chore: Bump up dependency starboard from v0.6.0 to v0.7.0 (#70)

Signed-off-by: Daniel Pacak <[email protected]>

.github/workflows/build.yaml

@@ -20,5 +20,5 @@ jobs:
       - name: Release snapshot
         uses: goreleaser/goreleaser-action@v2
         with:
-          verson: v0.143.0
+          verson: v0.145.0
           args: release --snapshot --skip-publish --rm-dist

.github/workflows/release.yaml

@@ -19,7 +19,7 @@ jobs:
       - name: Release
         uses: goreleaser/goreleaser-action@v2
         with:
-          version: v0.143.0
+          version: v0.145.0
           args: release --rm-dist
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

go.mod

@@ -3,7 +3,7 @@ module github.com/aquasecurity/starboard-octant-plugin
 go 1.15
 
 require (
-	github.com/aquasecurity/starboard v0.6.0
+	github.com/aquasecurity/starboard v0.7.0
 	github.com/stretchr/testify v1.6.1
 	github.com/vmware-tanzu/octant v0.16.1
 	k8s.io/api v0.19.2

go.sum

@@ -117,8 +117,8 @@ github.com/apex/log v1.3.0/go.mod h1:jd8Vpsr46WAe3EZSQ/IUMs2qQD/GOycT5rPWCO1yGcs
 github.com/apex/logs v0.0.4/go.mod h1:XzxuLZ5myVHDy9SAmYpamKKRNApGj54PfYLcFrXqDwo=
 github.com/aphistic/golf v0.0.0-20180712155816-02c07f170c5a/go.mod h1:3NqKYiepwy8kCu4PNA+aP7WUV72eXWJeP9/r3/K9aLE=
 github.com/aphistic/sweet v0.2.0/go.mod h1:fWDlIh/isSE9n6EPsRmC0det+whmX6dJid3stzu0Xys=
-github.com/aquasecurity/starboard v0.6.0 h1:+QUunEPwhwu2NXgI8j4B1AUR5FzSEOOPP42MCIKtYtM=
-github.com/aquasecurity/starboard v0.6.0/go.mod h1:QK5Q9YsxpiuXVW1N12p/kuVfATNYqKJbv59i8szJJL0=
+github.com/aquasecurity/starboard v0.7.0 h1:xmT4F19M2vqcqEg5IoeE1id57yHhePYz5kw8X7I7Q3s=
+github.com/aquasecurity/starboard v0.7.0/go.mod h1:HJ7a7QI5G1zz0L4o//DUrmsxxOYfUqmRSIHfoKKNJRg=
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=

pkg/plugin/view/configaudit/report_view.go

@@ -138,7 +138,7 @@ func createChecksTable(checks []starboard.Check) component.Component {
 	return table
 }
 
-func NewSummary(report starboard.ConfigAudit) (summaryComponent *component.Summary) {
+func NewSummary(report starboard.ConfigAuditResult) (summaryComponent *component.Summary) {
 	sections := []component.SummarySection{
 		{Header: "danger", Content: component.NewText(strconv.Itoa(report.Summary.DangerCount))},
 		{Header: "warning", Content: component.NewText(strconv.Itoa(report.Summary.WarningCount))},

pkg/plugin/view/vulnerabilities/report_view.go

@@ -97,47 +97,61 @@ func NewReport(workload kube.Object, vulnerabilityReportsDefined bool, reports [
 	return flexLayout
 }
 
+func getImageRef(report starboard.VulnerabilityScanResult) string {
+	imageID := report.Artifact.Tag
+	if imageID == "" {
+		imageID = report.Artifact.Digest
+	}
+
+	imageRef := fmt.Sprintf("%s/%s:%s", report.Registry.Server, report.Artifact.Repository, imageID)
+	return imageRef
+}
+
 func createVulnerabilitiesTable(containerName string, report starboard.VulnerabilityScanResult) component.Component {
-	imageRef := fmt.Sprintf("%s/%s:%s", report.Registry.Server, report.Artifact.Repository, report.Artifact.Tag)
 	table := component.NewTableWithRows(
-		fmt.Sprintf("Container %s: %s", containerName, imageRef), "There are no vulnerabilities!",
+		fmt.Sprintf("Container %s: %s", containerName, getImageRef(report)), "There are no vulnerabilities!",
 		component.NewTableCols("ID", "Severity", "Title", "Resource", "Installed Version", "Fixed Version"),
 		[]component.TableRow{})
 
 	sort.Stable(BySeverity{report.Vulnerabilities})
 
 	for _, vi := range report.Vulnerabilities {
-		tr := component.TableRow{
+		title := vi.Title
+		if title == "" {
+			title = "N/A"
+		}
+
+		table.Add(component.TableRow{
 			"ID":                getLinkComponent(vi),
-			"Severity":          component.NewText(fmt.Sprintf("%s", vi.Severity)),
-			"Title":             component.NewText(vi.Title),
+			"Severity":          component.NewText(string(vi.Severity)),
+			"Title":             component.NewText(title),
 			"Resource":          component.NewText(vi.Resource),
 			"Installed Version": component.NewText(vi.InstalledVersion),
 			"Fixed Version":     component.NewText(vi.FixedVersion),
-		}
-		table.Add(tr)
+		})
 	}
 
 	return table
 }
 
 func getLinkComponent(v starboard.Vulnerability) component.Component {
+	if v.PrimaryLink != "" {
+		return component.NewMarkdownText(view.ToMarkdownLink(v.VulnerabilityID, v.PrimaryLink))
+	}
 	if len(v.Links) > 0 {
 		return component.NewMarkdownText(view.ToMarkdownLink(v.VulnerabilityID, v.Links[0]))
 	}
 	return component.NewText(v.VulnerabilityID)
 }
 
-func NewVulnerabilitiesSummary(title string, summary starboard.VulnerabilitySummary) (c *component.Summary) {
-	c = component.NewSummary(title)
-
+func NewVulnerabilitiesSummary(title string, summary starboard.VulnerabilitySummary) *component.Summary {
 	sections := []component.SummarySection{
 		{Header: "CRITICAL ", Content: component.NewText(strconv.Itoa(summary.CriticalCount))},
 		{Header: "HIGH ", Content: component.NewText(strconv.Itoa(summary.HighCount))},
 		{Header: "MEDIUM ", Content: component.NewText(strconv.Itoa(summary.MediumCount))},
 		{Header: "LOW ", Content: component.NewText(strconv.Itoa(summary.LowCount))},
 		{Header: "UNKNOWN ", Content: component.NewText(strconv.Itoa(summary.UnknownCount))},
 	}
-	c.Add(sections...)
-	return
+
+	return component.NewSummary(title, sections...)
 }