feat: asset findings relationship (#1758)

* feat(api): update finding and add asset finding object

* feat(api): check finding uniqueness

* feat(orchestrator): update findings in DB with reconcile

* feat(api): add asset finding paths

* feat(orchestrator): update asset findings in DB with reconcile

* feat(orchestrator): invalidate asset findings in DB with reconcile

* feat(orchestrator): get total asset findings with reconcile

* feat(orchestrator): not invalidate or count plugin findings with reconcile

* feat(uibackend): update findings impact

* feat(api): update database

* feat(ui): remove asset details from findings

* feat(api): remove no longer valid table indexes

* test(e2e): extend test to check asset findings

* refactor: code review

* fix(uibackend): add first seen to asset findings to correct display old trends

* fix(uibackend): get asset count from items len

* fix: misconfiguration finding not created in DB

* refactor: code review changes

* fix: asset-findings UI fixes (#1796)

* fix(ui): <div> cannot appear as a child of <tbody>

Signed-off-by: András Jáky <[email protected]>

* fix(ui): temp disable redirection to Findings page

The original redirection would fail as it would have navigated to
theFindings page and applied a filter for the `asset.id` field of
thefindings, which is not available anymore.

Signed-off-by: András Jáky <[email protected]>

* feat(ui): add columns to Findings page

- First seen
- Last seen

Signed-off-by: András Jáky <[email protected]>

---------

Signed-off-by: András Jáky <[email protected]>

---------

Signed-off-by: András Jáky <[email protected]>
Co-authored-by: András Jáky <[email protected]>

api/client/client.go

@@ -1054,3 +1054,84 @@ func (c *Client) GetProviders(ctx context.Context, params types.GetProvidersPara
 		return nil, fmt.Errorf("failed to get providers. status code=%v", resp.StatusCode())
 	}
 }
+
+func (c *Client) GetAssetFindings(ctx context.Context, params types.GetAssetFindingsParams) (*types.AssetFindings, error) {
+	resp, err := c.api.GetAssetFindingsWithResponse(ctx, &params)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get asset findings: %w", err)
+	}
+	switch resp.StatusCode() {
+	case http.StatusOK:
+		if resp.JSON200 == nil {
+			return nil, errors.New("no asset findings: empty body")
+		}
+		return resp.JSON200, nil
+	default:
+		if resp.JSONDefault != nil && resp.JSONDefault.Message != nil {
+			return nil, fmt.Errorf("failed to get asset findings. status code=%v: %s", resp.StatusCode(), *resp.JSONDefault.Message)
+		}
+		return nil, fmt.Errorf("failed to get asset findings. status code=%v", resp.StatusCode())
+	}
+}
+
+func (c *Client) PatchAssetFinding(ctx context.Context, assetFindingID types.AssetFindingID, assetFinding types.AssetFinding) error {
+	resp, err := c.api.PatchAssetFindingsAssetFindingIDWithResponse(ctx, assetFindingID, &types.PatchAssetFindingsAssetFindingIDParams{}, assetFinding)
+	if err != nil {
+		return fmt.Errorf("failed to update an asset finding: %w", err)
+	}
+	switch resp.StatusCode() {
+	case http.StatusOK:
+		if resp.JSON200 == nil {
+			return errors.New("failed to update an asset finding: empty body")
+		}
+		return nil
+	case http.StatusBadRequest:
+		if resp.JSON400 != nil && resp.JSON400.Message != nil {
+			return fmt.Errorf("failed to update an asset finding: status code=%v: %v", resp.StatusCode(), *resp.JSON400.Message)
+		}
+		return fmt.Errorf("failed to update an asset finding: status code=%v", resp.StatusCode())
+	case http.StatusNotFound:
+		if resp.JSON404 == nil {
+			return errors.New("failed to update an asset finding: empty body on not found")
+		}
+		if resp.JSON404 != nil && resp.JSON404.Message != nil {
+			return fmt.Errorf("failed to update an asset finding: not found: %v", *resp.JSON404.Message)
+		}
+		return errors.New("failed to update an asset finding: not found")
+	default:
+		if resp.JSONDefault != nil && resp.JSONDefault.Message != nil {
+			return fmt.Errorf("failed to update an asset finding: status code=%v: %v", resp.StatusCode(), resp.JSONDefault.Message)
+		}
+		return fmt.Errorf("failed to update an asset finding: status code=%v", resp.StatusCode())
+	}
+}
+
+func (c *Client) PostAssetFinding(ctx context.Context, assetFinding types.AssetFinding) (*types.AssetFinding, error) {
+	resp, err := c.api.PostAssetFindingsWithResponse(ctx, assetFinding)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create an asset finding: %w", err)
+	}
+	switch resp.StatusCode() {
+	case http.StatusCreated:
+		if resp.JSON201 == nil {
+			return nil, fmt.Errorf("failed to create an asset finding: empty body. status code=%v", http.StatusCreated)
+		}
+		return resp.JSON201, nil
+	case http.StatusConflict:
+		if resp.JSON409 == nil {
+			return nil, fmt.Errorf("failed to create an asset finding: empty body. status code=%v", http.StatusConflict)
+		}
+		if resp.JSON409.Finding == nil {
+			return nil, fmt.Errorf("failed to create an asset finding: no finding data. status code=%v", http.StatusConflict)
+		}
+		return nil, AssetFindingConflictError{
+			ConflictingAssetFinding: resp.JSON409.Finding,
+			Message:                 "conflict",
+		}
+	default:
+		if resp.JSONDefault != nil && resp.JSONDefault.Message != nil {
+			return nil, fmt.Errorf("failed to create an asset finding. status code=%v: %v", resp.StatusCode(), resp.JSONDefault.Message)
+		}
+		return nil, fmt.Errorf("failed to create an asset finding. status code=%v", resp.StatusCode())
+	}
+}

api/client/errors.go

@@ -83,3 +83,12 @@ type ProviderConflictError struct {
 func (t ProviderConflictError) Error() string {
 	return fmt.Sprintf("Conflicting Provider Found with ID %s: %s", *t.ConflictingProvider.Id, t.Message)
 }
+
+type AssetFindingConflictError struct {
+	ConflictingAssetFinding *types.AssetFinding
+	Message                 string
+}
+
+func (t AssetFindingConflictError) Error() string {
+	return fmt.Sprintf("Conflicting Asset Finding Found with ID %s: %s", *t.ConflictingAssetFinding.Id, t.Message)
+}