Merge branch 'main' into feat/importers-crud

Author: carlosthe19916

.env

@@ -1,5 +1,5 @@
-TRUSTIFY_IMAGE=ghcr.io/trustification/trustd:latest
-TRUSTIFY_UI_IMAGE=ghcr.io/trustification/trustify-ui:latest
+TRUSTIFY_IMAGE=ghcr.io/guacsec/trustd:latest
+TRUSTIFY_UI_IMAGE=ghcr.io/guacsec/trustify-ui:latest
 
 POSTGRESQL_IMAGE=postgres:16
 

.github/workflows/ci-coverage.yaml

@@ -18,7 +18,7 @@ jobs:
   coverage:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-node@v4
         with:
           node-version: 22

.github/workflows/ci-e2e-template.yaml

@@ -80,7 +80,7 @@ jobs:
     steps:
       - name: Download artifact
         if: "${{ inputs.artifact != '' }}"
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: ${{ inputs.artifact }}
           path: /tmp
@@ -125,7 +125,7 @@ jobs:
     steps:
       - name: Download artifact
         if: "${{ inputs.artifact != '' }}"
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: ${{ inputs.artifact }}
           path: /tmp
@@ -135,7 +135,7 @@ jobs:
           docker load --input /tmp/${{ inputs.artifact }}.tar
 
       - name: Checkout ui repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - uses: actions/setup-node@v4
         with:
           node-version: 22

.github/workflows/ci-e2e.yaml

@@ -24,8 +24,8 @@ jobs:
 
       - name: save trustify-ui image
         run: |
-          docker build . -t ghcr.io/trustification/trustify-ui:pr-test -f Dockerfile
-          docker save -o /tmp/trustify-ui.tar ghcr.io/trustification/trustify-ui:pr-test
+          docker build . -t ghcr.io/guacsec/trustify-ui:pr-test -f Dockerfile
+          docker save -o /tmp/trustify-ui.tar ghcr.io/guacsec/trustify-ui:pr-test
 
       - name: Upload trustify-ui image as artifact
         uses: actions/upload-artifact@v4
@@ -75,5 +75,5 @@ jobs:
     uses: ./.github/workflows/ci-e2e-template.yaml
     with:
       artifact: trustify-ui
-      ui_image: ghcr.io/trustification/trustify-ui:pr-test
-      server_image: ghcr.io/trustification/trustd:${{ needs.discover-envs-for-e2e-ci.outputs.image_tag }}
+      ui_image: ghcr.io/guacsec/trustify-ui:pr-test
+      server_image: ghcr.io/guacsec/trustd:${{ needs.discover-envs-for-e2e-ci.outputs.image_tag }}

.github/workflows/image-build.yaml

@@ -42,7 +42,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ghcr.io
       - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@v2
+        uses: actions/attest-build-provenance@v3
         with:
           subject-name: ghcr.io/${{ github.repository_owner }}/trustify-ui
           subject-digest: ${{ needs.ui-image-build.outputs.digest }}

client/src/app/pages/sbom-list/sbom-list.tsx

@@ -17,7 +17,7 @@ export const SbomList: React.FC = () => {
       <PageSection hasBodyWrapper={false}>
         <div>
           <SbomSearchProvider>
-            <SbomToolbar showFilters />
+            <SbomToolbar showFilters showActions />
             <SbomTable />
           </SbomSearchProvider>
         </div>

client/src/app/pages/sbom-list/sbom-toolbar.tsx

@@ -16,9 +16,13 @@ import { SbomSearchContext } from "./sbom-context";
 
 interface SbomToolbarProps {
   showFilters?: boolean;
+  showActions?: boolean;
 }
 
-export const SbomToolbar: React.FC<SbomToolbarProps> = ({ showFilters }) => {
+export const SbomToolbar: React.FC<SbomToolbarProps> = ({
+  showFilters,
+  showActions,
+}) => {
   const navigate = useNavigate();
 
   const { tableControls } = React.useContext(SbomSearchContext);
@@ -36,11 +40,16 @@ export const SbomToolbar: React.FC<SbomToolbarProps> = ({ showFilters }) => {
     <Toolbar {...toolbarProps} aria-label="sbom-toolbar">
       <ToolbarContent>
         {showFilters && <FilterToolbar {...filterToolbarProps} />}
-        <ToolbarItem>
-          <Button variant="primary" onClick={() => navigate(Paths.sbomUpload)}>
-            Upload SBOM
-          </Button>
-        </ToolbarItem>
+        {showActions && (
+          <ToolbarItem>
+            <Button
+              variant="primary"
+              onClick={() => navigate(Paths.sbomUpload)}
+            >
+              Upload SBOM
+            </Button>
+          </ToolbarItem>
+        )}
         <ToolbarItem {...paginationToolbarItemProps}>
           <SimplePagination
             idPrefix="sbom-table"

e2e/tests/ui/features/@advisory-explorer/advisory-explorer.feature

@@ -2,6 +2,61 @@ Feature: Advisory Explorer
     Background: Authentication
         Given User is authenticated
 
