feat(images): Replace mock data implementation using storage.sbombastic.rancher.io.vulnerabilityreport objects

Author: rushk014

package.json

@@ -9,6 +9,7 @@
     "@kubernetes/client-node": "^1.3.0",
     "@rancher/components": "^0.3.0-alpha.1",
     "@rancher/shell": "3.0.5-rc.8",
+    "file-saver": "^2.0.5",
     "vue": "^3.5.17",
     "vue-router": "^4.5.0",
     "vuex": "^4.1.0"

pkg/sbombastic-image-vulnerability-scanner/components/common/AmountBarBySeverity.vue

@@ -12,7 +12,7 @@
       <div class="badge"  :class="badgeColor('high', cveAmount.high)">{{ cveAmount.high }}</div>
       <div class="badge"  :class="badgeColor('medium', cveAmount.medium)">{{ cveAmount.medium }}</div>
       <div class="badge"  :class="badgeColor('low', cveAmount.low)">{{ cveAmount.low }}</div>
-      <div class="badge"  :class="badgeColor('none', cveAmount.none)">{{ cveAmount.none }}</div>
+      <div class="badge"  :class="badgeColor('unknown', cveAmount.unknown)">{{ cveAmount.unknown }}</div>
     </div>
   </div>
 </template>
@@ -44,13 +44,13 @@
     },
     computed: {
       pecentages() {
-        let total = this.cveAmount.critical + this.cveAmount.high + this.cveAmount.medium + this.cveAmount.low + this.cveAmount.none;
+        let total = this.cveAmount.critical + this.cveAmount.high + this.cveAmount.medium + this.cveAmount.low + this.cveAmount.unknown;
         return [
           this.cveAmount.critical * 100 / total,
           this.cveAmount.high * 100 / total,
-         this.cveAmount.medium * 100 / total,
+          this.cveAmount.medium * 100 / total,
           this.cveAmount.low * 100 / total,
-          this.cveAmount.none * 100 / total,
+          this.cveAmount.unknown * 100 / total,
         ];
       }
     }
@@ -98,7 +98,7 @@
       background-color: #FDD835;
       color: rgba(255, 255, 255, 0.90);
     }
-    .badge.none {
+    .badge.unknown {
       background-color: #E0E0E0;
       color: #717179;
     }

pkg/sbombastic-image-vulnerability-scanner/config/table-headers.ts

@@ -164,7 +164,7 @@ export const IMAGE_LIST_TABLE = [
       "spec.scanResult.high",
       "spec.scanResult.medium",
       "spec.scanResult.low",
-      "spec.scanResult.none",
+      "spec.scanResult.unknown",
     ],
     width: 300,
   },

pkg/sbombastic-image-vulnerability-scanner/l10n/en-us.yaml

@@ -130,6 +130,9 @@ imageScanner:
         registry: Registry
     buttons:
       downloadCustomReport: Download custom report
+      downloadSbom: Download SBOM
+      downloadCsv: Image detail report (CSV)
+      downloadJson: Vulnerability report (JSON)
     listTable:
       checkbox:
         groupByRepo: Group by repository

pkg/sbombastic-image-vulnerability-scanner/pages/c/_cluster/sbombastic-image-vulnerability-scanner/ImageOverview.vue

@@ -1,6 +1,6 @@
 <template>
   <div class="page">
-    <div class="header-section">
+    <div class="header-section mb-20">
       <div class="title">
         {{ t("imageScanner.images.title") }}
       </div>
@@ -10,6 +10,7 @@
           :options="filterCveOptions"
           :close-on-select="true"
           :multiple="false"
+          disabled
           @selecting="changeCveFilter"
         />
       </div>
@@ -19,6 +20,7 @@
           :options="filterImageOptions"
           :close-on-select="true"
           :multiple="false"
+          disabled
           @selecting="changeImageFilter"
         />
       </div>
@@ -34,22 +36,19 @@
         </button>
       </div>
     </div>
-    <div class="summary-section">
+    <!-- <div class="summary-section">
       <TopRiskyImagesChart v-if="preprocessedDataset.topRiskyImages" :topRiskyImages="preprocessedDataset.topRiskyImages"/>
       <ImageRiskAssessment v-if="preprocessedDataset.chartData" :chartData="preprocessedDataset.chartData" :filterFn="filterBySeverity"/>
-    </div>
+    </div> -->
     <SortableTable
-      :has-advanced-filtering="false"
+      :headers="isGrouped ? REPO_BASED_TABLE : IMAGE_LIST_TABLE"
       :namespaced="false"
-      :row-actions="false"
+      :row-actions="!isGrouped"
       :table-actions="true"
-      :force-update-live-and-delayed="0"
-      :use-query-params-for-simple-filtering="true"
       :sub-expandable="isGrouped"
       :sub-rows="isGrouped"
       :sub-expand-column="isGrouped"
-      :rows="isGrouped ? preprocessedDataset.rowsByRepo : preprocessedDataset.preprocessedImages"
-      :headers="isGrouped ? REPO_BASED_TABLE : IMAGE_LIST_TABLE"
+      :rows="isGrouped ? preprocessedDataset.rowsByRepo : rows"
       :key-field="'id'"
       @selection="onSelectionChange"
     >
@@ -82,12 +81,15 @@
               :rows="row.images"
               :headers="REPO_BASED_IMAGE_LIST_TABLE"
               :search="false"
-              :row-actions="false"
+              :row-actions="true"
               :table-actions="false"
             />
           </td>
         </tr>
       </template>
+      <template #row-actions="{ row }">
+        <ActionMenu :resource="row" :custom-actions="customActions" />
+      </template>
     </SortableTable>
   </div>
 
