mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-24 09:38:09 +01:00
Merge pull request #11518 from heww/fix-vulnerable-msg
fix(vulnerable): fix the wrong count of vulnerabilities in message
This commit is contained in:
commit
d0cd103e02
@ -143,8 +143,13 @@ func Middleware() func(http.Handler) http.Handler {
|
|||||||
|
|
||||||
// Do judgement
|
// Do judgement
|
||||||
if summary.Severity.Code() >= projectSeverity.Code() {
|
if summary.Severity.Code() >= projectSeverity.Code() {
|
||||||
msg := fmt.Sprintf(`current image with %d vulnerabilities cannot be pulled due to configured policy in 'Prevent images with vulnerability severity of "%s" or higher from running.' `+
|
thing := "vulnerability"
|
||||||
`To continue with pull, please contact your project administrator to exempt matched vulnerabilities through configuring the CVE whitelist.`, summary.TotalCount, projectSeverity)
|
if summary.Summary.Total > 1 {
|
||||||
|
thing = "vulnerabilities"
|
||||||
|
}
|
||||||
|
msg := fmt.Sprintf(`current image with %d %s cannot be pulled due to configured policy in 'Prevent images with vulnerability severity of "%s" or higher from running.' `+
|
||||||
|
`To continue with pull, please contact your project administrator to exempt matched vulnerabilities through configuring the CVE whitelist.`,
|
||||||
|
summary.Summary.Total, thing, projectSeverity)
|
||||||
return errors.New(nil).WithCode(errors.PROJECTPOLICYVIOLATION).WithMessage(msg)
|
return errors.New(nil).WithCode(errors.PROJECTPOLICYVIOLATION).WithMessage(msg)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -339,19 +339,44 @@ func (suite *MiddlewareTestSuite) TestPrevented() {
|
|||||||
mock.OnAnything(suite.artifactController, "GetByReference").Return(suite.artifact, nil)
|
mock.OnAnything(suite.artifactController, "GetByReference").Return(suite.artifact, nil)
|
||||||
mock.OnAnything(suite.projectController, "Get").Return(suite.project, nil)
|
mock.OnAnything(suite.projectController, "Get").Return(suite.project, nil)
|
||||||
mock.OnAnything(suite.checker, "IsScannable").Return(true, nil)
|
mock.OnAnything(suite.checker, "IsScannable").Return(true, nil)
|
||||||
|
|
||||||
|
{
|
||||||
|
// only one vulnerability
|
||||||
mock.OnAnything(suite.scanController, "GetSummary").Return(map[string]interface{}{
|
mock.OnAnything(suite.scanController, "GetSummary").Return(map[string]interface{}{
|
||||||
v1.MimeTypeNativeReport: &vuln.NativeReportSummary{
|
v1.MimeTypeNativeReport: &vuln.NativeReportSummary{
|
||||||
ScanStatus: "Success",
|
ScanStatus: "Success",
|
||||||
Severity: vuln.Critical,
|
Severity: vuln.Critical,
|
||||||
Summary: &vuln.VulnerabilitySummary{Total: 1},
|
Summary: &vuln.VulnerabilitySummary{Total: 1},
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil).Once()
|
||||||
|
|
||||||
req := suite.makeRequest()
|
req := suite.makeRequest()
|
||||||
rr := httptest.NewRecorder()
|
rr := httptest.NewRecorder()
|
||||||
|
|
||||||
Middleware()(suite.next).ServeHTTP(rr, req)
|
Middleware()(suite.next).ServeHTTP(rr, req)
|
||||||
suite.Equal(rr.Code, http.StatusPreconditionFailed)
|
suite.Equal(rr.Code, http.StatusPreconditionFailed)
|
||||||
|
|
||||||
|
suite.Contains(rr.Body.String(), "current image with 1 vulnerability cannot be pulled")
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
// multiple vulnerabilities
|
||||||
|
mock.OnAnything(suite.scanController, "GetSummary").Return(map[string]interface{}{
|
||||||
|
v1.MimeTypeNativeReport: &vuln.NativeReportSummary{
|
||||||
|
ScanStatus: "Success",
|
||||||
|
Severity: vuln.Critical,
|
||||||
|
Summary: &vuln.VulnerabilitySummary{Total: 2},
|
||||||
|
},
|
||||||
|
}, nil).Once()
|
||||||
|
|
||||||
|
req := suite.makeRequest()
|
||||||
|
rr := httptest.NewRecorder()
|
||||||
|
|
||||||
|
Middleware()(suite.next).ServeHTTP(rr, req)
|
||||||
|
suite.Equal(rr.Code, http.StatusPreconditionFailed)
|
||||||
|
|
||||||
|
suite.Contains(rr.Body.String(), "current image with 2 vulnerabilities cannot be pulled")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *MiddlewareTestSuite) TestArtifactIsImageIndex() {
|
func (suite *MiddlewareTestSuite) TestArtifactIsImageIndex() {
|
||||||
|
Loading…
Reference in New Issue
Block a user