+# Search for advisories
+    Scenario: Search for an advisory using the general search bar
+        
+        When User searches for an advisory named "<advisoryID>" in the general search bar
+        
+        Then The advisory "<advisoryID>" shows in the results
+
+        Examples:
+            | advisoryID      |
+            | CVE-2024-26308  |
+    
+    Scenario: Search for an advisory using the dedicated search bar
+
+        When User searches for "<advisoryID>" in the dedicated search bar
+        
+        Then The advisory "<advisoryID>" shows in the results
+
+        Examples:
+            | advisoryID      |
+            | CVE-2024-26308  |
+
+    # Advisory Explorer
+    Scenario: Display an overview of an advisory
+
+        When User visits Advisory details Page of "<advisoryID>"
+
+        Then The page title is "<advisoryID>"
+        Then The "Download" action is available
+
+        Examples:
+            | advisoryID      |
+            | CVE-2024-26308  |
+
+    Scenario: Download an advisory
+
+        When User visits Advisory details Page of "<advisoryID>"
+
+        Then "Download Advisory" action is invoked and downloaded filename is "<fileName>"
+
+        Examples:
+            | advisoryID      | fileName            |
+            | CVE-2024-26308  | CVE-2024-26308.json |
+
+    Scenario: Display the Info tab
+
+        When User visits Advisory details Page of "<advisoryID>"
+
+        Then The "Overview" panel is visible
+        Then The "Publisher" panel is visible
+        Then The "Tracking" panel is visible
+
+        Examples:
+            | advisoryID      |
+            | CVE-2024-26308  |
+
 # Advisory Vulnerabilities
 Scenario: Display vulnerabilities tied to a single advisory
     Given User visits Advisory details Page of "<advisoryName>" with type "<advisoryType>"

e2e/tests/ui/features/@advisory-explorer/advisory-explorer.step.ts

@@ -8,6 +8,15 @@ export const { Given, When, Then } = createBdd(test);
 
 const VULN_TABLE_NAME = "vulnerability table";
 
+Given(
+  "User visits Advisory details Page of {string}",
+  async ({ page }, advisoryID) => {
+    const searchPage = new SearchPage(page, "Advisories");
+    await searchPage.dedicatedSearch(advisoryID);
+    await page.getByRole("link", { name: advisoryID, exact: true }).click();
+  },
+);
+
 Given(
   "User visits Advisory details Page of {string} with type {string}",
   async ({ page }, advisoryName, advisoryType) => {
@@ -18,6 +27,59 @@ Given(
   },
 );
 
+// Advisory Search
+When(
+  "User searches for an advisory named {string} in the general search bar",
+  async ({ page }, item) => {
+    const searchPage = new SearchPage(page, "Dashboard");
+    await searchPage.generalSearch("Advisories", item);
+  },
+);
+
+When(
+  "User searches for {string} in the dedicated search bar",
+  async ({ page }, advisoryID) => {
+    const searchPage = new SearchPage(page, "Advisories");
+    await searchPage.dedicatedSearch(advisoryID);
+  },
+);
+
+Then(
+  "The advisory {string} shows in the results",
+  async ({ page }, advisoryID) => {
+    await expect(
+      page.getByRole("gridcell").filter({ hasText: advisoryID }),
+    ).toBeVisible();
+  },
+);
+
+// Advisory Explorer
+Then(
+  "The vulnerabilities table is sorted by {string}",
+  async ({ page }, columnName) => {
+    const toolbarTable = new ToolbarTable(page, VULNERABILITIES_TABLE_NAME);
+    await toolbarTable.verifyTableIsSortedBy(columnName);
+  },
+);
+
+Then(
+  "The vulnerabilities table total results is {int}",
+  async ({ page }, totalResults) => {
+    const toolbarTable = new ToolbarTable(page, VULNERABILITIES_TABLE_NAME);
+    await toolbarTable.verifyPaginationHasTotalResults(totalResults);
+  },
+);
+
+Then(
+  "The {string} column of the vulnerability table contains {string}",
+  async ({ page }, columnName, expectedValue) => {
+    const toolbarTable = new ToolbarTable(page, VULNERABILITIES_TABLE_NAME);
+    await toolbarTable.verifyColumnContainsText(columnName, expectedValue);
+  },
+);
+
+// Advisory Explorer / Vulenrabilities
+
 Then(
   "User navigates to the Vulnerabilities tab on the Advisory Overview page",
   async ({ page }) => {

e2e/tests/ui/helpers/DetailsPage.ts

@@ -22,10 +22,34 @@ export class DetailsPage {
     await this.page.getByRole("menuitem", { name: actionName }).click();
   }
 
+  async clickOnPageButton(buttonName: string) {
+    await this.page.getByRole("button", { name: buttonName }).click();
+  }
+
   async verifyPageHeader(header: string) {
     await expect(this.page.getByRole("heading")).toContainText(header);
   }
 
+  async verifyActionIsAvailable(actionName: string) {
+    await this.page.getByRole("button", { name: "Actions" }).click();
+    await expect(
+      this.page.getByRole("menuitem", { name: actionName }),
+    ).toBeVisible();
+  }
+
+  async verifyButtonIsVisible(button: string) {
+    await expect(this.page.getByRole("button", { name: button })).toBeVisible();
+  }
+
+  async verifyPanelIsVisible(panel: string) {
+    await expect(
+      this.page
+        .locator(".pf-v6-c-card__title-text")
+        .filter({ hasText: panel })
+        .first(),
+    ).toBeVisible();
+  }
+
   async verifyTabIsSelected(tabName: string) {
     await expect(this.page.getByRole("tab", { name: tabName })).toHaveAttribute(
       "aria-selected",