@@ -99,11 +101,14 @@
   import LabeledSelect from "@shell/components/form/LabeledSelect";
   import DownloadCustomReport from "@pkg/components/common/DownloadCustomReport";
   import TopRiskyImagesChart from "@pkg/components/TopRiskyImagesChart";
-  import ImageRiskAssessment from "@pkg/components/ImageRiskAssessment"
-  import { images } from "@pkg/data/sbombastic.rancher.io.image";
+  import ImageRiskAssessment from "@pkg/components/ImageRiskAssessment";
+  import ActionMenu from '@shell/components/ActionMenuShell.vue';
   import { IMAGE_LIST_TABLE, REPO_BASED_TABLE, REPO_BASED_IMAGE_LIST_TABLE } from "@pkg/config/table-headers";
   import { Checkbox } from '@components/Form/Checkbox';
-import { filter } from "lodash";
+  import { RESOURCE } from "@pkg/types";
+  import { saveAs } from 'file-saver';
+
+
   export default {
     name: 'imageOverview',
     components: {
@@ -113,6 +118,7 @@ import { filter } from "lodash";
       SortableTable,
       DownloadCustomReport,
       Checkbox,
+      ActionMenu
     },
     data() {
       const filterCveOptions = [
@@ -140,7 +146,7 @@ import { filter } from "lodash";
         }
       ];
       return {
-        rows: images,
+        rows: [],
         REPO_BASED_TABLE: REPO_BASED_TABLE,
         IMAGE_LIST_TABLE: IMAGE_LIST_TABLE,
         REPO_BASED_IMAGE_LIST_TABLE: REPO_BASED_IMAGE_LIST_TABLE,
@@ -158,14 +164,59 @@ import { filter } from "lodash";
         selectedRegistry: "Any",
       }
     },
-
+    computed: {
+      customActions() {
+        const downloadSbom = {
+          action:   'downloadSbom',
+          label:    this.t('imageScanner.images.buttons.downloadSbom'),
+          icon:     'icon-download',
+          enabled:  true,
+          bulkable: false,
+          invoke:   (_, res) => {
+            this.downloadSbom(res);
+          }
+        };
+        const downloadCsv = {
+          action:   'downloadCsv',
+          label:    this.t('imageScanner.images.buttons.downloadCsv'),
+          icon:     'icon-download',
+          enabled:  true,
+          bulkable: false,
+          invoke:   async ({}, res = []) => {}
+        };
+        const downloadJson = {
+          action:   'downloadJson',
+          label:    this.t('imageScanner.images.buttons.downloadJson'),
+          icon:     'icon-download',
+          enabled:  true,
+          bulkable: false,
+          invoke:   async ({}, res = []) => {}
+        };
+        return [
+          downloadSbom, 
+          {divider: true},
+          downloadCsv,
+          downloadJson
+        ];
+      }
+    },
     async fetch() {
-      this.preprocessedDataset = this.preprocessData(this.rows);
+      await this.$store.dispatch('cluster/findAll', { type: RESOURCE.VULNERABILITY_REPORT });
+      const vulReportCRD = this.$store.getters['cluster/all']?.(RESOURCE.VULNERABILITY_REPORT);
+      this.preprocessData(vulReportCRD);
+      this.preprocessedDataset = this.preprocessData(vulReportCRD);
       this.preprocessedImagesBak = _.cloneDeep(this.preprocessedDataset.preprocessedImages);
       console.log("this.preprocessedDataset", this.preprocessedDataset)
     },
-
     methods: {
+      async downloadSbom(res) {
+        const target = (res && res.length ? res[0] : null);
+        console.log("target", target);
+        const sbom = await this.$store.dispatch('cluster/find', { type: RESOURCE.SBOM, id: target.id });
+        const spdxString = JSON.stringify(sbom.spdx, null, 2);
+        const sbomBlob = new Blob([spdxString], { type: 'application/json;charset=utf-8' });
+        saveAs(sbomBlob, `${sbom.metadata.name}-sbom.spdx.json`);
+      },
       applyFilters() {
         let filtered = _.cloneDeep(this.preprocessedImagesBak);
         if (this.selectedImageFilter.value === "excludeBaseImages" || this.selectedImageFilter === "excludeBaseImages") {
@@ -197,18 +248,28 @@ import { filter } from "lodash";
       onSelectionChange(selected) {
         this.selectedRows = selected || [];
       },
-      preprocessData(images) {
-        console.log("images", images);
-        const severityKeys = ['critical', 'high', 'medium', 'low', 'none'];
-        const chartData = {};
+      preprocessData(vulReportCRD) {
+        this.rows = [];
+        vulReportCRD.forEach(report => {
+          this.rows.push({
+            id: report.id,
+            metadata: {
+              name: `${report.imageMetadata.registry}:${report.imageMetadata.tag}`
+            },
+            spec: {
+              isBaseImage: true,
+              hasAffectedPackages: false,
+              repository: report.imageMetadata.repository,
+              registry: report.imageMetadata.registryURI,
+              scanResult: report.report.summary,
+            }
+          });
+        });
+        const severityKeys = ['critical', 'high', 'medium', 'low', 'unknown'];
         const repoMap = new Map();
         const preprocessedImages = [];
 
