New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add expandable section for image vulnerability components table #5218
Add expandable section for image vulnerability components table #5218
Conversation
Skipping CI for Draft Pull Request. |
Current dependencies on/for this PR: This comment was auto-generated by Graphite. |
6b6392d
to
318fa0c
Compare
25e78fc
to
12b592e
Compare
Images are ready for the commit at 9f3f51b. To use with deploy scripts, first |
318fa0c
to
e2e729f
Compare
12b592e
to
dc03751
Compare
e2e729f
to
38a80a2
Compare
c86b935
to
4938269
Compare
38a80a2
to
7771160
Compare
4938269
to
7960f16
Compare
fc72d3a
to
57fa3a3
Compare
d181a49
to
524b1f6
Compare
expect(result.current.has(objB)).toBeTruthy(); | ||
}); | ||
|
||
test('useSet should correctly toggle items and report their membership', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As straightforward as it looks, this test actually helped uncover a bug. The toggle
function in useSet
was relying on a closure value, which failed to update correctly when multiple toggle calls happened in a row. Using the alternate form of useState
fixed the issue in the below diff:
const [itemSet, setItemSet] = useState(initialSet);
function toggle(key: T, isOn?: boolean) {
- const nextSet = new Set(itemSet);
- const shouldAdd = typeof isOn === 'undefined' ? !itemSet.has(key) : isOn;
- if (shouldAdd) {
- nextSet.add(key);
- } else {
- nextSet.delete(key);
- }
- setItemSet(nextSet);
+ setItemSet((prevSet) => {
+ const nextSet = new Set(prevSet);
+ const shouldAdd = typeof isOn === 'undefined' ? !itemSet.has(key) : isOn;
+ if (shouldAdd) {
+ nextSet.add(key);
+ } else {
+ nextSet.delete(key);
+ }
+ return nextSet;
+ });
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed, please share this at the next team meeting. Return on your investment to write tests!
Tbody, | ||
Td, | ||
ExpandableRowContent, | ||
} from '@patternfly/react-table'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prettier wrapping caused me to notice partial alphabetical order.
Do you mind to reorder here, and also in ImageComponentsTable above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aha, I've been pretty good about checking these and this one slipped by.
<Th>CVE</Th> | ||
<Th>Severity</Th> | ||
<Th>CVE Status</Th> | ||
<Th>CVE status</Th> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Bravo!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All credit to @alwayshooin for pointing this one out.
) => { | ||
const SeverityIcon: React.FC<SVGIconProps> | undefined = | ||
SeverityIcons[severity]; | ||
const severityLabel: string | undefined = vulnerabilitySeverityLabels[severity]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this is an answer to the question that I asked above about severity keys?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've been using the long form LOW_VULNERABILITY_SEVERITY
as the canonical severity type since it is what is declared in our cve.proto.ts file and what is returned in the BE queries. The explicit undefined
checks here are for a few reasons:
- The GraphQL API declares the return type of
severity
asstring
, even though from what I can tell in the code it will always be an enum type as declared in the proto. I'm not sure if there is a technical reason the API isn't declaring this as an enum as well, so I'm staying on the safe side assuming it is a string. - We have
"noImplicitAny": false
set in our tsconfig, so indexing into theSeverityIcons
here silently treatsSeverityIcon
asany
. - Even if the types were strictly declared, we could end up with an
UNKNOWN_VULNERABILITY_SEVERITY
here (RE: my comment on the other PR), which would be a type mismatch between the FE and BE declared types. - Due to all of the above, even though indexing into
SeverityIcons
should be exhaustive and safe given a "Severity", there is a small chance we could end up with a React component that isundefined
which would cause a runtime error here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for explaining. What you say makes sense.
To my original question, the newest query response adds a second convention for severity keys.
String union in frontend types corresponds to enum with string values in backend types.
It seems (to me) as if enum
in TypeScript corresponded to other languages and, at least for strings, string union has superseded it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The expandable table reminds me of your excellent solution to tree table in interview :)
A few comments, as usual.
524b1f6
to
9f3f51b
Compare
@dvail: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Description
Adds the expandable section to image single page table rows. This section contains another table with details on all image components that are affected by this CVE.
Follow ups
fixedIn
andlocation
fields always return empty strings (BE bug?)layerIndex
is always null (BE bug?)Checklist
If any of these don't apply, please comment below.
Testing Performed
Load an image single page and see that expandable arrows are now present.
Expand a row by clicking on the expand arrow on the left side of the table.
Collapse the row by clicking the arrow again.
Verify that multiple rows can be expanded at the same time.
Verify that a row with multiple components contains the correct number of rows in the embedded table.