still WIP

andnorda · andnorda · commit a59037e374f3 · 2025-03-20T16:18:08.000+01:00
diff --git a/src/lib/components/errors/ErrorMessage.svelte b/src/lib/components/errors/ErrorMessage.svelte
@@ -20,8 +20,10 @@
 		teamSlug,
 		workloadName,
 		environment,
-		docURL
+		docURL,
+		collapsible = true
 	}: {
+		collapsible?: boolean;
 		workloadType: 'App' | 'Job';
 		teamSlug: string;
 		workloadName: string;
@@ -52,8 +54,10 @@
 					  }
 					| {
 							__typename: 'WorkloadStatusVulnerable';
-							riskScore: number;
-							critical: number;
+							summary: {
+								riskScore: number;
+								critical: number;
+							};
 					  }
 			  ))
 			| { __typename: "non-exhaustive; don't match this" };
@@ -89,11 +93,13 @@
 		<div class="content">
 			<div style="display: flex; align-items: center; gap: var(--a-spacing-2);">
 				<Heading level="2" size="small">{heading[error.__typename]}</Heading>
-				<Button variant="tertiary" size="xsmall" onclick={() => (open = !open)}>
-					{open ? 'Hide' : 'Show'} details
-				</Button>
+				{#if collapsible}
+					<Button variant="tertiary" size="xsmall" onclick={() => (open = !open)}>
+						{open ? 'Hide' : 'Show'} details
+					</Button>
+				{/if}
 			</div>
-			{#if open}
+			{#if open || !collapsible}
 				{#if error.__typename === 'WorkloadStatusInvalidNaisYaml'}
 					<BodyLong>
 						The rollout of your {workloadType === 'Job' ? 'job' : 'application'} has failed due to an
@@ -172,13 +178,13 @@
 					</BodyLong>
 				{:else if error.__typename === 'WorkloadStatusVulnerable'}
 					<BodyLong>
-						{#if error.riskScore > 100}
+						{#if error.summary.riskScore > 100}
 							<strong>Risk Score:</strong>
-							{error.riskScore} (Exceeds threshold of 100)<br />
+							{error.summary.riskScore} (Exceeds threshold of 100)<br />
 						{/if}
-						{#if error.critical > 0}
+						{#if error.summary.critical > 0}
 							<strong>Critical Vulnerabilities:</strong>
-							{error.critical}
+							{error.summary.critical}
 						{/if}
 					</BodyLong>
 					<BodyLong>
diff --git a/src/lib/components/errors/RiskScore.stories.svelte b/src/lib/components/errors/RiskScore.stories.svelte
@@ -15,8 +15,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 276,
-			critical: 0
+			summary: {
+				riskScore: 276,
+				critical: 0
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
@@ -31,8 +33,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 70,
-			critical: 7
+			summary: {
+				riskScore: 70,
+				critical: 7
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
@@ -47,8 +51,10 @@
 		error={{
 			__typename: 'WorkloadStatusVulnerable',
 			level: 'WARNING',
-			riskScore: 276,
-			critical: 1
+			summary: {
+				riskScore: 276,
+				critical: 1
+			}
 		}}
 		teamSlug="team-service-management"
 		workloadName="ip-lookup-preprod"
diff --git a/src/lib/components/image/ImageVulnerabilities.svelte b/src/lib/components/image/ImageVulnerabilities.svelte
@@ -147,7 +147,7 @@
 	};
 </script>
 
-<Heading level="4" size="small">Vulnerabilities</Heading>
+<Heading level="2" size="medium">Vulnerabilities</Heading>
 <Table
 	size="small"
 	sort={{
diff --git a/src/routes/team/[team]/[env]/job/[job]/+page.gql b/src/routes/team/[team]/[env]/job/[job]/+page.gql
@@ -44,6 +44,12 @@ query Job($job: String!, $team: Slug!, $env: String!) @cache(policy: NetworkOnly
 							detail
 							name
 						}
+						... on WorkloadStatusVulnerable {
+							summary {
+								riskScore
+								critical
+							}
+						}
 					}
 				}
 
diff --git a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.gql
@@ -3,12 +3,22 @@ query JobImageDetails($team: Slug!, $env: String!, $job: String!) @cache(policy:
 		slug
 		environment(name: $env) {
 			name
+			environment {
+				name
+			}
 			workload(name: $job) {
 				__typename
 				name
 				status {
 					errors {
 						__typename
+						level
+						... on WorkloadStatusVulnerable {
+							summary {
+								critical
+								riskScore
+							}
+						}
 					}
 				}
 				image {
diff --git a/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte b/src/routes/team/[team]/[env]/job/[job]/vulnerability-report/+page.svelte
@@ -11,49 +11,67 @@
 
 	let { JobImageDetails, viewerIsMember } = $derived(data);
 
