Merge pull request #2065 from devtron-labs/fix/migrate-security

fix: migrate security

Author: arunjaindev

package.json

@@ -4,7 +4,7 @@
     "private": true,
     "homepage": "/dashboard",
     "dependencies": {
-        "@devtron-labs/devtron-fe-common-lib": "0.3.14",
+        "@devtron-labs/devtron-fe-common-lib": "0.3.15",
         "@esbuild-plugins/node-globals-polyfill": "0.2.3",
         "@rjsf/core": "^5.13.3",
         "@rjsf/utils": "^5.13.3",

src/components/ResourceBrowser/ResourceList/ResourceBrowserActionMenu.tsx

@@ -99,10 +99,12 @@ const ResourceBrowserActionMenu: React.FC<ResourceBrowserActionMenuType> = ({
         setShowVulnerabilityModal(false)
     }
 
-    const showResourceScanModal = getShowResourceScanModal(
-        selectedResource?.gvk?.Kind as NodeType,
-        installedModuleMap.current?.[ModuleNameMap.SECURITY_TRIVY],
-    )
+    const showResourceScanModal =
+        getShowResourceScanModal(
+            selectedResource?.gvk?.Kind as NodeType,
+            installedModuleMap.current?.[ModuleNameMap.SECURITY_TRIVY],
+        ) && window._env_.ENABLE_RESOURCE_SCAN_V2
+
     return (
         <>
             <PopupMenu autoClose>

src/components/app/details/appDetails/AppSecurity.tsx

@@ -25,6 +25,7 @@ export const useGetAppSecurityDetails = ({
     appId,
     envId,
     installedAppId,
+    artifactId,
     imageScanDeployInfoId,
     isSecurityScanV2Enabled,
 }: UseGetAppSecurityDetailsProps): UseGetAppSecurityDetailsReturnType => {
@@ -35,8 +36,9 @@ export const useGetAppSecurityDetails = ({
     )
 
     const [executionDetailsLoading, executionDetailsResponse, executionDetailsError, reloadExecutionDetails] = useAsync(
-        () => getExecutionDetails({ appId, envId, imageScanDeployInfoId }),
-        [appId, envId, imageScanDeployInfoId],
+        () =>
+            getExecutionDetails(appId && artifactId ? { appId, artifactId } : { appId, envId, imageScanDeployInfoId }),
+        [appId, envId, imageScanDeployInfoId, artifactId],
         !isSecurityScanV2Enabled && !!appId,
     )
 

src/components/app/details/appDetails/SecurityVulnerabilityCard.tsx

@@ -38,6 +38,7 @@ export const SecurityVulnerabilityCard = ({
     appId,
     envId,
     installedAppId,
+    artifactId,
     isExternalCI,
 }: SecurityVulnerabilityCardType) => {
     const [showScanDetailsModal, setShowScanDetailsModal] = useState<boolean>(false)
@@ -46,7 +47,7 @@ export const SecurityVulnerabilityCard = ({
     const handleModalClose = () => setShowScanDetailsModal(false)
 
     const { scanDetailsLoading, scanDetailsResponse, scanDetailsError, reloadScanDetails, severityCount } =
-        useGetAppSecurityDetails({ appId: +appId, envId: +envId, installedAppId, isSecurityScanV2Enabled })
+        useGetAppSecurityDetails({ appId: +appId, envId: +envId, installedAppId, artifactId, isSecurityScanV2Enabled })
 
     // Since we get status in v2 Api only
     const imageScanFailed: boolean = isSecurityScanV2Enabled && scanDetailsResponse?.result.codeScan.status === 'Failed'

src/components/app/details/appDetails/SourceInfo.tsx

@@ -68,7 +68,6 @@ export const SourceInfo = ({
     filteredEnvIds,
     deploymentUserActionState,
 }: SourceInfoType) => {
-    const [showVulnerabilitiesCard, setShowVulnerabilitiesCard] = useState<boolean>(false)
     const isdeploymentAppDeleting = appDetails?.deploymentAppDeleteRequest || false
     const isArgoCdApp = appDetails?.deploymentAppType === DeploymentAppTypes.GITOPS
     const status = appDetails?.resourceTree?.status || ''
@@ -92,30 +91,6 @@ export const SourceInfo = ({
         message = Rollout[0].health.message
     }
 
-    const getScannedStatus = async () => {
-        const { appId, ciArtifactId } = appDetails
-        try {
-            const {
-                result: { scanEnabled, scanned },
-            } = await getLastExecutionByAppArtifactId(ciArtifactId, appId)
-            if (scanEnabled && scanned) {
-                // If scanEnabled and scanned is true, then show the vulnerabilities card
-                setShowVulnerabilitiesCard(true)
-            } else {
-                setShowVulnerabilitiesCard(false)
-            }
-        } catch (error) {
-            setShowVulnerabilitiesCard(false)
-            showError(error)
-        }
-    }
-
-    useEffect(() => {
-        if (appDetails?.ciArtifactId && appDetails?.appId) {
-            getScannedStatus()
-        }
-    }, [appDetails?.ciArtifactId, appDetails?.appId])
-
     const onClickShowCommitInfo = (e): void => {
         e.stopPropagation()
         showCommitInfo(true)
@@ -328,13 +303,12 @@ export const SourceInfo = ({
                                   filteredEnvIds={filteredEnvIds}
                               />
                           )}
-                          {!appDetails?.deploymentAppDeleteRequest &&
-                              !helmMigratedAppNotTriggered &&
-                              (showVulnerabilitiesCard || window._env_.ENABLE_RESOURCE_SCAN_V2) && (
+                          {!appDetails?.deploymentAppDeleteRequest && !helmMigratedAppNotTriggered && (
                               <SecurityVulnerabilityCard
                                   cardLoading={cardLoading}
                                   appId={params.appId}
                                   envId={params.envId}
+                                  artifactId={ciArtifactId}
                                   isExternalCI={isExternalCI}
                               />
                           )}

src/components/app/details/appDetails/appDetails.type.ts

@@ -234,6 +234,7 @@ export interface SecurityVulnerabilityCardType {
     appId?: string
     envId?: string
     installedAppId?: number
+    artifactId?: number
     isExternalCI?: boolean
 }
 
@@ -268,6 +269,7 @@ export interface UseGetAppSecurityDetailsProps {
     appId: number
     envId: number
     installedAppId?: number
+    artifactId?: number
     imageScanDeployInfoId?: number
     isSecurityScanV2Enabled: boolean
 }

src/components/app/details/triggerView/cdMaterial.tsx

@@ -1577,7 +1577,6 @@ const CDMaterial = ({
                                 isSecurityModuleInstalled={state.isSecurityModuleInstalled}
                                 artifactId={+mat.id}
                                 applicationId={appId}
-                                environmentId={envId}
                                 changesCard={renderGitMaterialInfo(mat)}
                                 isScanned={mat.scanned}
                                 isScanEnabled={mat.scanEnabled}

src/components/v2/appDetails/k8Resource/nodeType/PodPopup.tsx

@@ -31,10 +31,9 @@ const PodPopup = ({
     handleShowVulnerabilityModal,
 }: PodPopupProps) => {
     const { installedModuleMap } = useMainContext()
-    const showResourceScanModal = getShowResourceScanModal(
-        kind as NodeType,
-        installedModuleMap.current?.[ModuleNameMap.SECURITY_TRIVY],
-    )
+    const showResourceScanModal =
+        window._env_.ENABLE_RESOURCE_SCAN_V2 &&
+        getShowResourceScanModal(kind as NodeType, installedModuleMap.current?.[ModuleNameMap.SECURITY_TRIVY])
 
     const handleDescribeEvents = () => {
         describeNode(NodeDetailTabs.EVENTS)

src/components/v2/appDetails/sourceInfo/environmentStatus/EnvironmentStatus.component.tsx

