From 18f14cab4cf1de46bd256afb708fde636350f0c5 Mon Sep 17 00:00:00 2001
From: Tomasz Janiszewski <tomek@redhat.com>
Date: Tue, 13 Sep 2022 16:41:23 +0200
Subject: [PATCH 1/4] Fix tests by using old immage

---
 .../src/test/groovy/ImageScanningTest.groovy                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy b/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy
index 9208258d..74ca7796 100644
--- a/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy
+++ b/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy
@@ -61,9 +61,9 @@ class ImageScanningTest extends BaseSpecification {
 
         where:
         "data inputs are: "
-        imageName             | policyName          | tag
-        "jenkins/jenkins:lts" | "Fixable CVSS >= 7" | "lts"
-        "nginx:latest"        | "Latest tag"        | "latest"
+        imageName              | policyName          | tag
+        "jenkins/jenkins:2.77" | "Fixable CVSS >= 7" | "2.77"
+        "nginx:latest"         | "Latest tag"        | "latest"
     }
 
     @Unroll

From 742c58b8e7329f9fefa37529cbd53e21b28e2155 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Jul 2022 07:31:20 +0000
Subject: [PATCH 2/4] Bump openapi-generator-maven-plugin in
 /stackrox-container-image-scanner

Bumps openapi-generator-maven-plugin from 5.4.0 to 6.0.1.

---
updated-dependencies:
- dependency-name: org.openapitools:openapi-generator-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 stackrox-container-image-scanner/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stackrox-container-image-scanner/pom.xml b/stackrox-container-image-scanner/pom.xml
index 075aeb5d..a71170d6 100644
--- a/stackrox-container-image-scanner/pom.xml
+++ b/stackrox-container-image-scanner/pom.xml
@@ -193,7 +193,7 @@
                 <groupId>org.openapitools</groupId>
                 <artifactId>openapi-generator-maven-plugin</artifactId>
                 <!-- RELEASE_VERSION -->
-                <version>5.4.0</version>
+                <version>6.0.1</version>
                 <!-- /RELEASE_VERSION -->
                 <executions>
                     <execution>

From a1e381411b4526444cd739db1e15c4abd855d078 Mon Sep 17 00:00:00 2001
From: Daniel Haus <dhaus@redhat.com>
Date: Fri, 8 Jul 2022 03:12:08 +0200
Subject: [PATCH 3/4] Add allow-default-enum, tests.

---
 stackrox-container-image-scanner/pom.xml         |  6 ++++++
 .../plugins/services/ImageServiceTest.java       | 13 +++++++++++++
 .../plugins/services/ServiceExceptionTest.java   | 10 ++++++++--
 .../__files/v1/images/scan/unknown-enum.json     | 16 ++++++++++++++++
 4 files changed, 43 insertions(+), 2 deletions(-)
 create mode 100644 stackrox-container-image-scanner/src/test/resources/__files/v1/images/scan/unknown-enum.json

diff --git a/stackrox-container-image-scanner/pom.xml b/stackrox-container-image-scanner/pom.xml
index a71170d6..8e570063 100644
--- a/stackrox-container-image-scanner/pom.xml
+++ b/stackrox-container-image-scanner/pom.xml
@@ -81,6 +81,11 @@
             <version>4.5.13</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>javax</groupId>
+            <artifactId>javaee-api</artifactId>
+            <version>7.0</version>
+        </dependency>
         <dependency>
             <groupId>com.google.guava</groupId>
             <artifactId>guava</artifactId>
@@ -214,6 +219,7 @@
                                 <dateLibrary>java8</dateLibrary>
                                 <java8>true</java8>
                                 <sourceFolder>src/gen/java/main</sourceFolder>
+                                <enumUnknownDefaultCase>true</enumUnknownDefaultCase>
                             </configOptions>
                         </configuration>
                     </execution>
diff --git a/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ImageServiceTest.java b/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ImageServiceTest.java
index 9c51321d..021291f6 100644
--- a/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ImageServiceTest.java
+++ b/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ImageServiceTest.java
@@ -73,6 +73,19 @@ public void shouldNotFailOnMissingData() throws IOException {
         assertEquals(expected, actual);
     }
 
