feat: add guided SecurityException form#99
Conversation
|
Warning Review limit reached
More reviews will be available in 45 minutes and 23 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (6)
📝 WalkthroughWalkthroughAdds a multi-step SecurityExceptionForm, a CreateExceptionButton dialog wrapper, tests, and integrates exception creation into compliance and vulnerability WorkloadScanDetails tables with prefilled context. ChangesSecurity Exception Creation
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/exceptions/SecurityExceptionForm.tsx`:
- Around line 767-771: The Confirm and Create button can be clicked again after
success because isSubmitting becomes false and canContinue becomes true; modify
the continue gating to also check for createdResource so the form locks after a
successful submit. Update the logic that computes canContinue (or the render
condition around the Button in SecurityExceptionForm, referencing handleSubmit,
isSubmitting and canContinue) to return false when createdResource is
non-null/defined, and/or add a direct check when rendering the Button to disable
it if createdResource exists; ensure handleSubmit still sets createdResource on
success so the new guard prevents duplicate post requests.
In `@src/vulnerabilities/WorkloadScanDetails.tsx`:
- Around line 153-155: The external Link using target="_blank" in the
WorkloadScanDetails table cell (the Link component that renders
href={row.original.vulnerability.dataSource} and content from cell.getValue())
needs to include rel="noopener noreferrer" to prevent tabnabbing; update the
Link element to add rel="noopener noreferrer" alongside target="_blank" so the
link becomes secure while keeping the same href and displayed value.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: c3d89261-01d9-438b-abc9-39d76e910928
📒 Files selected for processing (5)
src/compliance/WorkloadScanDetails.tsxsrc/exceptions/CreateExceptionButton.tsxsrc/exceptions/SecurityExceptionForm.test.tsxsrc/exceptions/SecurityExceptionForm.tsxsrc/vulnerabilities/WorkloadScanDetails.tsx
|
Thanks for the PR, the wizard is a nice feature. Review:
|
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/exceptions/CreateExceptionButton.tsx`:
- Line 45: Update the dialog title text in CreateExceptionButton.tsx so it
matches the trigger tooltip/aria-label by changing the DialogTitle string from
"Create SecurityException" to "Create Security Exception"; verify the
DialogTitle component (and any related label/tooltip constants or props used in
the CreateExceptionButton component) uses the spaced wording for consistent UX
copy.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 9c189b3f-d88d-4545-94d0-6ee717a0d88b
📒 Files selected for processing (4)
src/compliance/WorkloadScanDetails.tsxsrc/exceptions/CreateExceptionButton.tsxsrc/exceptions/SecurityExceptionForm.tsxsrc/vulnerabilities/WorkloadScanDetails.tsx
🚧 Files skipped from review as they are similar to previous changes (3)
- src/compliance/WorkloadScanDetails.tsx
- src/vulnerabilities/WorkloadScanDetails.tsx
- src/exceptions/SecurityExceptionForm.tsx
Signed-off-by: Anvay <anvaykharb007@gmail.com>
…ion fallback, reuse centralized types Signed-off-by: Anvay <anvaykharb007@gmail.com>
…ard cluster, fix event typing, test theme & mocks Signed-off-by: Anvay <anvaykharb007@gmail.com>
Signed-off-by: Anvay <anvaykharb007@gmail.com>
cc9bbee to
e70dacb
Compare
|
Hi @mgalesloot , thanks for the review! All points addressed in the latest commits icon button with tooltip, type inferred from context, API version fixed, types moved to central models file, and synced with PR #84. Let me know if anything else needs adjustment! |
|
This PR can still not be merged with #86. Both PRs are working on exceptions with CRDs instead of configmaps. I will merge the other PR 86 to main to make it easier: please rebase this PR branch on main. |
This pull request introduces a new "Create Exception" workflow for both compliance controls and vulnerability matches, making it easier for users to create security exceptions directly from scan results. It adds a reusable
CreateExceptionButtoncomponent, integrates it into compliance and vulnerability scan details, and provides comprehensive test coverage for the exception form. Additionally, the code improves type safety in several places.Exception Management Integration:
CreateExceptionButtoncomponent (src/exceptions/CreateExceptionButton.tsx) that opens a dialog to create a security exception, prefilled with relevant workload or vulnerability information.CreateExceptionButtoninto the compliance scan details table, so users can create exceptions for failed controls that are not already excepted. [1] [2]CreateExceptionButtonto each vulnerability match row in the vulnerabilities scan details, allowing exceptions to be created for specific CVEs. [1] [2] [3] [4]Testing and Validation:
SecurityExceptionForm, covering form navigation, field validation, prefill functionality, and correct API submission for both namespaced and cluster-scoped exceptions.Type Safety and Code Quality:
WorkloadScanDetails.tsxandWorkloadScanDetails.tsx(vulnerabilities), replacinganywith explicit types for better type safety and maintainability. [1] [2] [3] [4]Summary by CodeRabbit