-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add images table for Workload CVE Image single page #5175
Add images table for Workload CVE Image single page #5175
Conversation
Skipping CI for Draft Pull Request. |
Current dependencies on/for this PR: This comment was auto-generated by Graphite. |
Images are ready for the commit at 57fa3a3. To use with deploy scripts, first |
29fa098
to
ce00bf1
Compare
<Tbody> | ||
{vulnerabilities.map( | ||
({ cve, severity, isFixable, imageComponents, discoveredAtImage }) => { | ||
const SeverityIcon: React.FC<SVGIconProps> | undefined = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two reasons for the explicit type annotations:
- The backend is returning a
string
forseverity
here, instead of a GraphQL enum for the severity types. Directly accessingSeverityIcons[severity]
silently returns a type ofany
instead ofReact.FC
. - After investigating the above, I found it is technically possible for the backend to return a severity of
UNKNOWN_VULNERABILITY_SEVERITY
, which we don't handle on the front end, so it is possible that this component will beundefined
and crash the UI if the "unknown" value makes it through somehow.
import { ImageVulnerabilitiesResponse } from './hooks/useImageVulnerabilities'; | ||
import { getEntityPagePath } from './searchUtils'; | ||
|
||
export type SingleEntityVulnerabilitiesTableProps = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This table is almost identical in both the image and deployment single pages, with the exception that the image name is displayed as a column next to image components in the deployment page. The way the gql resolvers are structured make it so that we will need to do some pre-processing of the data on that page before feeding it into this table.
e.g. The query might looks something like
images {
imageVulnerabilities {
imageComponents {}
}
}
so we would need to get the image metadata from the top level and pass it down to the image components to get the UI structure we need.
Mandar is looking into possible alternate queries for this, so I didn't generalize the prop type here too much in order to avoid having to change it a lot later.
ce00bf1
to
86c9ab6
Compare
92d7f16
to
4a0f7ad
Compare
86c9ab6
to
6b6392d
Compare
e2e729f
to
38a80a2
Compare
@@ -0,0 +1,57 @@ | |||
import { gql } from '@apollo/client'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Both of the gql queries used in this section we running into the same awkwardness:
- The query and types are defined in a higher level component that was also in charge of making the request
- Child components were passed the result data and required access to the response types
- Both components requiring the type resulted in circular import errors
The two options that came to mind were:
- Move the type down to the child component, and import both the response type and child component in the parent (awkward, since the child component wasn't making the request)
- Pull the queries out into new hooks and import the type from there
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i've been doing the former tbh but pulling out into hooks is probably the cleaner solution here
4a0f7ad
to
3ff1f2f
Compare
38a80a2
to
7771160
Compare
1dce322
to
3a1a704
Compare
7771160
to
fc72d3a
Compare
fc72d3a
to
57fa3a3
Compare
<Tr> | ||
<Th>CVE</Th> | ||
<Th>Severity</Th> | ||
<Th>CVE Status</Th> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i think technically PF conventions would have this be CVE status
(https://www.patternfly.org/v4/ux-writing/capitalization)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh good catch, I'll make this change now in the next PR I'm working since CI is happy with this one as-is.
@@ -0,0 +1,57 @@ | |||
import { gql } from '@apollo/client'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i've been doing the former tbh but pulling out into hooks is probably the cleaner solution here
Description
Adds initial table support to the workload cve image page.
Does not include:
Note: this may be easier to review with GitHub's "Hide whitespace" option enabled due to some component nesting changes that make the diff look larger than it is.
TODO - For some reason this is causing either the getImageDetails or the getImageVulnerabilities graphql query to fire a second time when they both complete the initial requestsThis was due to the same
image.metadata
subresolver in both queries, but with a different field selection in each. Moving the entireimage.metadata
to the initial query and passing the result down resolves this issue (and clears up a network waterfall).Checklist
If any of these don't apply, please comment below.
Testing Performed
Load an image single page.
Mobile:
Test clicking one of the links in the CVE column: