diff --git a/apollo/README.md b/apollo/README.md new file mode 100644 index 0000000..27f2231 --- /dev/null +++ b/apollo/README.md @@ -0,0 +1,2 @@ +# Apollo has moved +Apollo v3 lives in distro-tools at https://github.com/resf/distro-tools diff --git a/apollo/cmd/apollo/BUILD.bazel b/apollo/cmd/apollo/BUILD.bazel deleted file mode 100644 index afe84b0..0000000 --- a/apollo/cmd/apollo/BUILD.bazel +++ /dev/null @@ -1,21 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") - -go_library( - name = "apollo_lib", - srcs = ["main.go"], - importpath = "peridot.resf.org/apollo/cmd/apollo", - visibility = ["//visibility:private"], - deps = [ - "//apollo/db/connector", - "//apollo/impl/v1:impl", - "//utils", - "//vendor/github.com/sirupsen/logrus", - "//vendor/github.com/spf13/cobra", - ], -) - -go_binary( - name = "apollo", - embed = [":apollo_lib"], - visibility = ["//visibility:public"], -) diff --git a/apollo/cmd/apollo/ci/BUILD.bazel b/apollo/cmd/apollo/ci/BUILD.bazel deleted file mode 100644 index 410353c..0000000 --- a/apollo/cmd/apollo/ci/BUILD.bazel +++ /dev/null @@ -1,21 +0,0 @@ -load("//rules_resf:defs.bzl", "RESFDEPLOY_OUTS_MIGRATE", "container", "peridot_k8s") - -container( - base = "//bases/bazel/go", - files = [ - "//apollo/cmd/apollo", - ], - image_name = "apollo", - tars_to_layer = [ - "//apollo/migrate", - ], -) - -peridot_k8s( - name = "apollo", - src = "deploy.jsonnet", - outs = RESFDEPLOY_OUTS_MIGRATE, - chart_yaml = "Chart.yaml", - values_yaml = "values.yaml", - deps = ["//ci"], -) diff --git a/apollo/cmd/apollo/ci/Chart.yaml b/apollo/cmd/apollo/ci/Chart.yaml deleted file mode 100644 index e4fc115..0000000 --- a/apollo/cmd/apollo/ci/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v2 -name: apollo -description: Helm chart for apollo -type: application -version: 0.0.1 -appVersion: "0.0.1" diff --git a/apollo/cmd/apollo/ci/deploy.jsonnet b/apollo/cmd/apollo/ci/deploy.jsonnet deleted file mode 100644 index a3a2b46..0000000 --- a/apollo/cmd/apollo/ci/deploy.jsonnet +++ /dev/null @@ -1,48 +0,0 @@ -local resfdeploy = import 'ci/resfdeploy.jsonnet'; -local db = import 'ci/db.jsonnet'; -local kubernetes = import 'ci/kubernetes.jsonnet'; -local temporal = import 'ci/temporal.jsonnet'; -local utils = import 'ci/utils.jsonnet'; - -resfdeploy.new({ - name: 'apollo', - replicas: 1, - dbname: 'apollo', - backend: true, - migrate: true, - legacyDb: true, - command: '/bundle/apollo', - image: kubernetes.tag('apollo'), - tag: kubernetes.version, - dsn: { - name: 'APOLLO_DATABASE_URL', - value: db.dsn_legacy('apollo'), - }, - requests: if kubernetes.prod() then { - cpu: '0.5', - memory: '512M', - }, - ports: [ - { - name: 'http', - containerPort: 9100, - protocol: 'TCP', - expose: true, - }, - { - name: 'grpc', - containerPort: 9101, - protocol: 'TCP', - }, - ], - health: { - port: 9100, - }, - env: [ - { - name: 'APOLLO_PRODUCTION', - value: if kubernetes.dev() then 'false' else 'true', - }, - $.dsn, - ] + temporal.kube_env('APOLLO'), -}) diff --git a/apollo/cmd/apollo/ci/values.yaml b/apollo/cmd/apollo/ci/values.yaml deleted file mode 100644 index 724e8ce..0000000 --- a/apollo/cmd/apollo/ci/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Ports under requires ingressHost to be set during deploy -http: - ingressHost: null diff --git a/apollo/cmd/apollo/main.go b/apollo/cmd/apollo/main.go deleted file mode 100644 index 001dab6..0000000 --- a/apollo/cmd/apollo/main.go +++ /dev/null @@ -1,67 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package main - -import ( - "github.com/sirupsen/logrus" - "github.com/spf13/cobra" - apolloconnector "peridot.resf.org/apollo/db/connector" - apolloimpl "peridot.resf.org/apollo/impl/v1" - "peridot.resf.org/utils" -) - -var root = &cobra.Command{ - Use: "apollo", - Run: mn, -} - -var cnf = utils.NewFlagConfig() - -func init() { - cnf.DefaultPort = 9100 - - cnf.DatabaseName = utils.Pointer[string]("apollo") - cnf.Name = *cnf.DatabaseName - - root.PersistentFlags().String("homepage", "https://errata.build.resf.org", "Frontend root URL") - utils.AddFlags(root.PersistentFlags(), cnf) -} - -func mn(_ *cobra.Command, _ []string) { - apolloimpl.NewServer(apolloconnector.MustAuto()).Run() -} - -func main() { - utils.Main() - if err := root.Execute(); err != nil { - logrus.Fatal(err) - } -} diff --git a/apollo/cmd/apollostarter/BUILD.bazel b/apollo/cmd/apollostarter/BUILD.bazel deleted file mode 100644 index be4f65c..0000000 --- a/apollo/cmd/apollostarter/BUILD.bazel +++ /dev/null @@ -1,24 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") - -go_library( - name = "apollostarter_lib", - srcs = ["main.go"], - importpath = "peridot.resf.org/apollo/cmd/apollostarter", - visibility = ["//visibility:private"], - deps = [ - "//apollo/db/connector", - "//apollo/worker", - "//proto:common", - "//temporalutils", - "//utils", - "//vendor/github.com/sirupsen/logrus", - "//vendor/github.com/spf13/cobra", - "//vendor/go.temporal.io/sdk/client", - ], -) - -go_binary( - name = "apollostarter", - embed = [":apollostarter_lib"], - visibility = ["//visibility:public"], -) diff --git a/apollo/cmd/apollostarter/ci/BUILD.bazel b/apollo/cmd/apollostarter/ci/BUILD.bazel deleted file mode 100644 index 7b4f2dc..0000000 --- a/apollo/cmd/apollostarter/ci/BUILD.bazel +++ /dev/null @@ -1,20 +0,0 @@ -load("//rules_resf:defs.bzl", "RESFDEPLOY_OUTS_MIGRATE", "container", "peridot_k8s") - -container( - base = "//bases/bazel/go", - files = [ - "//apollo/cmd/apollostarter", - ], - image_name = "apollostarter", -) - -peridot_k8s( - name = "apollostarter", - src = "deploy.jsonnet", - outs = RESFDEPLOY_OUTS_MIGRATE, - chart_yaml = "Chart.yaml", - values_yaml = "values.yaml", - deps = [ - "//ci", - ], -) diff --git a/apollo/cmd/apollostarter/ci/Chart.yaml b/apollo/cmd/apollostarter/ci/Chart.yaml deleted file mode 100644 index 7611f47..0000000 --- a/apollo/cmd/apollostarter/ci/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v2 -name: apollostarter -description: Helm chart for apollostarter -type: application -version: 0.0.1 -appVersion: "0.0.1" diff --git a/apollo/cmd/apollostarter/ci/deploy.jsonnet b/apollo/cmd/apollostarter/ci/deploy.jsonnet deleted file mode 100644 index eb8ad81..0000000 --- a/apollo/cmd/apollostarter/ci/deploy.jsonnet +++ /dev/null @@ -1,46 +0,0 @@ -local resfdeploy = import 'ci/resfdeploy.jsonnet'; -local db = import 'ci/db.jsonnet'; -local kubernetes = import 'ci/kubernetes.jsonnet'; -local temporal = import 'ci/temporal.jsonnet'; -local utils = import 'ci/utils.jsonnet'; - -local site = std.extVar('site'); - -resfdeploy.new({ - name: 'apollostarter', - replicas: 1, - dbname: 'apollo', - backend: true, - migrate: true, - migrate_command: ['/bin/sh'], - migrate_args: ['-c', 'exit 0'], - legacyDb: true, - command: '/bundle/apollostarter', - image: kubernetes.tag('apollostarter'), - tag: kubernetes.version, - dsn: { - name: 'APOLLOSTARTER_DATABASE_URL', - value: db.dsn_legacy('apollo', false, 'apollostarter'), - }, - requests: if kubernetes.prod() then { - cpu: '1', - memory: '2G', - }, - ports: [ - { - name: 'http', - containerPort: 31209, - protocol: 'TCP', - }, - ], - health: { - port: 31209, - }, - env: [ - { - name: 'APOLLOSTARTER_PRODUCTION', - value: if kubernetes.dev() then 'false' else 'true', - }, - $.dsn, - ] + temporal.kube_env('APOLLOSTARTER'), -}) diff --git a/apollo/cmd/apollostarter/ci/values.yaml b/apollo/cmd/apollostarter/ci/values.yaml deleted file mode 100644 index f5e3403..0000000 --- a/apollo/cmd/apollostarter/ci/values.yaml +++ /dev/null @@ -1 +0,0 @@ -temporalHostPort: workflow-temporal-frontend.workflow.svc.cluster.local:7233 diff --git a/apollo/cmd/apollostarter/main.go b/apollo/cmd/apollostarter/main.go deleted file mode 100644 index 979b9ba..0000000 --- a/apollo/cmd/apollostarter/main.go +++ /dev/null @@ -1,153 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package main - -import ( - "context" - "github.com/sirupsen/logrus" - "github.com/spf13/cobra" - "go.temporal.io/sdk/client" - "log" - apolloconnector "peridot.resf.org/apollo/db/connector" - "peridot.resf.org/apollo/worker" - commonpb "peridot.resf.org/common" - "peridot.resf.org/temporalutils" - "peridot.resf.org/utils" -) - -var root = &cobra.Command{ - Use: "apollostarter", - Run: mn, -} - -var cnf = utils.NewFlagConfig() - -func init() { - cnf.DefaultPort = 31209 - - cnf.DatabaseName = utils.Pointer[string]("apollo") - cnf.Name = "apollostarter" - - temporalutils.AddFlags(root.PersistentFlags()) - utils.AddFlags(root.PersistentFlags(), cnf) -} - -func mn(_ *cobra.Command, _ []string) { - c, err := temporalutils.NewClient(client.Options{}) - if err != nil { - logrus.Fatalln("unable to create Temporal client", err) - } - defer c.Close() - - db := apolloconnector.MustAuto() - - w, err := worker.NewWorker(&worker.NewWorkerInput{ - Temporal: c, - Database: db, - TaskQueue: "apollo-v1-main-queue", - }) - defer