Fix scope lookups in image and cluster Vulnerabilities sub-resolvers#2715
Conversation
|
Skipping CI for Draft Pull Request. |
keyallis
left a comment
There was a problem hiding this comment.
Good catch on these, they were probably changes I made when migrating old code over
md2119
left a comment
There was a problem hiding this comment.
Although conjunction query are built, make sure datastores are getting the correct context to reduce the confusion.
| @@ -386,7 +388,7 @@ func (resolver *clusterCVEResolver) EnvImpact(ctx context.Context) (float64, err | |||
|
|
|||
| func (resolver *clusterCVEResolver) FixedByVersion(ctx context.Context) (string, error) { | |||
| func (resolver *clusterCVEResolver) FixedByVersion(ctx context.Context) (string, error) { | ||
| defer metrics.SetGraphQLOperationDurationTime(time.Now(), pkgMetrics.ClusterCVEs, "FixedByVersion") | ||
| scope, hasScope := scoped.GetScope(ctx) | ||
| scope, hasScope := scoped.GetScope(resolver.ctx) |
There was a problem hiding this comment.
pass the resolver.ctx to the datastore
|
|
||
| // check scoping, add as conjunction if needed | ||
| if scope, ok := scoped.GetScope(ctx); !ok || scope.Level != v1.SearchCategory_CLUSTER_VULNERABILITIES { | ||
| if scope, ok := scoped.GetScope(resolver.ctx); !ok || scope.Level != v1.SearchCategory_CLUSTER_VULNERABILITIES { |
There was a problem hiding this comment.
pass the resolver.ctx to the datastore
|
Images are ready for the commit at 2080f43. To use with deploy scripts, first |
06defe8 to
2080f43
Compare
|
@charmik-redhat: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Description
Some image and cluster vulnerability sub resolvers used to search the default ctx sent to the sub-resolver. The default ctx would not have the entity scoping added when vulnerabilities were queried from another entity. This PR updates the sub-resolvers in image and cluster vulnerability sub-resolvers to use the parent ctx to lookup scopes.
Checklist
[ ] Unit test and regression tests added[ ] Evaluated and added CHANGELOG entry if required[ ] Determined and documented upgrade steps[ ] Documented user facing changes (create PR based on openshift/openshift-docs and merge into rhacs-docs)If any of these don't apply, please comment below.
Testing Performed
Manual testing
fixedByVersion,isFixableanddiscoveredAtImagein ImageVulnerability graphQL work as expected whenimageVulnerabilitiesare queries from other entities.fixedByVersionandisFixablein ClusterVulnerability graphQl work as expected.