Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cli: add command to convert Vulnerability Reports #194

Merged
merged 1 commit into from
Nov 25, 2024
Merged

cli: add command to convert Vulnerability Reports #194

merged 1 commit into from
Nov 25, 2024

Conversation

crozzy
Copy link
Collaborator

@crozzy crozzy commented Nov 15, 2024

The convert command is able to take a Vulnerability Report in JSON and covert it to Quay secscan format or sarif format.

@crozzy crozzy requested a review from a team as a code owner November 15, 2024 22:21
@crozzy crozzy requested review from RTann and removed request for a team November 15, 2024 22:21
@crozzy
Copy link
Collaborator Author

crozzy commented Nov 15, 2024

The Konflux team run the action twice because they need both report formats. This can be avoided by extracting the convert logic into it's own command.

RTann
RTann approved these changes Nov 18, 2024
View reviewed changes
cmd/clair-action/convert.go Show resolved Hide resolved
@crozzy crozzy requested a review from RTann November 21, 2024 21:50
RTann
RTann approved these changes Nov 22, 2024
View reviewed changes
Copy link

@RTann RTann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

writing to stdout LGTM at this time. Perhaps one day we may want to allow for other writers, but that day is not today

RTann
RTann reviewed Nov 22, 2024
View reviewed changes
Copy link

@RTann RTann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, I just noticed each fmt.Errorf should use %w for errors, so perhaps do that before merging

@crozzy
Copy link
Collaborator Author

crozzy commented Nov 25, 2024

Actually, I just noticed each fmt.Errorf should use %w for errors, so perhaps do that before merging

So, I thought about that when writing it and figured it wasn't going to be called outside of the CLI context so there's going to be no audience to actually unwrap the error. OTOH I can't really think of an advantage of %v.

@crozzy
cli: add command to convert Vulnerability Reports
0e0e589 
The convert command is able to take a Vulnerability Report in JSON and
covert it to Quay secscan format or sarif format.

Signed-off-by: crozzy <[email protected]>
@crozzy
Copy link
Collaborator Author

crozzy commented Nov 25, 2024

/fast-forward

@github-actions github-actions bot merged commit 0e0e589 into quay:main Nov 25, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RTann RTann RTann approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@crozzy @RTann