w.Client.Close() - - // Poll Red Hat for new CVEs and advisories every two hours - cveWfOpts := client.StartWorkflowOptions{ - ID: "cron_cve_mirror", - TaskQueue: w.TaskQueue, - CronSchedule: "0 */2 * * *", - } - _, err = w.Client.ExecuteWorkflow(context.Background(), cveWfOpts, w.WorkflowController.PollRedHatCVEsWorkflow) - if err != nil { - log.Fatalf("unable to start cve workflow: %v", err) - } - errataWfOpts := client.StartWorkflowOptions{ - ID: "cron_errata_mirror", - TaskQueue: w.TaskQueue, - CronSchedule: "0 */2 * * *", - } - _, err = w.Client.ExecuteWorkflow(context.Background(), errataWfOpts, w.WorkflowController.PollRedHatErrataWorkflow) - if err != nil { - log.Fatalf("unable to start errata workflow: %v", err) - } - - // Poll unresolved CVE status and update every hour - cveStatusWfOpts := client.StartWorkflowOptions{ - ID: "cron_cve_status", - TaskQueue: w.TaskQueue, - CronSchedule: "0 */1 * * *", - } - _, err = w.Client.ExecuteWorkflow(context.Background(), cveStatusWfOpts, w.WorkflowController.UpdateCVEStateWorkflow) - if err != nil { - log.Fatalf("unable to start cve status workflow: %v", err) - } - - // Check if CVE is fixed downstream every 10 minutes - cveDownstreamWfOpts := client.StartWorkflowOptions{ - ID: "cron_cve_downstream", - TaskQueue: w.TaskQueue, - CronSchedule: "*/10 * * * *", - } - _, err = w.Client.ExecuteWorkflow(context.Background(), cveDownstreamWfOpts, w.WorkflowController.DownstreamCVECheckWorkflow) - if err != nil { - log.Fatalf("unable to start cve downstream workflow: %v", err) - } - - // Auto create advisory for fixed CVEs every 30 minutes - cveAdvisoryWfOpts := client.StartWorkflowOptions{ - ID: "cron_cve_advisory", - TaskQueue: w.TaskQueue, - CronSchedule: "*/10 * * * *", - } - _, err = w.Client.ExecuteWorkflow(context.Background(), cveAdvisoryWfOpts, w.WorkflowController.AutoCreateAdvisoryWorkflow) - if err != nil { - log.Fatalf("unable to start cve advisory workflow: %v", err) - } - - // only added so we get a health endpoint - s := utils.NewGRPCServer( - nil, - func(r *utils.Register) { - err := commonpb.RegisterHealthCheckServiceHandlerFromEndpoint(r.Context, r.Mux, r.Endpoint, r.Options) - if err != nil { - logrus.Fatalf("could not register health service: %v", err) - } - }, - func(r *utils.RegisterServer) { - commonpb.RegisterHealthCheckServiceServer(r.Server, &utils.HealthServer{}) - }, - ) - s.WaitGroup.Wait() -} - -func main() { - utils.Main() - if err := root.Execute(); err != nil { - log.Fatal(err) - } -} diff --git a/apollo/cmd/apolloworker/BUILD.bazel b/apollo/cmd/apolloworker/BUILD.bazel deleted file mode 100644 index ccffae5..0000000 --- a/apollo/cmd/apolloworker/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") - -go_library( - name = "apolloworker_lib", - srcs = ["main.go"], - importpath = "peridot.resf.org/apollo/cmd/apolloworker", - visibility = ["//visibility:private"], - deps = [ - "//apollo/db/connector", - "//apollo/rherrata", - "//apollo/rhsecurity", - "//apollo/worker", - "//apollo/workflow", - "//proto:common", - "//temporalutils", - "//utils", - "//vendor/github.com/sirupsen/logrus", - "//vendor/github.com/spf13/cobra", - "//vendor/go.temporal.io/sdk/client", - ], -) - -go_binary( - name = "apolloworker", - embed = [":apolloworker_lib"], - visibility = ["//visibility:public"], -) diff --git a/apollo/cmd/apolloworker/ci/BUILD.bazel b/apollo/cmd/apolloworker/ci/BUILD.bazel deleted file mode 100644 index bcf52c9..0000000 --- a/apollo/cmd/apolloworker/ci/BUILD.bazel +++ /dev/null @@ -1,20 +0,0 @@ -load("//rules_resf:defs.bzl", "RESFDEPLOY_OUTS_MIGRATE", "container", "peridot_k8s") - -container( - base = "//bases/bazel/go", - files = [ - "//apollo/cmd/apolloworker", - ], - image_name = "apolloworker", -) - -peridot_k8s( - name = "apolloworker", - src = "deploy.jsonnet", - outs = RESFDEPLOY_OUTS_MIGRATE, - chart_yaml = "Chart.yaml", - values_yaml = "values.yaml", - deps = [ - "//ci", - ], -) diff --git a/apollo/cmd/apolloworker/ci/Chart.yaml b/apollo/cmd/apolloworker/ci/Chart.yaml deleted file mode 100644 index a48eb17..0000000 --- a/apollo/cmd/apolloworker/ci/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v2 -name: apolloworker -description: Helm chart for apolloworker -type: application -version: 0.0.1 -appVersion: "0.0.1" diff --git a/apollo/cmd/apolloworker/ci/deploy.jsonnet b/apollo/cmd/apolloworker/ci/deploy.jsonnet deleted file mode 100644 index 3b88202..0000000 --- a/apollo/cmd/apolloworker/ci/deploy.jsonnet +++ /dev/null @@ -1,46 +0,0 @@ -local resfdeploy = import 'ci/resfdeploy.jsonnet'; -local db = import 'ci/db.jsonnet'; -local kubernetes = import 'ci/kubernetes.jsonnet'; -local temporal = import 'ci/temporal.jsonnet'; -local utils = import 'ci/utils.jsonnet'; - -local site = std.extVar('site'); - -resfdeploy.new({ - name: 'apolloworker', - replicas: 1, - dbname: 'apollo', - backend: true, - migrate: true, - migrate_command: ['/bin/sh'], - migrate_args: ['-c', 'exit 0'], - legacyDb: true, - command: '/bundle/apolloworker', - image: kubernetes.tag('apolloworker'), - tag: kubernetes.version, - dsn: { - name: 'APOLLOWORKER_DATABASE_URL', - value: db.dsn_legacy('apollo', false, 'apolloworker'), - }, - requests: if kubernetes.prod() then { - cpu: '1', - memory: '2G', - }, - ports: [ - { - name: 'http', - containerPort: 29209, - protocol: 'TCP', - }, - ], - health: { - port: 29209, - }, - env: [ - { - name: 'APOLLOWORKER_PRODUCTION', - value: if kubernetes.dev() then 'false' else 'true', - }, - $.dsn, - ] + temporal.kube_env('APOLLOWORKER'), -}) diff --git a/apollo/cmd/apolloworker/ci/values.yaml b/apollo/cmd/apolloworker/ci/values.yaml deleted file mode 100644 index f5e3403..0000000 --- a/apollo/cmd/apolloworker/ci/values.yaml +++ /dev/null @@ -1 +0,0 @@ -temporalHostPort: workflow-temporal-frontend.workflow.svc.cluster.local:7233 diff --git a/apollo/cmd/apolloworker/main.go b/apollo/cmd/apolloworker/main.go deleted file mode 100644 index bd843c4..0000000 --- a/apollo/cmd/apolloworker/main.go +++ /dev/null @@ -1,143 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package main - -import ( - "github.com/sirupsen/logrus" - "github.com/spf13/cobra" - "go.temporal.io/sdk/client" - "log" - apolloconnector "peridot.resf.org/apollo/db/connector" - "peridot.resf.org/apollo/rherrata" - "peridot.resf.org/apollo/rhsecurity" - "peridot.resf.org/apollo/worker" - "peridot.resf.org/apollo/workflow" - commonpb "peridot.resf.org/common" - "peridot.resf.org/temporalutils" - "peridot.resf.org/utils" - "sync" -) - -var root = &cobra.Command{ - Use: "apolloworker", - Run: mn, -} - -var cnf = utils.NewFlagConfig() - -func init() { - cnf.DefaultPort = 29209 - - cnf.DatabaseName = utils.Pointer[string]("apollo") - cnf.Name = "apolloworker" - - pflags := root.PersistentFlags() - pflags.String("vendor", "Rocky Enterprise Software Foundation", "Vendor name that is publishing the advisories") - - temporalutils.AddFlags(root.PersistentFlags()) - utils.AddFlags(root.PersistentFlags(), cnf) -} - -func mn(_ *cobra.Command, _ []string) { - c, err := temporalutils.NewClient(client.Options{}) - if err != nil { - logrus.Fatalln("unable to create Temporal client", err) - } - defer c.Close() - - db := apolloconnector.MustAuto() - - options := []workflow.Option{ - workflow.WithSecurityAPI(rhsecurity.NewAPIClient(rhsecurity.NewConfiguration()).DefaultApi), - workflow.WithErrataAPI(rherrata.NewClient()), - } - - w, err := worker.NewWorker( - &worker.NewWorkerInput{ - Temporal: c, - Database: db, - TaskQueue: "apollo-v1-main-queue", - }, - options..., - ) - defer w.Client.Close() - - w.Worker.RegisterWorkflow(w.WorkflowController.AutoCreateAdvisoryWorkflow) - w.Worker.RegisterWorkflow(w.WorkflowController.DownstreamCVECheckWorkflow) - w.Worker.RegisterWorkflow(w.WorkflowController.PollRedHatCVEsWorkflow) - w.Worker.RegisterWorkflow(w.WorkflowController.PollRedHatErrataWorkflow) - w.Worker.RegisterWorkflow(w.WorkflowController.UpdateCVEStateWorkflow) - - w.Worker.RegisterActivity(w.WorkflowController.AutoCreateAdvisoryActivity) - w.Worker.RegisterActivity(w.WorkflowController.GetAllShortCodesActivity) - w.Worker.RegisterActivity(w.WorkflowController.DownstreamCVECheckActivity) - w.Worker.RegisterActivity(w.WorkflowController.PollCVEProcessShortCodeActivity) - w.Worker.RegisterActivity(w.WorkflowController.ProcessRedHatErrataShortCodeActivity) - w.Worker.RegisterActivity(w.WorkflowController.UpdateCVEStateActivity) - - w.Worker.RegisterWorkflow(w.WorkflowController.CollectCVEDataWorkflow) - w.Worker.RegisterActivity(w.WorkflowController.CollectCVEDataActivity) - - var wg sync.WaitGroup - wg.Add(2) - - go func() { - w.Run() - wg.Done() - }() - - go func() { - // only added so we get a health endpoint - s := utils.NewGRPCServer( - nil, - func(r *utils.Register) { - err := commonpb.RegisterHealthCheckServiceHandlerFromEndpoint(r.Context, r.Mux, r.Endpoint, r.Options) - if