-        for (const key of severityKeys) {
-          chartData[key] = 0;
-        }
-
-        const topRiskyImages = images.map(image => {
+        this.rows.forEach(image => {
           let repoRec = {};
           let imageSeverity = "";
           const mapKey = `${image.spec.repository},${image.spec.registry}`;
@@ -246,9 +307,6 @@ import { filter } from "lodash";
             }
             repoMap.set(mapKey, repoRec);
           }
-          for (const key of severityKeys) {
-            chartData[key] += imageSeverity === key ? 1 : 0;
-          }
           preprocessedImages.push({
             ...image,
             severity: imageSeverity || "none",
@@ -257,27 +315,16 @@ import { filter } from "lodash";
             imageName: image.metadata.name,
             cveCnt: image.spec.scanResult,
           }
-        }).sort((a, b) => {
-          for (const key of severityKeys) {
-            const diff = (b.cveCnt[key] || 0) - (a.cveCnt[key] || 0);
-            if (diff !== 0) return diff;
-          }
-          return 0;
-        }).slice(0, 5);
+        });
         return {
           preprocessedImages,
-          topRiskyImages,
-          chartData,
           rowsByRepo: Array.from(repoMap.values())
         };
       },
       updateData(event) {
         console.log("isGrouped", this.isGrouped);
       },
     },
-
-    computed: {
-    },
   }
 
 </script>

pkg/sbombastic-image-vulnerability-scanner/types/sbombastic-image-vulnerability-scanner.ts

@@ -3,12 +3,12 @@ export const SBOMBASTIC = {
   CONTROLLER: "sbombastic",
   SERVICE: "sbombastic-service",
   SCHEMA: "sbombastic.rancher.io.registry",
-}
+};
 export const SBOMBASTIC_REPOS = {
-  CHARTS:                   'https://charts.sbombastic.io',
-  CHARTS_REPO:              'https://github.com/sbombastic/helm-charts',
-  CHARTS_REPO_GIT:          'https://github.com/sbombastic/helm-charts.git',
-  CHARTS_REPO_NAME:         'sbombastic-charts',
+  CHARTS: "https://charts.sbombastic.io",
+  CHARTS_REPO: "https://github.com/sbombastic/helm-charts",
+  CHARTS_REPO_GIT: "https://github.com/sbombastic/helm-charts.git",
+  CHARTS_REPO_NAME: "sbombastic-charts",
 };
 export const RESOURCE = {
   REGISTRY: "sbombastic.rancher.io.registry",
@@ -31,4 +31,4 @@ export interface MetadataProperty {
   label?: string;
   value?: string;
   tags?: string[];
-}
+}

yarn.lock

@@ -8319,6 +8319,11 @@ [email protected]:
   resolved "https://registry.yarnpkg.com/file-saver/-/file-saver-2.0.2.tgz#06d6e728a9ea2df2cce2f8d9e84dfcdc338ec17a"
   integrity sha512-Wz3c3XQ5xroCxd1G8b7yL0Ehkf0TC9oYC6buPFkNnU9EnaPlifeAFCyCh+iewXTyFRcg0a6j3J7FmJsIhlhBdw==
 
+file-saver@^2.0.5:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/file-saver/-/file-saver-2.0.5.tgz#d61cfe2ce059f414d899e9dd6d4107ee25670c38"
+  integrity sha512-P9bmyZ3h/PRG+Nzga+rbdI4OEpNDzAVyy74uVO9ATgzLK6VtAsYybF/+TOCvrc0MO793d6+42lLyZTw7/ArVzA==
+
 filelist@^1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/filelist/-/filelist-1.0.4.tgz#f78978a1e944775ff9e62e744424f215e58352b5"