Skip to content

ROX-29531: include advisory in output #431

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

ROX-29531: include advisory in output #431

wants to merge 2 commits into from

Conversation

RTann
Copy link

@RTann RTann commented May 29, 2025

Description

@RTann
Copy link
Author

RTann commented May 29, 2025

@janisz would you be able to help me out here? I don't know how to update the stackrox.model, so I don't know how to use the newer fields. Thanks

@janisz
Copy link
Contributor

janisz commented May 30, 2025

@RTann it's described here https://github.com/stackrox/jenkins-plugin/blob/master/README.md#updating-api-schema
It assumes the updated schema is on the demo cluster but you can take it from your local build as well.

@RTann
Copy link
Author

RTann commented May 30, 2025

@RTann it's described here https://github.com/stackrox/jenkins-plugin/blob/master/README.md#updating-api-schema It assumes the updated schema is on the demo cluster but you can take it from your local build as well.

Thanks! I missed this README and only saw the other one

RTann
RTann commented May 30, 2025
View reviewed changes
stackrox-container-image-scanner/api.yaml
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was generated by going to <staging environment>/main/apidocs then pressing the Download button. From there, I went to https://www.geeksforgeeks.org/json-to-yaml-converter/ and copy/pasted the JSON into the converter and saved the output to this file

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also re-added the security stuff at the bottom of the file

@RTann RTann force-pushed the ROX-29531 branch 5 times, most recently from 21d1484 to 4f97d1c Compare June 1, 2025 02:42
@RTann RTann marked this pull request as ready for review July 25, 2025 19:43
@RTann RTann requested a review from rhybrillou as a code owner July 25, 2025 19:43
@RTann RTann requested a review from janisz July 25, 2025 19:43
@RTann
Copy link
Author

RTann commented Jul 25, 2025

Wondering if someone can help me test this. I can't seem to build locally. I haven't used Java in over 6 years, so I don't remember how to properly set this up 😄

@janisz
Copy link
Contributor

janisz commented Jul 29, 2025

Here you are a description how to run it: https://github.com/stackrox/jenkins-plugin?tab=readme-ov-file#setup
Or you can use ./mvnw hpi:run -Djetty.port=8090 to run jenkins with installed plugin. Run it from stackrox-container-image-scanner

@janisz
Copy link
Contributor

janisz commented Jul 29, 2025

I tested it with quay.io/openshifttest/nginx-alpine:latest and Jenkins 2.395 and Stackrox v4.8.0
image

COMPONENT,VERSION,CVE,SEVERITY,FIXABLE,CVSS SCORE,SCORE TYPE,LINK,ADVISORY,ADVISORY LINK
libcrypto1.1,1.1.1l-r0,CVE-2022-0778,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2022-0778,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0464,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0464,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0215,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0215,-,-
libcrypto1.1,1.1.1l-r0,CVE-2022-4450,IMPORTANT,true,7.5,V3,https://nvd.nist.gov/vuln/detail/CVE-2022-4450,-,-
libcrypto1.1,1.1.1l-r0,CVE-2023-0286,IMPORTANT,true,7.4,V3,https://nvd.nist.gov/vuln/detail/CVE-2023-0286,-,-

You need to update js code to render new columns

jenkins-plugin/stackrox-container-image-scanner/src/main/webapp/js/renderTables.js

Line 1 in 5124135

function renderCVETable(tableId, cves) {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rhybrillou rhybrillou Awaiting requested review from rhybrillou rhybrillou is a code owner

@janisz janisz Awaiting requested review from janisz

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@RTann @janisz