fix: handle API returning purl instead of original image string

Author: Strum355

package-lock.json

@@ -20,21 +20,10 @@ interface ISource {
     dependencies: any[];
 }
 
-/**
- * Represents data specification related to a dependency.
- */
-interface IDependencyData {
-    sourceId: string;
-    issuesCount: number;
-    recommendationRef: string;
-    remediationRef: string
-    highestVulnerabilitySeverity: string;
-}
-
 /**
  * Implementation of IDependencyData interface.
  */
-class DependencyData implements IDependencyData {
+class DependencyData {
     constructor(
         public sourceId: string,
         public issuesCount: number,

src/dependencyAnalysis/analysis.ts

@@ -10,144 +10,92 @@ import { connection } from '../server';
 import { globalConfig } from '../config';
 import { isDefined, decodeUriPath } from '../utils';
 import { IImage } from '../imageAnalysis/collector';
+import { AnalysisReport } from '@trustification/exhort-api-spec/model/v4/AnalysisReport';
+import { DependencyReport } from '@trustification/exhort-api-spec/model/v4/DependencyReport';
+import { SourceSummary } from '@trustification/exhort-api-spec/model/v4/SourceSummary';
+import { ProviderReport } from '@trustification/exhort-api-spec/model/v4/ProviderReport';
+import { Source } from '@trustification/exhort-api-spec/model/v4/Source';
 
 /**
  * Represents the Red Hat Dependency Analytics (RHDA) analysis report, with images mapped by string keys.
  */
 interface IExhortAnalysisReport {
-  [key: string]: IImageReport;
-}
-
-/**
- * Represents the RHDA analysis report for a single image.
- */
-interface IImageReport {
-  providers: Map<string, IProvider>;
-}
-
-/**
- * Represents a provider of dependencies for an image.
- */
-interface IProvider {
-  status: IStatus;
-  sources: Map<string, ISource>;
-}
-
-/**
- * Represents the status of a provider.
- */
-interface IStatus {
-  ok: boolean;
-}
-
-/**
- * Represents a source of dependencies.
- */
-interface ISource {
-  summary: ISummary;
-  dependencies: ISourceDependency[];
-}
-
-/**
- * Represents the summary of vulnerabilities for a source.
- */
-interface ISummary {
-  total: number,
-  critical: number,
-  high: number,
-  medium: number,
-  low: number,
-}
-
-/**
- * Represents a dependency reported by a source.
- */
-interface ISourceDependency {
-  recommendation: string | null;
+  [key: string]: AnalysisReport;
 }
 
 /**
  * Represents data collected related to an image.
  */
 interface IArtifact {
   id: string;
-  summary: ISummary;
-  dependencies: ISourceDependency[];
+  summary: SourceSummary;
+  dependencies: DependencyReport[];
 }
 
-/**
-* Represents data specification related to an image.
-*/
-interface IImageData {
-  sourceId: string;
-  issuesCount: number;
-  recommendationRef: string;
-  highestVulnerabilitySeverity: string;
-}
-
-/**
- * Implementation of IImageData interface.
- */
-class ImageData implements IImageData {
+class ImageData {
   constructor(
-      public sourceId: string,
-      public issuesCount: number,
-      public recommendationRef: string,
-      public highestVulnerabilitySeverity: string
+    public sourceId: string,
+    public issuesCount: number,
+    public recommendationRef: string,
+    public highestVulnerabilitySeverity: string
   ) {}
 }
 
 /**
-* Represents the parsed response of Red Hat Dependency Analytics (RHDA) analysis report, with images mapped by string keys.
-*/
+ * Represents the parsed response of Red Hat Dependency Analytics (RHDA) analysis report, with images mapped by string keys.
+ */
 interface IAnalysisResponse {
   images: Map<string, ImageData[]>;
 }
 
 /**
-* Implementation of IAnalysisResponse interface.
-*/
+ * Implementation of IAnalysisResponse interface.
+ */
 class AnalysisResponse implements IAnalysisResponse {
   images: Map<string, ImageData[]> = new Map<string, ImageData[]>();
 
