fix: add parameters to queries

Arta Asadi · Arta Asadi · commit b5bc87df726d · 2025-04-04T21:26:51.000+02:00
diff --git a/queries/all_vulnerabilities_fixes_for_image.yaml b/queries/all_vulnerabilities_fixes_for_image.yaml
@@ -0,0 +1,45 @@
+id: all_vulnerabilities_fixes_for_image
+type: query
+title: All Vulnerabilities And Fixes For Image in parameters
+description: All Images Vulnerabilities and their details and fixes for image in parameters
+integration_type:
+  - github_account
+query: |
+  WITH ArtifactPackagesWithVulns AS (
+      SELECT DISTINCT
+          p.image_url,
+          p.artifact_id,
+          p.ecosystem,
+          p.package_name,
+          p.version,
+          v.vulnerabilities
+      FROM (
+          SELECT DISTINCT
+              image_url,
+              artifact_id,
+              (jsonb_array_elements(packages)->>'ecosystem') AS ecosystem,
+              (jsonb_array_elements(packages)->>'name') AS package_name,
+              (jsonb_array_elements(packages)->>'version') AS version
+          FROM artifact_package_list
+          WHERE artifact_url = '{{.artifactUrl}}'
+      ) AS p
+      JOIN packages_with_vulnerabilities v ON
+          p.ecosystem = v.ecosystem AND
+          p.package_name = v.package_name AND
+          p.version = v.version
+      WHERE v.vulnerabilities IS NOT NULL AND v.vulnerabilities <> '[]'::jsonb
+    )
+    SELECT
+      apv.image_url,
+      apv.artifact_id,
+      apv.ecosystem,
+      apv.package_name,
+      apv.version,
+      vuln_id,
+      ovd.*
+    FROM ArtifactPackagesWithVulns apv
+      CROSS JOIN LATERAL jsonb_array_elements_text(apv.vulnerabilities) AS v_list(vuln_id)
+      LEFT JOIN osv_vulnerability_details ovd ON v_list.vuln_id = ovd.id;
+tags:
+  platform_queries_bookmark:
+    - 'true'
diff --git a/queries/list_all_packages_vulnerabilities_for_image.yaml b/queries/list_all_packages_vulnerabilities_for_image.yaml
@@ -0,0 +1,32 @@
+id: list_all_container_packages_vulnerabilities_for_image
+type: query
+title: List all packages vulnerabilities in all containers for image
+description: Get the list of all vulnerabilities in all packages in all containers for image in parameters
+integration_type:
+    - github_account
+query: |
+    SELECT DISTINCT
+        p.image_url,
+        p.artifact_id,
+        p.ecosystem,
+        p.package_name,
+        p.version,
+        v.vulnerabilities -- Replace with the actual vulnerability column(s)
+    FROM (
+        SELECT DISTINCT
+            image_url,
+            artifact_id,
+            (jsonb_array_elements(packages)->>'ecosystem') AS ecosystem,
+            (jsonb_array_elements(packages)->>'name') AS package_name,
+            (jsonb_array_elements(packages)->>'version') AS version
+        FROM artifact_package_list
+        WHERE artifact_url = '{{.artifactUrl}}'
+        ) AS p
+    JOIN packages_with_vulnerabilities v ON
+        p.ecosystem = v.ecosystem AND
+        p.package_name = v.package_name AND
+        p.version = v.version
+    WHERE v.vulnerabilities is not null and v.vulnerabilities <> '[]';
+tags:
+    platform_queries_bookmark:
+        - 'true'
