Skip to content

Commit c3424d1

Browse files
prakash100198prakash100198
committed
introduce isScanEnabled in ciCompleteEvent with scanned and scan_enabled logic based on ciCompleteEvent not on the current state of ci_pipeline.scan_enabled
1 parent 99b19c5 commit c3424d1

File tree

5 files changed

+70
-30
lines changed

5 files changed

+70
-30
lines changed

pkg/eventProcessor/bean/workflowEventBean.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@ type CiCompleteEvent struct {
8282
ImageDetailsFromCR json.RawMessage `json:"imageDetailsFromCR"`
8383
PluginRegistryArtifactDetails map[string][]string `json:"PluginRegistryArtifactDetails"`
8484
PluginArtifactStage string `json:"pluginArtifactStage"`
85+
IsScanEnabled bool `json:"isScanEnabled"`
8586
pluginImageDetails *registry.ImageDetailsFromCR
8687
PluginArtifacts *PluginArtifacts `json:"pluginArtifacts"`
8788
}

pkg/eventProcessor/in/WorkflowEventProcessorService.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -678,6 +678,7 @@ func (impl *WorkflowEventProcessorImpl) BuildCiArtifactRequest(event bean.CiComp
678678
IsArtifactUploaded: event.IsArtifactUploaded,
679679
PluginRegistryArtifactDetails: pluginArtifacts,
680680
PluginArtifactStage: event.PluginArtifactStage,
681+
IsScanEnabled: event.IsScanEnabled,
681682
}
682683
// if DataSource is empty, repository.WEBHOOK is considered as default
683684
if request.DataSource == "" {

pkg/workflow/dag/WorkflowDagExecutor.go

Lines changed: 27 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ import (
5050
"github.com/devtron-labs/devtron/pkg/workflow/cd"
5151
bean4 "github.com/devtron-labs/devtron/pkg/workflow/cd/bean"
5252
bean2 "github.com/devtron-labs/devtron/pkg/workflow/dag/bean"
53+
"github.com/devtron-labs/devtron/pkg/workflow/dag/helper"
5354
error2 "github.com/devtron-labs/devtron/util/error"
5455
util2 "github.com/devtron-labs/devtron/util/event"
5556
"strings"
@@ -710,6 +711,22 @@ func (impl *WorkflowDagExecutorImpl) UpdateCiWorkflowForCiSuccess(request *bean2
710711
return nil
711712
}
712713

714+
func (impl *WorkflowDagExecutorImpl) isImageScanningPluginConfiguredInCiPipeline(ciPipelineId int) (bool, error) {
715+
var isScanPluginConfigured bool
716+
var err error
717+
plugin, err := impl.globalPluginRepository.GetPluginByName(bean3.VULNERABILITY_SCANNING_PLUGIN)
718+
if err != nil || len(plugin) == 0 {
719+
impl.logger.Errorw("error in getting image scanning plugin", "err", err)
720+
return isScanPluginConfigured, err
721+
}
722+
isScanPluginConfigured, err = impl.pipelineStageRepository.CheckPluginExistsInCiPipeline(ciPipelineId, string(repository4.PIPELINE_STAGE_TYPE_POST_CI), plugin[0].Id)
723+
if err != nil {
724+
impl.logger.Errorw("error in getting ci pipelineModal plugin", "err", err, "ciPipelineId", ciPipelineId, "pluginId", plugin[0].Id)
725+
return isScanPluginConfigured, err
726+
}
727+
return isScanPluginConfigured, nil
728+
}
729+
713730
func (impl *WorkflowDagExecutorImpl) HandleCiSuccessEvent(triggerContext triggerBean.TriggerContext, ciPipelineId int, request *bean2.CiArtifactWebhookRequest, imagePushedAt time.Time) (id int, err error) {
714731
impl.logger.Infow("webhook for artifact save", "req", request)
715732
pipelineModal, err := impl.ciPipelineRepository.FindByCiAndAppDetailsById(ciPipelineId)
@@ -720,45 +737,25 @@ func (impl *WorkflowDagExecutorImpl) HandleCiSuccessEvent(triggerContext trigger
720737
if request.PipelineName == "" {
721738
request.PipelineName = pipelineModal.Name
722739
}
723-
materialJson, err := request.MaterialInfo.MarshalJSON()
740+
materialJson, err := helper.GetMaterialInfoJson(request.MaterialInfo)
724741
if err != nil {
725-
impl.logger.Errorw("unable to marshal material metadata", "err", err)
742+
impl.logger.Errorw("unable to get materialJson", "materialInfo", request.MaterialInfo, "err", err)
726743
return 0, err
727744
}
728-
dst := new(bytes.Buffer)
729-
err = json.Compact(dst, materialJson)
730-
if err != nil {
731-
return 0, err
732-
}
733-
materialJson = dst.Bytes()
734745
createdOn := time.Now()
735746
updatedOn := time.Now()
736747
if !imagePushedAt.IsZero() {
737748
createdOn = imagePushedAt
738749
}
739-
buildArtifact := &repository.CiArtifact{
740-
Image: request.Image,
741-
ImageDigest: request.ImageDigest,
742-
MaterialInfo: string(materialJson),
743-
DataSource: request.DataSource,
744-
PipelineId: pipelineModal.Id,
745-
WorkflowId: request.WorkflowId,
746-
ScanEnabled: pipelineModal.ScanEnabled,
747-
IsArtifactUploaded: request.IsArtifactUploaded, // for backward compatibility
748-
Scanned: false,
749-
AuditLog: sql.AuditLog{CreatedBy: request.UserId, UpdatedBy: request.UserId, CreatedOn: createdOn, UpdatedOn: updatedOn},
750-
}
751-
plugin, err := impl.globalPluginRepository.GetPluginByName(bean3.VULNERABILITY_SCANNING_PLUGIN)
752-
if err != nil || len(plugin) == 0 {
753-
impl.logger.Errorw("error in getting image scanning plugin", "err", err)
754-
return 0, err
755-
}
756-
isScanPluginConfigured, err := impl.pipelineStageRepository.CheckPluginExistsInCiPipeline(pipelineModal.Id, string(repository4.PIPELINE_STAGE_TYPE_POST_CI), plugin[0].Id)
750+
buildArtifact := helper.GetBuildArtifact(request, pipelineModal.Id, materialJson, createdOn, updatedOn)
751+
752+
isScanPluginConfigured, err := impl.isImageScanningPluginConfiguredInCiPipeline(pipelineModal.Id)
757753
if err != nil {
758-
impl.logger.Errorw("error in getting ci pipelineModal plugin", "err", err, "pipelineId", pipelineModal.Id, "pluginId", plugin[0].Id)
754+
impl.logger.Errorw("error in checking isImageScanningPluginConfiguredInCiPipeline", "ciPipelineId", ciPipelineId, "err", err)
759755
return 0, err
760756
}
761-
if pipelineModal.ScanEnabled || isScanPluginConfigured {
757+
758+
if request.IsScanEnabled || isScanPluginConfigured {
762759
buildArtifact.Scanned = true
763760
buildArtifact.ScanEnabled = true
764761
}
@@ -815,11 +812,11 @@ func (impl *WorkflowDagExecutorImpl) HandleCiSuccessEvent(triggerContext trigger
815812
PipelineId: ci.Id,
816813
ParentCiArtifact: buildArtifact.Id,
817814
IsArtifactUploaded: request.IsArtifactUploaded, // for backward compatibility
818-
ScanEnabled: ci.ScanEnabled,
815+
ScanEnabled: request.IsScanEnabled,
819816
Scanned: false,
820817
AuditLog: sql.AuditLog{CreatedBy: request.UserId, UpdatedBy: request.UserId, CreatedOn: time.Now(), UpdatedOn: time.Now()},
821818
}
822-
if ci.ScanEnabled {
819+
if request.IsScanEnabled {
823820
ciArtifact.Scanned = true
824821
}
825822
ciArtifactArr = append(ciArtifactArr, ciArtifact)