err != nil { - logrus.Fatalf("could not register health service: %v", err) - } - }, - func(r *utils.RegisterServer) { - commonpb.RegisterHealthCheckServiceServer(r.Server, &utils.HealthServer{}) - }, - ) - s.WaitGroup.Wait() - wg.Done() - }() - - wg.Wait() -} - -func main() { - utils.Main() - if err := root.Execute(); err != nil { - log.Fatal(err) - } -} diff --git a/apollo/db/BUILD.bazel b/apollo/db/BUILD.bazel deleted file mode 100644 index 092b064..0000000 --- a/apollo/db/BUILD.bazel +++ /dev/null @@ -1,19 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "db", - srcs = [ - "convert.go", - "db.go", - ], - importpath = "peridot.resf.org/apollo/db", - visibility = ["//visibility:public"], - deps = [ - "//apollo/proto/v1:pb", - "//utils", - "//vendor/github.com/jmoiron/sqlx/types", - "//vendor/github.com/lib/pq", - "@org_golang_google_protobuf//types/known/timestamppb:go_default_library", - "@org_golang_google_protobuf//types/known/wrapperspb:go_default_library", - ], -) diff --git a/apollo/db/connector/BUILD.bazel b/apollo/db/connector/BUILD.bazel deleted file mode 100644 index d1dee1c..0000000 --- a/apollo/db/connector/BUILD.bazel +++ /dev/null @@ -1,14 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "connector", - srcs = ["connector.go"], - importpath = "peridot.resf.org/apollo/db/connector", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/db/psql", - "//utils", - "//vendor/github.com/sirupsen/logrus", - ], -) diff --git a/apollo/db/connector/connector.go b/apollo/db/connector/connector.go deleted file mode 100644 index 08ae7c1..0000000 --- a/apollo/db/connector/connector.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apolloconnector - -import ( - "github.com/sirupsen/logrus" - apollodb "peridot.resf.org/apollo/db" - apollopsql "peridot.resf.org/apollo/db/psql" - "peridot.resf.org/utils" -) - -// MustAuto automatically returns the correct access interface or fatally fails -func MustAuto() apollodb.Access { - dbType := utils.GetDbType() - switch dbType { - case utils.DbPostgres: - return apollopsql.New() - default: - logrus.Fatal("invalid database url supplied") - return nil - } -} diff --git a/apollo/db/convert.go b/apollo/db/convert.go deleted file mode 100644 index fe204d4..0000000 --- a/apollo/db/convert.go +++ /dev/null @@ -1,155 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apollodb - -import ( - "fmt" - "google.golang.org/protobuf/types/known/timestamppb" - "google.golang.org/protobuf/types/known/wrapperspb" - apollopb "peridot.resf.org/apollo/pb" - "strings" -) - -func DTOAdvisoryToPB(sc *Advisory) *apollopb.Advisory { - var errataType string - switch apollopb.Advisory_Type(sc.Type) { - case apollopb.Advisory_TYPE_SECURITY: - errataType = "SA" - break - case apollopb.Advisory_TYPE_BUGFIX: - errataType = "BA" - break - case apollopb.Advisory_TYPE_ENHANCEMENT: - errataType = "EA" - break - default: - errataType = "UNK" - break - } - - var publishedAt *timestamppb.Timestamp - if sc.PublishedAt.Valid { - publishedAt = timestamppb.New(sc.PublishedAt.Time) - } - - ret := &apollopb.Advisory{ - Type: apollopb.Advisory_Type(sc.Type), - ShortCode: sc.ShortCodeCode, - Name: fmt.Sprintf("%s%s-%d:%d", sc.ShortCodeCode, errataType, sc.Year, sc.Num), - Synopsis: sc.Synopsis, - Severity: apollopb.Advisory_Severity(sc.Severity), - Topic: sc.Topic, - Description: sc.Description, - AffectedProducts: sc.AffectedProducts, - Fixes: nil, - Cves: []*apollopb.CVE{}, - References: sc.References, - PublishedAt: publishedAt, - Rpms: nil, - RebootSuggested: sc.RebootSuggested, - } - if sc.Solution.Valid { - ret.Solution = &wrapperspb.StringValue{Value: sc.Solution.String} - } - for _, cve := range sc.Cves { - split := strings.SplitN(cve, ":::", 6) - ret.Cves = append(ret.Cves, &apollopb.CVE{ - Name: split[2], - SourceBy: wrapperspb.String(split[0]), - SourceLink: wrapperspb.String(split[1]), - Cvss3ScoringVector: wrapperspb.String(split[3]), - Cvss3BaseScore: wrapperspb.String(split[4]), - Cwe: wrapperspb.String(split[5]), - }) - } - if len(sc.Fixes) > 0 { - ret.Fixes = []*apollopb.Fix{} - } - for _, fix := range sc.Fixes { - split := strings.SplitN(fix, ":::", 4) - ret.Fixes = append(ret.Fixes, &apollopb.Fix{ - Ticket: wrapperspb.String(split[0]), - SourceBy: wrapperspb.String(split[1]), - SourceLink: wrapperspb.String(split[2]), - Description: wrapperspb.String(split[3]), - }) - } - if len(sc.RPMs) > 0 { - ret.Rpms = map[string]*apollopb.RPMs{} - } - for _, rpm := range sc.RPMs { - split := strings.SplitN(rpm, ":::", 2) - nvra := split[0] - productName := split[1] - if ret.Rpms[productName] == nil { - ret.Rpms[productName] = &apollopb.RPMs{} - } - - ret.Rpms[productName].Nvras = append(ret.Rpms[productName].Nvras, nvra) - } - - return ret -} - -func DTOListAdvisoriesToPB(scs []*Advisory) []*apollopb.Advisory { - var ret []*apollopb.Advisory - - for _, v := range scs { - ret = append(ret, DTOAdvisoryToPB(v)) - } - - return ret -} - -func DTOCVEToPB(cve *CVE) *apollopb.CVE { - ret := &apollopb.CVE{ - Name: cve.ID, - } - - if cve.SourceBy.Valid { - ret.SourceBy = wrapperspb.String(cve.SourceBy.String) - } - if cve.SourceLink.Valid { - ret.SourceLink = wrapperspb.String(cve.SourceLink.String) - } - - return ret -} - -func DTOListCVEsToPB(cves []*CVE) []*apollopb.CVE { - var ret []*apollopb.CVE - - for _, v := range cves { - ret = append(ret, DTOCVEToPB(v)) - } - - return ret -} diff --git a/apollo/db/db.go b/apollo/db/db.go deleted file mode 100644 index 3785ac9..0000000 --- a/apollo/db/db.go +++ /dev/null @@ -1,251 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apollodb - -import ( - "database/sql" - "github.com/jmoiron/sqlx/types" - "github.com/lib/pq" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/utils" - "time" -) - -// ShortCode is the DTO struct for `resf.apollo.ShortCode` -type ShortCode struct { - Code string `json:"code" db:"code"` - Mode int8 `json:"mode" db:"mode"` - CreatedAt *time.Time `json:"createdAt" db:"created_at"` - ArchivedAt sql.NullTime `json:"archivedAt" db:"archived_at"` -} - -// Advisory is the DTO struct for `resf.apollo.Advisory` -type Advisory struct { - ID int64 `db:"id"` - CreatedAt *time.Time `db:"created_at"` - - Year int `db:"year"` - Num int `db:"num"` - - Synopsis string `db:"synopsis"` - Topic string `db:"topic"` - Severity int `db:"severity"` - Type int `db:"type"` - Description string `db:"description"` - Solution sql.NullString `db:"solution"` - - RedHatIssuedAt sql.NullTime `db:"redhat_issued_at"` - ShortCodeCode string `db:"short_code_code"` - RebootSuggested bool `db:"reboot_suggested"` - PublishedAt sql.NullTime `db:"published_at"` - - AffectedProducts pq.StringArray `db:"affected_products"` - Fixes pq.StringArray `db:"fixes"` - Cves pq.StringArray `db:"cves"` - CveIds pq.StringArray `db:"cve_ids"` - References pq.StringArray `db:"references"` - RPMs pq.StringArray `db:"rpms"` - BuildArtifacts pq.StringArray `db:"build_artifacts"` - - // Only used for list/search queries - Total int64 `json:"total" db:"total"` -} - -// CVE is the DTO struct for `resf.apollo.CVE` -type CVE struct { - ID string `db:"id"` - CreatedAt *time.Time `db:"created_at"` - - AdvisoryId sql.NullInt64 `db:"advisory_id"` - ShortCode string `db:"short_code_code"` - - SourceBy sql.NullString `db:"source_by"` - SourceLink sql.NullString `db:"source_link"` - - Content types.NullJSONText `db:"content"` - - AffectedProductId sql.NullInt64 `db:"affected_product_id"` -} - -// AffectedProduct is the DTO struct for `resf.apollo.AffectedProduct` -type AffectedProduct struct { - ID int64 `db:"id"` - ProductID int64 `db:"product_id"` - CveID sql.NullString `db:"cve_id"` - State int `db:"state"` - Version string `db:"version"` - Package string `db:"package"` - Advisory sql.NullString `db:"advisory"` -} - -// Product is the DTO struct for `resf.apollo.Product` -type Product struct { - ID int64 `db:"id"` - Name string `db:"name"` - - CurrentFullVersion string `db:"current_full_version"` - RedHatMajorVersion sql.NullInt32 `db:"redhat_major_version"` - ShortCode string `db:"short_code_code"` - Archs pq.StringArray `db:"archs"` - MirrorFromDate sql.NullTime `json:"mirrorFromDate" db:"mirror_from_date"` - RedHatProductPrefix sql.NullString `json:"redHatProductPrefix" db:"redhat_product_prefix"` - Cpe sql.NullString `json:"cpe" db:"cpe"` - EolAt sql.NullTime `json:"eolAt" db:"eol_at"` - - BuildSystem string `json:"buildSystem" db:"build_system"` - BuildSystemEndpoint string `json:"buildSystemEndpoint" db:"build_system_endpoint"` - KojiCompose sql.NullString `json:"kojiCompose" db:"koji_compose"` - KojiModuleCompose sql.NullString `json:"kojiModuleCompose" db:"koji_module_compose"` - PeridotProjectID sql.NullString `json:"peridotProjectID" db:"peridot_project_id"` -} - -type BuildReference struct { - ID int64 `db:"id"` - AffectedProductId int64 `db:"affected_product_id"` - Rpm string `db:"rpm"` - SrcRpm string `db:"src_rpm"` - CveID string `db:"cve_id"` - Sha256Sum string `db:"sha256_sum"` - KojiID sql.NullString `db:"koji_id"` - PeridotID sql.NullString `db:"peridot_id"` -} - -type Fix struct { - ID int64 `db:"id"` - Ticket sql.NullString `db:"ticket"` - SourceBy sql.NullString `db:"source_by"` - SourceLink sql.NullString `db:"source_link"` - Description sql.NullString `db:"description"` -} - -type AdvisoryReference struct { - ID int64 `db:"advisory_reference"` - URL string `db:"url"` - AdvisoryId int64 `db:"advisory_id"` -} - -type MirrorState struct { - ShortCode string `db:"short_code_code"` - LastSync sql.NullTime `db:"last_sync"` - ErrataAfter sql.NullTime `db:"errata_after"` -} - -type AdvisoryCVE struct { - AdvisoryID int64 `db:"advisory_id"` - CveID string `db:"cve_id"` -} - -type AdvisoryFix struct { - AdvisoryID int64 `db:"advisory_id"` - FixID int64 `db:"fix_id"` -} - -type IgnoredUpstreamPackage struct { - ID int64 `db:"id"` - ProductID int64 `db:"product_id"` - Package string `db:"package"` -} - -type RebootSuggestedPackage struct { - CreatedAt *time.Time `db:"created_at"` - Name string `db:"name"` -} - -type AdvisoryRPM struct { - AdvisoryID int64 `db:"advisory_id"` - Name string `db:"name"` - ProductID int64 `db:"product_id"` -} - -type Access interface { - GetAllShortCodes() ([]*ShortCode, error) - GetShortCodeByCode(code string) (*ShortCode, error) - CreateShortCode(code string, mode apollopb.ShortCode_Mode) (*ShortCode, error) - - GetAllAdvisories(filters *apollopb.AdvisoryFilters, page int32, limit int32) ([]*Advisory, error) - // Advisory is a broad entity with lots of fields - // mustafa: It is in my opinion better to accept the same struct - // to create and update it. - // Obviously fields like ID and CreatedAt cannot be overridden - // The Create and Update methods for advisory do not return - // the following fields: - // - AffectedProducts - // - Fixes - // - Cves - // - References - CreateAdvisory(advisory *Advisory) (*Advisory, error) - // Update cannot override the RedHatIssuedAt field for mirrored advisories - UpdateAdvisory(advisory *Advisory) (*Advisory, error) - GetAdvisoryByCodeAndYearAndNum(code string, year int, num int) (*Advisory, error) - - GetAllUnresolvedCVEs() ([]*CVE, error) - GetPendingAffectedProducts() ([]*AffectedProduct, error) - GetAllCVEsFixedDownstream() ([]*CVE, error) - GetCVEByID(id string) (*CVE, error) - GetAllCVEs() ([]*CVE, error) - CreateCVE(cveId string, shortCode string, sourceBy *string, sourceLink *string, content types.NullJSONText) (*CVE, error) - SetCVEContent(cveId string, content types.JSONText) error - - GetProductsByShortCode(code string) ([]*Product, error) - GetProductByNameAndShortCode(product string, code string) (*Product, error) - GetProductByID(id int64) (*Product, error) - CreateProduct(name string, currentFullVersion string, redHatMajorVersion *int32, code string, archs []string) (*Product, error) - - GetAllAffectedProductsByCVE(cve string) ([]*AffectedProduct, error) - GetAffectedProductByCVEAndPackage(cve string, pkg string) (*AffectedProduct, error) - GetAffectedProductByAdvisory(advisory string) (*AffectedProduct, error) - GetAffectedProductByID(id int64) (*AffectedProduct, error) - CreateAffectedProduct(productId int64, cveId string, state int, version string, pkg string, advisory *string) (*AffectedProduct, error) - UpdateAffectedProductStateAndPackageAndAdvisory(id int64, state int, pkg string, advisory *string) error - DeleteAffectedProduct(id int64) error - - CreateFix(ticket string, sourceBy string, sourceLink string, description string) (int64, error) - - // This will return nil rather than an error if no rows are found - GetMirrorState(code string) (*MirrorState, error) - UpdateMirrorState(code string, lastSync *time.Time) error - UpdateMirrorStateErrata(code string, lastSync *time.Time) error - GetMaxLastSync() (*time.Time, error) - - CreateBuildReference(affectedProductId int64, rpm string, srcRpm string, cveId string, sha256Sum string, kojiId *string, peridotId *string) (*BuildReference, error) - CreateAdvisoryReference(advisoryId int64, url string) error - - GetAllIgnoredPackagesByProductID(productID int64) ([]string, error) - GetAllRebootSuggestedPackages() ([]string, error) - - // These add methods is treated like an upsert. They're only added if one doesn't exist - AddAdvisoryFix(advisoryId int64, fixId int64) error - AddAdvisoryCVE(advisoryId