Store summary cr objects

[rcohencyberarmor]

since the update API to the storage is always run over the last object we need to regenerated both image vulns and workload vulns and than use the update API to the storage

[codiumai-pr-agent-free]

PR Analysis

• 🎯 Main theme: Storing summary of CVE objects
• 📌 Type of PR: Enhancement
• 🧪 Relevant tests added: True
• ✨ Focused PR: Yes, the PR is focused on storing summary of CVE objects.
• 🔒 Security concerns: No security concerns found

PR Feedback

• General suggestions: The PR seems to be well-structured and focused on a specific enhancement. The code changes are consistent and follow the same pattern across different files. Good job on adding tests for the new functionality.

• 🤖 Code feedback:

  • relevant file: core/services/scan.go
    suggestion: Consider handling the error right after it occurs. This will make the code cleaner and easier to read. [medium]
    relevant line: err = s.cveRepository.StoreCVESummary(ctx, cve, domain.CVEManifest{}, false)

  • relevant file: repositories/apiserver.go
    suggestion: It's a good practice to use context passed to the function instead of creating a new one. This will ensure that any deadlines, cancellation signals, or other request-scoped values propagate through all the calls made during the request. [important]
    relevant line: _, err = a.StorageClient.VulnerabilityManifestSummaries(workloadNamespace).Create(context.Background(), &manifest, metav1.CreateOptions{})

  • relevant file: repositories/apiserver_test.go
    suggestion: Consider adding more assertions in your tests to cover different scenarios and edge cases. This will make your tests more robust and catch potential bugs. [medium]
    relevant line: err := a.StoreCVESummary(context.TODO(), cveManifest, cveManifest, false)

How to use

To invoke the PR-Agent, add a comment using one of the following commands:
/review [-i]: Request a review of your Pull Request. For an incremental review, which only considers changes since the last review, include the '-i' option.
/describe: Modify the PR title and description based on the contents of the PR.
/improve: Suggest improvements to the code in the PR.
/ask <QUESTION>: Pose a question about the PR.

To edit any configuration parameter from 'configuration.toml', add --config_path=new_value
For example: /review --pr_reviewer.extra_instructions="focus on the file: ..."
To list the possible configuration parameters, use the /config command.

[github-actions]

Summary:

• License scan: failure
• Credentials scan: success
• Vulnerabilities scan: failure
• Unit test: success
• Go linting: success