pkg/workflow/dag/bean/bean.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,4 +33,5 @@ type CiArtifactWebhookRequest struct {
3333
FailureReason string `json:"failureReason"` // FailureReason is used for notifying the failure reason to the user. Should be short and user-friendly
3434
PluginRegistryArtifactDetails map[string][]string `json:"PluginRegistryArtifactDetails"` //map of registry and array of images generated by Copy container image plugin
3535
PluginArtifactStage string `json:"pluginArtifactStage"` // at which stage of CI artifact was generated by plugin ("pre_ci/post_ci")
36+
IsScanEnabled bool `json:"isScanEnabled"`
3637
}

pkg/workflow/dag/helper/helper.go

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
package helper
2+
3+
import (
4+
"bytes"
5+
"encoding/json"
6+
"github.com/devtron-labs/devtron/internal/sql/repository"
7+
"github.com/devtron-labs/devtron/pkg/sql"
8+
bean2 "github.com/devtron-labs/devtron/pkg/workflow/dag/bean"
9+
"time"
10+
)
11+
12+
func GetBuildArtifact(request *bean2.CiArtifactWebhookRequest, ciPipelineId int, materialJson []byte, createdOn, updatedOn time.Time) *repository.CiArtifact {
13+
return &repository.CiArtifact{
14+
Image: request.Image,
15+
ImageDigest: request.ImageDigest,
16+
MaterialInfo: string(materialJson),
17+
DataSource: request.DataSource,
18+
PipelineId: ciPipelineId,
19+
WorkflowId: request.WorkflowId,
20+
ScanEnabled: request.IsScanEnabled,
21+
IsArtifactUploaded: request.IsArtifactUploaded, // for backward compatibility
22+
Scanned: false,
23+
AuditLog: sql.AuditLog{CreatedBy: request.UserId, UpdatedBy: request.UserId, CreatedOn: createdOn, UpdatedOn: updatedOn},
24+
}
25+
}
26+
27+
func GetMaterialInfoJson(materialInfo json.RawMessage) ([]byte, error) {
28+
var matJson []byte
29+
materialJson, err := materialInfo.MarshalJSON()
30+
if err != nil {
31+
return matJson, err
32+
}
33+
dst := new(bytes.Buffer)
34+
err = json.Compact(dst, materialJson)
35+
if err != nil {
36+
return matJson, err
37+
}
38+
matJson = dst.Bytes()
39+
return matJson, nil
40+
}

0 commit comments

Comments
 (0)