   constructor(resData: IExhortAnalysisReport, diagnosticFilePath: string) {
-      const failedProviders: string[] = [];
-
-      Object.entries(resData).map(([imageRef, imageData]) => {
-        const artifacts: IArtifact[] = [];
-
-        if (isDefined(imageData, 'providers')) {
-            Object.entries(imageData.providers).map(([providerName, providerData]: [string, IProvider]) => {
-                if (isDefined(providerData, 'status', 'ok') && providerData.status.ok) {
-                    if (isDefined(providerData, 'sources')) {
-                        Object.entries(providerData.sources).map(([sourceName, sourceData]: [string, ISource]) => {
-                          if (isDefined(sourceData, 'summary')) {
-                              artifacts.push({id: `${providerName}(${sourceName})`, summary: sourceData.summary, dependencies: sourceData.dependencies});
-                          }
-                        });
-                    }
-                } else {
-                    failedProviders.push(providerName);
+    const failedProviders: string[] = [];
+
+    Object.entries(resData).map(([imageRef, imageData]) => {
+      const artifacts: IArtifact[] = [];
+
+      if (isDefined(imageData, 'providers')) {
+        Object.entries(imageData.providers).map(([providerName, providerData]: [string, ProviderReport]) => {
+          if (providerData?.status?.ok) {
+            if (isDefined(providerData, 'sources')) {
+              Object.entries(providerData.sources).map(([sourceName, sourceData]: [string, Source]) => {
+                if (isDefined(sourceData, 'summary')) {
+                  artifacts.push({ 
+                    id: `${providerName}(${sourceName})`, 
+                    summary: sourceData.summary, 
+                    dependencies: sourceData.dependencies,
+                  });
                 }
-            });
-
-            artifacts.forEach(artifact => {
-                  const sd = new ImageData(artifact.id, this.getTotalIssues(artifact.summary), this.getRecommendation(artifact.dependencies), this.getHighestSeverity(artifact.summary));
-
-                  this.images[imageRef] = this.images[imageRef] || [];
-                  this.images[imageRef].push(sd);
-            });
-        }
+              });
+            }
+          } else {
+            failedProviders.push(providerName);
+          }
+        });
+
+        artifacts.forEach(artifact => {
+          const sd = new ImageData(artifact.id, this.getTotalIssues(artifact.summary), this.getRecommendation(artifact.dependencies), this.getHighestSeverity(artifact.summary));
+
+          this.images[imageRef] = this.images[imageRef] || [];
+          this.images[imageRef].push(sd);
+        });
+      }
 
-        if (failedProviders.length !== 0) {
-          const uniqueFailedProviders = Array.from(new Set(failedProviders));
-          const errMsg = `The image component analysis couldn't fetch data from the following providers: [${uniqueFailedProviders.join(', ')}]`;
-          connection.console.warn(`Component Analysis Error: ${errMsg}`);
-          connection.sendNotification('caError', {
-              errorMessage: errMsg,
-              uri: decodeUriPath(diagnosticFilePath),
-          });
-        }
+      if (failedProviders.length !== 0) {
+        const uniqueFailedProviders = Array.from(new Set(failedProviders));
+        const errMsg = `The image component analysis couldn't fetch data from the following providers: [${uniqueFailedProviders.join(', ')}]`;
+        connection.console.warn(`Component Analysis Error: ${errMsg}`);
+        connection.sendNotification('caError', {
+          errorMessage: errMsg,
+          uri: decodeUriPath(diagnosticFilePath),
+        });
+      }
     });
   }
 
@@ -157,8 +105,8 @@ class AnalysisResponse implements IAnalysisResponse {
    * @returns The total number of issues.
    * @private
    */
-    private getTotalIssues(summary: any): number {
-      return isDefined(summary, 'total') ? summary.total : 0;
+  private getTotalIssues(summary: any): number {
+    return isDefined(summary, 'total') ? summary.total : 0;
   }
 
   /**
@@ -168,19 +116,19 @@ class AnalysisResponse implements IAnalysisResponse {
    * @private
    */
   private getHighestSeverity(summary: any): string {
-      let highestSeverity = 'NONE';
-
-      if ( isDefined(summary, 'critical') && summary.critical > 0) {
-        highestSeverity = 'CRITICAL';
-      } else if ( isDefined(summary, 'high') && summary.high > 0) {
-        highestSeverity = 'HIGH';
-      } else if ( isDefined(summary, 'medium') && summary.medium > 0) {
-        highestSeverity = 'MEDIUM';
-      } else if ( isDefined(summary, 'low') && summary.low > 0) {
-        highestSeverity = 'LOW';
-      }
+    let highestSeverity = 'NONE';
+
+    if (isDefined(summary, 'critical') && summary.critical > 0) {
+      highestSeverity = 'CRITICAL';
+    } else if (isDefined(summary, 'high') && summary.high > 0) {
+      highestSeverity = 'HIGH';
+    } else if (isDefined(summary, 'medium') && summary.medium > 0) {
+      highestSeverity = 'MEDIUM';
+    } else if (isDefined(summary, 'low') && summary.low > 0) {
+      highestSeverity = 'LOW';
+    }
 
