diff --git a/data/model/tag.py b/data/model/tag.py index 10537d071..e5c3b3233 100644 --- a/data/model/tag.py +++ b/data/model/tag.py @@ -46,7 +46,8 @@ def filter_tags_have_repository_event(query, event): .switch(RepositoryTag) .join(Repository) .join(RepositoryNotification) - .where(RepositoryNotification.event == event)) + .where(RepositoryNotification.event == event) + .order_by(RepositoryTag.lifetime_start_ts.desc())) def list_repository_tags(namespace_name, repository_name, include_hidden=False, include_storage=False): diff --git a/endpoints/notificationevent.py b/endpoints/notificationevent.py index 2828f86ad..9fb40d8e2 100644 --- a/endpoints/notificationevent.py +++ b/endpoints/notificationevent.py @@ -135,7 +135,7 @@ class VulnerabilityFoundEvent(NotificationEvent): 'name': notification.repository.name, }) return build_event_data(repo, { - 'tags': ['latest', 'prod'], + 'tags': ['latest', 'prod', 'foo', 'bar', 'baz'], 'image': 'some-image-id', 'vulnerability': { 'id': 'CVE-FAKE-CVE', @@ -157,10 +157,9 @@ class VulnerabilityFoundEvent(NotificationEvent): return actual_level_index <= filter_level_index def get_summary(self, event_data, notification_data): - msg = '%s vulnerability detected in repository %s in tags %s' - return msg % (event_data['vulnerability']['priority'], - event_data['repository'], - ', '.join(event_data['tags'])) + msg = '%s vulnerability detected in repository %s in %s tags' + return msg % (event_data['vulnerability']['priority'], event_data['repository'], + len(event_data['tags'])) class BaseBuildEvent(NotificationEvent): diff --git a/events/vulnerability_found.html b/events/vulnerability_found.html index 618cca4b0..fd75df641 100644 --- a/events/vulnerability_found.html +++ b/events/vulnerability_found.html @@ -1,4 +1,4 @@ A {{ event_data.vulnerability.priority }} vulnerability ({{ event_data.vulnerability.id }}) was detected in tags {{ 'tags' | icon_image }} -{% for tag in event_data.tags %}{%if loop.index > 1 %}, {% endif %}{{ (event_data.repository, tag) | repository_tag_reference }}{% endfor %} in +{% for tag in event_data.tags[0:3] %}{%if loop.index > 1 %}, {% endif %}{{ (event_data.repository, tag) | repository_tag_reference }}{% endfor %} {% if event_data.tags|length > 3 %}(and {{ event_data.tags|length - 3 }} more) {% endif %} in repository {{ event_data.repository | repository_reference }} diff --git a/test/test_secscan.py b/test/test_secscan.py index e6b0e9382..67234bb2e 100644 --- a/test/test_secscan.py +++ b/test/test_secscan.py @@ -296,7 +296,7 @@ class TestSecurityScanner(unittest.TestCase): self.assertIsNotNone(queue_item) body = json.loads(queue_item.body) - self.assertEquals(['latest', 'prod'], body['event_data']['tags']) + self.assertEquals(set(['latest', 'prod']), set(body['event_data']['tags'])) self.assertEquals('CVE-2014-9471', body['event_data']['vulnerability']['id']) self.assertEquals('Low', body['event_data']['vulnerability']['priority']) self.assertTrue(body['event_data']['vulnerability']['has_fix'])