+    @Test
+    public void shouldNotFailOnUnknownEnumValue() throws IOException {
+        MOCK_SERVER.stubFor(postImagesScan().willReturn(
+                ok().withBodyFile("v1/images/scan/unknown-enum.json")));
+        List<CVE> actual = imageService.getImageScanResults("nginx:latest");
+        ImmutableList<CVE> expected = ImmutableList.of(
+                new CVE(null, null, new StorageEmbeddedVulnerability()
+                        .cve("CVE-MISSING-DATA")
+                        .scoreVersion(V2))
+        );
+        assertEquals(expected, actual);
+    }
+
     private MappingBuilder postImagesScan() {
         return post(urlEqualTo("/v1/images/scan"))
                 .withHeader("Authorization", equalTo("Bearer {some token}"))
diff --git a/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ServiceExceptionTest.java b/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ServiceExceptionTest.java
index 035f22d2..64da0c80 100644
--- a/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ServiceExceptionTest.java
+++ b/stackrox-container-image-scanner/src/test/java/com/stackrox/jenkins/plugins/services/ServiceExceptionTest.java
@@ -13,8 +13,14 @@ class ServiceExceptionTest {
     @DisplayName("ServiceException message")
     @ParameterizedTest(name = "should be \"{2}\" when response body \"{0}\"")
     @CsvSource({
-            ",,Status code: 500.",
-            ",API Message,Status code: 500. Error: API Message",
+            ",,'Status code: 500. Error: Message: null\n" +
+                    "HTTP response code: 500\n" +
+                    "HTTP response body: null\n" +
+                    "HTTP response headers: null'",
+            ",API Message,'Status code: 500. Error: Message: API Message\n" +
+                    "HTTP response code: 500\n" +
+                    "HTTP response body: null\n" +
+                    "HTTP response headers: null'",
             "{},,Status code: 500.",
             "{\"message\":\"some error\"},,Status code: 500. Error: some error",
             "not a json,,Status code: 500. Response body: not a json"
diff --git a/stackrox-container-image-scanner/src/test/resources/__files/v1/images/scan/unknown-enum.json b/stackrox-container-image-scanner/src/test/resources/__files/v1/images/scan/unknown-enum.json
new file mode 100644
index 00000000..70740eeb
--- /dev/null
+++ b/stackrox-container-image-scanner/src/test/resources/__files/v1/images/scan/unknown-enum.json
@@ -0,0 +1,16 @@
+{
+  "scan": {
+    "components": [
+      {
+        "vulns": [
+          {
+            "cve": "CVE-MISSING-DATA"
+          }
+        ]
+      }
+    ],
+    "notes": [
+      "UNKNOWN VALUE"
+    ]
+  }
+}

From 8acca2a7da1b84cea4aa775a9c0c60f7be039d40 Mon Sep 17 00:00:00 2001
From: Tomasz Janiszewski <tomek@redhat.com>
Date: Tue, 13 Sep 2022 11:04:23 +0200
Subject: [PATCH 4/4] Update pom.xml

---
 stackrox-container-image-scanner/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stackrox-container-image-scanner/pom.xml b/stackrox-container-image-scanner/pom.xml
index 8e570063..e3b6ba00 100644
--- a/stackrox-container-image-scanner/pom.xml
+++ b/stackrox-container-image-scanner/pom.xml
@@ -198,7 +198,7 @@
                 <groupId>org.openapitools</groupId>
                 <artifactId>openapi-generator-maven-plugin</artifactId>
                 <!-- RELEASE_VERSION -->
-                <version>6.0.1</version>
+                <version>6.1.0</version>
                 <!-- /RELEASE_VERSION -->
                 <executions>
                     <execution>