feat(cli): Resolve report owners to be consistent with operator #731

danielpacak · 2021-10-04T13:51:17Z

feat(cli): Resolve report owners to be consistent with operator

Starboard CLI was not consistent with Starboard Operator
when it comes to assigning VulnerabilityReports and ConfigAuditReports
to K8s workloads. For example, the report generated by the following
command was controlled by the nginx Deployment, whereas the Operator
would associate it with the active ReplicaSet (aka current revision).

starboard scan vulnerabilityreports deploy/nginx

With this patch Starboard CLI will resolve the current revision of
a Deployment and use it as the owner of VulnerabilityReport and
ConfigAuditReport instances.

Signed-off-by: Daniel Pacak pacak.daniel@gmail.com

codecov · 2021-10-04T13:55:40Z

Codecov Report

Merging #731 (36fea93) into main (c45a06a) will decrease coverage by 65.64%.
The diff coverage is n/a.

❗ Current head 36fea93 differs from pull request most recent head d97f1a7. Consider uploading reports for the commit d97f1a7 to get more accurate results

@@            Coverage Diff            @@
##             main   #731       +/-   ##
=========================================
- Coverage   65.64%      0   -65.65%     
=========================================
  Files          58      0       -58     
  Lines        6191      0     -6191     
=========================================
- Hits         4064      0     -4064     
+ Misses       1723      0     -1723     
+ Partials      404      0      -404

Impacted Files	Coverage Δ
pkg/ext/lang.go
pkg/cmd/scan_ciskubebenchreports.go
pkg/configauditreport/builder.go
pkg/report/sort.go
pkg/operator/controller/vulnerabilityreport.go
pkg/operator/operator.go
pkg/kubebench/io.go
pkg/configauditreport/io.go
pkg/vulnerabilityreport/sort.go
pkg/plugin/factory.go
... and 45 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c45a06a...d97f1a7. Read the comment docs.

Starboard CLI was not consistent with Starboard Operator when it comes to assigning VulnerabilityReports and ConfigAuditReports to K8s workloads. For example, the report generated by the following command was controlled by the nginx Deployment, whereas the Operator would associate it with the active ReplicaSet (aka current revision). starboard scan vulnerabilityreports deploy/nginx With this patch Starboard CLI will resolve the current revision of a Deployment and use it as the owner of VulnerabilityReport and ConfigAuditReport instances. Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

simar7

lgtm! clean tests ❇️

danielpacak marked this pull request as ready for review October 5, 2021 15:20

danielpacak requested a review from simar7 October 5, 2021 15:39

simar7 approved these changes Oct 5, 2021

View reviewed changes

danielpacak merged commit f8a500f into aquasecurity:main Oct 6, 2021

danielpacak deleted the cli_report_owner branch October 6, 2021 07:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(cli): Resolve report owners to be consistent with operator #731

feat(cli): Resolve report owners to be consistent with operator #731

danielpacak commented Oct 4, 2021 •

edited

Loading

codecov bot commented Oct 4, 2021 •

edited

Loading

simar7 left a comment

feat(cli): Resolve report owners to be consistent with operator #731

feat(cli): Resolve report owners to be consistent with operator #731

Conversation

danielpacak commented Oct 4, 2021 • edited Loading

codecov bot commented Oct 4, 2021 • edited Loading

Codecov Report

simar7 left a comment

Choose a reason for hiding this comment

danielpacak commented Oct 4, 2021 •

edited

Loading

codecov bot commented Oct 4, 2021 •

edited

Loading