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-import React, { useMemo, useState } from 'react'
+import { useMemo, useState } from 'react'
 import AppStatusDetailModal from './AppStatusDetailModal'
 import './environmentStatus.scss'
 import { ReactComponent as Alert } from '../../../assets/icons/ic-alert-triangle.svg'
@@ -40,6 +40,7 @@ import IssuesListingModal from '../../../../app/details/appDetails/IssuesListing
 import SecurityVulnerabilityCard from '../../../../app/details/appDetails/SecurityVulnerabilityCard'
 
 const AppDetailsDownloadCard = importComponentFromFELibrary('AppDetailsDownloadCard')
+const isFELibAvailable = importComponentFromFELibrary('isFELibAvailable', null, 'function')
 
 const EnvironmentStatusComponent = ({
     loadingDetails,
@@ -60,6 +61,7 @@ const EnvironmentStatusComponent = ({
     const [, notesResult] = useAsync(() => getInstalledChartNotesDetail(+params.appId, +params.envId), [])
     const [errorsList, setErrorsList] = useState<ErrorItem[]>([])
     const [showIssuesModal, toggleIssuesModal] = useState<boolean>(false)
+    const isScanV2Enabled = window._env_.ENABLE_RESOURCE_SCAN_V2 && isFELibAvailable
 
     const onClickUpgrade = () => {
         const _url = `${url.split('/').slice(0, -1).join('/')}/${URLS.APP_VALUES}`
@@ -200,7 +202,7 @@ const EnvironmentStatusComponent = ({
                     {renderLastUpdatedBlock()}
                     {renderChartUsedBlock()}
                     {renderUpgraderChartBlock()}
-                    <SecurityVulnerabilityCard cardLoading={cardLoading} installedAppId={appDetails?.installedAppId} />
+                    {isScanV2Enabled && <SecurityVulnerabilityCard cardLoading={cardLoading} installedAppId={appDetails?.installedAppId} />}
                 </div>
             )}
             {showAppStatusDetail && (

yarn.lock

@@ -1346,13 +1346,14 @@
   dependencies:
     "@jridgewell/trace-mapping" "0.3.9"
 
-"@devtron-labs/[email protected].14":
-  version "0.3.14"
-  resolved "https://registry.yarnpkg.com/@devtron-labs/devtron-fe-common-lib/-/devtron-fe-common-lib-0.3.14.tgz#cc9458ea1bd358788be920692ff956c08d8a5cbc"
-  integrity sha512-xvDze0tg84sufjbeeF4Ke7FRObgEyxW2et1IUrW3zeYFDDql7xBB4vYU8wGZCQdjBXCZEtorBKxd7WvFiFgOjg==
+"@devtron-labs/[email protected].15":
+  version "0.3.15"
+  resolved "https://registry.yarnpkg.com/@devtron-labs/devtron-fe-common-lib/-/devtron-fe-common-lib-0.3.15.tgz#280161b85463779fb94ec59a0445144b0ad5b851"
+  integrity sha512-PFZOVwZ/yW4UAXki5qS3za2YRLjRczCzw3n/cFE15jGRMX6+1jO7xBAPK7Vm/TyZjPFIsXOXvUcSX3tSOKOyDA==
   dependencies:
     "@types/react-dates" "^21.8.6"
     ansi_up "^5.2.1"
+    dayjs "^1.11.12"
     fast-json-patch "^3.1.1"
     jsonpath-plus "^9.0.0"
     react-dates "^21.8.0"
@@ -4354,6 +4355,11 @@ data-view-byte-offset@^1.0.0:
     es-errors "^1.3.0"
     is-data-view "^1.0.1"
 
+dayjs@^1.11.12:
+  version "1.11.13"
+  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.13.tgz#92430b0139055c3ebb60150aa13e860a4b5a366c"
+  integrity sha512-oaMBel6gjolK862uaPQOVTA7q3TZhuSvuMQAAglQDOWYO9A91IrAOUJEyKVlqJlHE0vq5p5UXxzdPfMH/x6xNg==
+
 dayjs@^1.11.8:
   version "1.11.11"
   resolved "https://registry.npmjs.org/dayjs/-/dayjs-1.11.11.tgz"