From 460a817d579b7f6594f664bb44a3ac4c6107e596 Mon Sep 17 00:00:00 2001
From: "Bartra, Rick (rb560u)" <rb560u@att.com>
Date: Mon, 29 Mar 2021 17:49:19 -0400
Subject: [PATCH] Update CVE report link to not display when artifact doesn't
 exists

The CVE report link is generated by queries against harbor
including getting the SHA of the image based off the image tag
which is the pipeline run task ID. In cases where an image can't be
found via the tag, the CVE link report should not display. As an
example, the image does not exists in Harbor if the docker build
for the image failed, so in this case no CVE link should be
displayed in Gerrit as the image scan never took place.

Change-Id: I48d7160834f33426dc283c8f8dfa24872929551a
---
 charts/jarvis-system/templates/Task-createFailure.yaml | 4 +++-
 charts/jarvis-system/templates/Task-createSuccess.yaml | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/charts/jarvis-system/templates/Task-createFailure.yaml b/charts/jarvis-system/templates/Task-createFailure.yaml
index 586a4e18..d111b95d 100644
--- a/charts/jarvis-system/templates/Task-createFailure.yaml
+++ b/charts/jarvis-system/templates/Task-createFailure.yaml
@@ -50,7 +50,9 @@ spec:
             REPOSITORY_NAME=$(echo $PROJECT_INFO | jq -r '.repository'[0].'repository_name' | awk -F"/" '{print $2}')
             # Grabs the SHA256 of the corresponding artifact based off taskrun uid
             SHA256=$(curl -k -X GET --netrc-file /run/jarvis/harbor-netrc/harbor-netrc "https://{{ .Values.params.harbor.dashboard.host }}/api/v2.0/projects/$(params.project)-staging/repositories/${REPOSITORY_NAME}/artifacts/${TASK_RUN_UID}" -H  "accept: application/json" | jq -r '.digest')
-            MESSAGE="${MESSAGE}\n\n----- Image Scan Report -----\nhttps://{{ .Values.params.harbor.dashboard.host }}/harbor/projects/${PROJECT_ID}/repositories/${REPOSITORY_NAME}/artifacts/${SHA256}"
+            if [ "${SHA256}" != "null" ]; then
+                MESSAGE="${MESSAGE}\n\n----- Image Scan Report -----\nhttps://{{ .Values.params.harbor.dashboard.host }}/harbor/projects/${PROJECT_ID}/repositories/${REPOSITORY_NAME}/artifacts/${SHA256}"
+            fi
         fi
 
         curl \
diff --git a/charts/jarvis-system/templates/Task-createSuccess.yaml b/charts/jarvis-system/templates/Task-createSuccess.yaml
index eb4e67d4..bafc5016 100644
--- a/charts/jarvis-system/templates/Task-createSuccess.yaml
+++ b/charts/jarvis-system/templates/Task-createSuccess.yaml
@@ -51,7 +51,9 @@ spec:
             REPOSITORY_NAME=$(echo $PROJECT_INFO | jq -r '.repository'[0].'repository_name' | awk -F"/" '{print $2}')
             # Grabs the SHA256 of the corresponding artifact based off taskrun uid
             SHA256=$(curl -k -X GET --netrc-file /run/jarvis/harbor-netrc/harbor-netrc "https://{{ .Values.params.harbor.dashboard.host }}/api/v2.0/projects/$(params.project)-staging/repositories/${REPOSITORY_NAME}/artifacts/${TASK_RUN_UID}" -H  "accept: application/json" | jq -r '.digest')
-            MESSAGE="${MESSAGE}\n\n----- Image Scan Report -----\nhttps://{{ .Values.params.harbor.dashboard.host }}/harbor/projects/${PROJECT_ID}/repositories/${REPOSITORY_NAME}/artifacts/${SHA256}"
+            if [ "${SHA256}" != "null" ]; then
+                MESSAGE="${MESSAGE}\n\n----- Image Scan Report -----\nhttps://{{ .Values.params.harbor.dashboard.host }}/harbor/projects/${PROJECT_ID}/repositories/${REPOSITORY_NAME}/artifacts/${SHA256}"
+            fi
         fi
 
         curl \