-      return highestSeverity;
+    return highestSeverity;
   }
 
   /**
@@ -189,10 +137,10 @@ class AnalysisResponse implements IAnalysisResponse {
    * @returns The recommendation reference or an empty string.
    * @private
    */
-  private getRecommendation(dependencies: ISourceDependency[]): string {
-    let recommendation = '';  
-    if (dependencies && dependencies.length > 0){
-        recommendation = isDefined(dependencies[0], 'recommendation') ? dependencies[0].recommendation.split(':')[1].split('@')[0] : '';
+  private getRecommendation(dependencies: DependencyReport[]): string {
+    let recommendation = '';
+    if (dependencies && dependencies.length > 0) {
+      recommendation = isDefined(dependencies[0], 'recommendation') ? dependencies[0].recommendation.split(':')[1].split('@')[0] : '';
     }
     return recommendation;
   }
@@ -202,15 +150,15 @@ class AnalysisResponse implements IAnalysisResponse {
  * Represents the options for running image analysis.
  */
 interface IOptions {
-    RHDA_TOKEN: string;
-    RHDA_SOURCE: string;
-    EXHORT_SYFT_PATH: string;
-    EXHORT_SYFT_CONFIG_PATH: string;
-    EXHORT_SKOPEO_PATH: string;
-    EXHORT_SKOPEO_CONFIG_PATH: string;
-    EXHORT_DOCKER_PATH: string;
-    EXHORT_PODMAN_PATH: string;
-    EXHORT_IMAGE_PLATFORM: string;
+  RHDA_TOKEN: string;
+  RHDA_SOURCE: string;
+  EXHORT_SYFT_PATH: string;
+  EXHORT_SYFT_CONFIG_PATH: string;
+  EXHORT_SKOPEO_PATH: string;
+  EXHORT_SKOPEO_CONFIG_PATH: string;
+  EXHORT_DOCKER_PATH: string;
+  EXHORT_PODMAN_PATH: string;
+  EXHORT_IMAGE_PLATFORM: string;
 }
 
 /**
@@ -220,38 +168,38 @@ interface IOptions {
  * @returns A Promise resolving to the analysis response.
  */
 async function imageAnalysisService(images: IImage[], options: IOptions): Promise<any> {
-    return await exhort.imageAnalysis(images.map(img => {
-      if (img.platform) {
-        return `${img.name.value}^^${img.platform}`;
-      }
-      return img.name.value;
-    }), true, options);
-  }
-  
+  return await exhort.imageAnalysis(images.map(img => {
+    if (img.platform) {
+      return `${img.name.value}^^${img.platform}`;
+    }
+    return img.name.value;
+  }), false, options);
+}
+
 /**
  * Performs RHDA image analysis on provided images.
  * @param diagnosticFilePath - The path to the image file to analyze.
  * @param images - The images to analyze.
  * @returns A Promise resolving to an AnalysisResponse object.
  */
-async function executeImageAnalysis(diagnosticFilePath: string, images:  IImage[]): Promise<AnalysisResponse> {
-    
-    // Define configuration options for the component analysis request
-    const options: IOptions = {
-        'RHDA_TOKEN': globalConfig.telemetryId,
-        'RHDA_SOURCE': globalConfig.utmSource,
-        'EXHORT_SYFT_PATH': globalConfig.exhortSyftPath,
-        'EXHORT_SYFT_CONFIG_PATH': globalConfig.exhortSyftConfigPath,
-        'EXHORT_SKOPEO_PATH': globalConfig.exhortSkopeoPath,
-        'EXHORT_SKOPEO_CONFIG_PATH': globalConfig.exhortSkopeoConfigPath,
-        'EXHORT_DOCKER_PATH': globalConfig.exhortDockerPath,
-        'EXHORT_PODMAN_PATH': globalConfig.exhortPodmanPath,
-        'EXHORT_IMAGE_PLATFORM': globalConfig.exhortImagePlatform,
-    };
-
-    const imageAnalysisJson = await imageAnalysisService(images, options);
-
-    return new AnalysisResponse(imageAnalysisJson, diagnosticFilePath);
+async function executeImageAnalysis(diagnosticFilePath: string, images: IImage[]): Promise<AnalysisResponse> {
+
+  // Define configuration options for the component analysis request
+  const options: IOptions = {
+    'RHDA_TOKEN': globalConfig.telemetryId,
+    'RHDA_SOURCE': globalConfig.utmSource,
+    'EXHORT_SYFT_PATH': globalConfig.exhortSyftPath,
+    'EXHORT_SYFT_CONFIG_PATH': globalConfig.exhortSyftConfigPath,
+    'EXHORT_SKOPEO_PATH': globalConfig.exhortSkopeoPath,
+    'EXHORT_SKOPEO_CONFIG_PATH': globalConfig.exhortSkopeoConfigPath,
+    'EXHORT_DOCKER_PATH': globalConfig.exhortDockerPath,
+    'EXHORT_PODMAN_PATH': globalConfig.exhortPodmanPath,
+    'EXHORT_IMAGE_PLATFORM': globalConfig.exhortImagePlatform,
+  };
+
+  const imageAnalysisJson = await imageAnalysisService(images, options);
+
+  return new AnalysisResponse(imageAnalysisJson, diagnosticFilePath);
 }
 
 export { executeImageAnalysis, ImageData };