-	const error = $derived(
-		$JobImageDetails.data?.team.environment.workload.status.errors.find(
-			(e) => e.__typename === 'WorkloadStatusVulnerable'
-		)
-	);
+	// const error = $derived(
+	// 	$JobImageDetails.data?.team.environment.workload.status.errors.find(
+	// 		(e) => e.__typename === 'WorkloadStatusVulnerable'
+	// 	)
+	// );
 </script>
 
 <GraphErrors errors={$JobImageDetails.errors} />
 
 {#if $JobImageDetails.data}
 	{@const image = $JobImageDetails.data.team.environment.workload.image}
-	<div class="grid">
-		<div>
-			{#if error}
-				<!-- TODO -->
-				<!-- <ErrorMessage {error} /> -->
-			{/if}
-		</div>
-		<div class="card">
-			<Heading level="4" size="small" spacing>Summary</Heading>
-			{#if image.vulnerabilitySummary}
-				<VulnerabilityBadges summary={image.vulnerabilitySummary} />
-			{:else if !image.hasSBOM && image.vulnerabilitySummary !== null}
-				<WarningIcon class="text-aligned-icon" />
-				Data was discovered, but the SBOM was not rendered. Refer to the
-				<a href={docURL('/services/vulnerabilities/')}>Nais documentation</a>
-				for further assistance.
-			{:else}
-				<WarningIcon class="text-aligned-icon" />
-				No data found.
-				<a href={docURL('/services/vulnerabilities/how-to/sbom/')}> How to fix</a>
-			{/if}
+	<div class="wrapper">
+		<div class="grid">
+			<div>
+				<!-- {#if error}
+					<ErrorMessage
+						collapsible={false}
+						{error}
+						{docURL}
+						workloadType="Job"
+						teamSlug={$JobImageDetails.data.team.slug}
+						workloadName={$JobImageDetails.data.team.environment.workload.name}
+						environment={$JobImageDetails.data.team.environment.environment.name}
+					/>
+				{/if} -->
+				Risk score of 154 i too high. 1 critical is too high. Update affected dependencies to their latest
+				patched versions. Application is not on Nais. plz lower <br />
+
+				Hvis ingen SBOM, stooor feilmelding!
+				<img src="/SBOM.png" alt="SBOoooOooM" />
+			</div>
+			<div class="card">
+				<Heading level="2" size="small" spacing>Summary</Heading>
+				{#if image.vulnerabilitySummary}
+					<VulnerabilityBadges summary={image.vulnerabilitySummary} />
+				{:else if !image.hasSBOM && image.vulnerabilitySummary !== null}
+					<WarningIcon class="text-aligned-icon" />
+					Data was discovered, but the SBOM was not rendered. Refer to the
+					<a href={docURL('/services/vulnerabilities/')}>Nais documentation</a>
+					for further assistance.
+				{:else}
+					<WarningIcon class="text-aligned-icon" />
+					No data found.
+					<a href={docURL('/services/vulnerabilities/how-to/sbom/')}> How to fix</a>
+				{/if}
+			</div>
 		</div>
+		<ImageVulnerabilities
+			team={$JobImageDetails.data?.team.slug}
+			environment={$JobImageDetails.data?.team.environment.name}
+			workload={$JobImageDetails.data?.team.environment.workload.name}
+			authorized={viewerIsMember}
+		/>
 	</div>
-	<ImageVulnerabilities
-		team={$JobImageDetails.data?.team.slug}
-		environment={$JobImageDetails.data?.team.environment.name}
-		workload={$JobImageDetails.data?.team.environment.workload.name}
-		authorized={viewerIsMember}
-	/>
 {/if}
 
 <style>
+	.wrapper {
+		display: grid;
+		gap: 1rem;
+	}
 	.grid {
 		display: grid;
 		grid-template-columns: 1fr 300px;
diff --git a/static/SBOM.png b/static/SBOM.png

Original file line number	Diff line number	Diff line change
`@@ -44,6 +44,12 @@ query Job($job: String!, $team: Slug!, $env: String!) @cache(policy: NetworkOnly`
`44`	`44`	`detail`
`45`	`45`	`name`
`46`	`46`	`}`
	`47`	`+ ... on WorkloadStatusVulnerable {`
	`48`	`+ summary {`
	`49`	`+ riskScore`
	`50`	`+ critical`
	`51`	`+ }`
	`52`	`+ }`
`47`	`53`	`}`
`48`	`54`	`}`
`49`	`55`