", request.Severity)), ","), "[]")
+		severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.Severity)), ","), "[]")
 		query = query + fmt.Sprintf(" AND (cs.standard_severity IN (%s) OR (cs.severity IN (%s) AND cs.standard_severity IS NULL))", severities, severities)
 	}
 	if len(request.EnvironmentIds) > 0 {
@@ -239,7 +239,7 @@ func (impl ImageScanDeployInfoRepositoryImpl) scanListQueryWithObject(request *s
 	}
 
 	if len(request.Severity) > 0 {
-		severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprintf("%d", request.Severity)), ","), "[]")
+		severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.Severity)), ","), "[]")
 		query = query + fmt.Sprintf(" AND (cs.standard_severity IN (%s) OR (cs.severity IN (%s) AND cs.standard_severity IS NULL))", severities, severities)
 	}
 	if len(request.EnvironmentIds) > 0 {

@@ -30,6 +30,9 @@ type ImageScanExecutionResult struct {
 	Package                     string   `sql:"package"`
 	Version                     string   `sql:"version"`
 	FixedVersion                string   `sql:"fixed_version"`
+	Target                      string   `sql:"target"`
+	Type                        string   `sql:"type"`
+	Class                       string   `sql:"class"`
 	CveStore                    CveStore
 	ImageScanExecutionHistory   ImageScanExecutionHistory
 }

@@ -331,6 +331,9 @@ func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.Image
 				FVersion: item.FixedVersion,
 				Package:  item.CveStore.Package,
 				Severity: item.CveStore.GetSeverity().String(),
+				Target:   item.Target,
+				Type:     item.Type,
+				Class:    item.Class,
 				//Permission: "BLOCK", TODO
 			}
 			// data already migrated hence get package, version and fixedVersion from image_scan_execution_result

@@ -25,6 +25,9 @@ type Vulnerabilities struct {
 	CVersion   string `json:"currentVersion"`
 	FVersion   string `json:"fixedVersion"`
 	Permission string `json:"permission"`
+	Target     string `json:"target"`
+	Class      string `json:"class"`
+	Type       string `json:"type"`
 }
 
 func (vul *Vulnerabilities) IsCritical() bool {

@@ -0,0 +1,3 @@
+UPDATE cve_policy_control
+SET deleted = true, updated_on = 'now()', updated_by = '1'
+WHERE severity = '3' OR severity = '5';
@@ -0,0 +1,6 @@
+
+-- severity 3 is for high and 5 is for unknown
+INSERT INTO "public"."cve_policy_control" ("global", "cluster_id", "env_id", "app_id", "cve_store_id", "action", "severity", "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
+                                                     ('t', NULL, NULL, NULL, NULL, '1', '3', 'f', 'now()', '1', 'now()', '1'),
+                                                     ('t', NULL, NULL, NULL, NULL, '1', '5', 'f', 'now()', '1', 'now()', '1');
+
@@ -0,0 +1,21 @@
+UPDATE scan_tool_metadata
+SET image_scan_descriptor_template = '[
+                                        {
+                                            "pathToVulnerabilitiesArray": "Results.#.Vulnerabilities",
+                                            "name": "VulnerabilityID",
+                                            "package": "PkgName",
+                                            "packageVersion": "InstalledVersion",
+                                            "fixedInVersion": "FixedVersion",
+                                            "severity": "Severity"
+                                        }
+                                     ]', updated_on = 'now()'
+WHERE name = 'TRIVY'
+    AND version = 'V1'
+    AND scan_target = 'IMAGE'
+    AND active = true
+    AND deleted = false;
+
+ALTER TABLE image_scan_execution_result
+    DROP COLUMN class,
+    DROP COLUMN type,
+    DROP COLUMN target;
@@ -0,0 +1,29 @@
+UPDATE scan_tool_metadata SET result_descriptor_template = '[
+      {
+        "pathToResultArray": "Results",
+        "pathToVulnerabilitiesArray": "Vulnerabilities",
+        "vulnerabilityData":{
+       		"name": "VulnerabilityID",
+        	"package": "PkgName",
+        	"packageVersion": "InstalledVersion",
+        	"fixedInVersion": "FixedVersion",
+        	"severity": "Severity"
+        },
+        "resultData":{
+  			"target":"Target",
+        	"class":"Class",
+        	"type":"Type"
+       }
+      }
+]',updated_on = 'now()'
+
+WHERE name = 'TRIVY'
+    AND version = 'V1'
+    AND scan_target = 'IMAGE'
+    AND active = true
+    AND deleted = false;
+
+ALTER TABLE image_scan_execution_result
+    ADD COLUMN class TEXT,
+    ADD COLUMN type TEXT,
+    ADD COLUMN target TEXT;