int64, cveId string) error - AddAdvisoryRPM(advisoryId int64, name string, productID int64) error - - Begin() (utils.Tx, error) - UseTransaction(tx utils.Tx) Access -} diff --git a/apollo/db/mock/BUILD.bazel b/apollo/db/mock/BUILD.bazel deleted file mode 100644 index 3e9340e..0000000 --- a/apollo/db/mock/BUILD.bazel +++ /dev/null @@ -1,14 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "mock", - srcs = ["mock.go"], - importpath = "peridot.resf.org/apollo/db/mock", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/proto/v1:pb", - "//utils", - "//vendor/github.com/jmoiron/sqlx/types", - ], -) diff --git a/apollo/db/mock/mock.go b/apollo/db/mock/mock.go deleted file mode 100644 index 8bc4607..0000000 --- a/apollo/db/mock/mock.go +++ /dev/null @@ -1,774 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apollomock - -import ( - "database/sql" - "fmt" - "github.com/jmoiron/sqlx/types" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/utils" - "time" -) - -type Access struct { - ShortCodes []*apollodb.ShortCode - Advisories []*apollodb.Advisory - Cves []*apollodb.CVE - Fixes []*apollodb.Fix - AdvisoryReferences []*apollodb.AdvisoryReference - Products []*apollodb.Product - AffectedProducts []*apollodb.AffectedProduct - BuildReferences []*apollodb.BuildReference - MirrorStates []*apollodb.MirrorState - AdvisoryCVEs []*apollodb.AdvisoryCVE - AdvisoryFixes []*apollodb.AdvisoryFix - IgnoredUpstreamPackages []*apollodb.IgnoredUpstreamPackage - RebootSuggestedPackages []*apollodb.RebootSuggestedPackage - AdvisoryRPMs []*apollodb.AdvisoryRPM -} - -func New() *Access { - return &Access{ - ShortCodes: []*apollodb.ShortCode{}, - Advisories: []*apollodb.Advisory{}, - Cves: []*apollodb.CVE{}, - Fixes: []*apollodb.Fix{}, - AdvisoryReferences: []*apollodb.AdvisoryReference{}, - Products: []*apollodb.Product{}, - AffectedProducts: []*apollodb.AffectedProduct{}, - BuildReferences: []*apollodb.BuildReference{}, - MirrorStates: []*apollodb.MirrorState{}, - AdvisoryCVEs: []*apollodb.AdvisoryCVE{}, - AdvisoryFixes: []*apollodb.AdvisoryFix{}, - IgnoredUpstreamPackages: []*apollodb.IgnoredUpstreamPackage{}, - RebootSuggestedPackages: []*apollodb.RebootSuggestedPackage{}, - AdvisoryRPMs: []*apollodb.AdvisoryRPM{}, - } -} - -func (a *Access) GetAllShortCodes() ([]*apollodb.ShortCode, error) { - return a.ShortCodes, nil -} - -func (a *Access) GetShortCodeByCode(code string) (*apollodb.ShortCode, error) { - for _, val := range a.ShortCodes { - if val.Code == code { - return val, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) CreateShortCode(code string, mode apollopb.ShortCode_Mode) (*apollodb.ShortCode, error) { - now := time.Now() - - shortCode := apollodb.ShortCode{ - Code: code, - Mode: int8(mode), - CreatedAt: &now, - ArchivedAt: sql.NullTime{}, - } - a.ShortCodes = append(a.ShortCodes, &shortCode) - - return &shortCode, nil -} - -func (a *Access) getAdvisoriesWithJoin(filter func(*apollodb.Advisory) bool) []*apollodb.Advisory { - var advisories []*apollodb.Advisory - for _, val := range a.Advisories { - if filter(val) { - advisories = append(advisories, val) - } - } - - if len(advisories) == 0 { - return advisories - } - - for _, advisory := range advisories { - advisory.AffectedProducts = []string{} - advisory.Fixes = []string{} - advisory.Cves = []string{} - advisory.References = []string{} - advisory.RPMs = []string{} - advisory.BuildArtifacts = []string{} - - for _, advisoryCve := range a.AdvisoryCVEs { - if advisoryCve.AdvisoryID != advisory.ID { - continue - } - - for _, buildReference := range a.BuildReferences { - if buildReference.CveID == advisoryCve.CveID { - advisory.BuildArtifacts = append(advisory.BuildArtifacts, fmt.Sprintf("%s:::%s", buildReference.Rpm, buildReference.SrcRpm)) - } - } - - for _, cve := range a.Cves { - if cve.ID == advisoryCve.CveID { - cveString := fmt.Sprintf("%s:::%s:::%s", cve.SourceBy.String, cve.SourceLink.String, cve.ID) - if !utils.StrContains(cveString, advisory.Cves) { - advisory.Cves = append(advisory.Cves, cveString) - } - } - } - for _, val := range a.AffectedProducts { - if val.CveID.String == advisoryCve.CveID { - for _, product := range a.Products { - if val.ProductID == product.ID { - if !utils.StrContains(product.Name, advisory.AffectedProducts) { - advisory.AffectedProducts = append(advisory.AffectedProducts, product.Name) - } - } - } - } - } - } - - for _, advisoryFix := range a.AdvisoryFixes { - if advisoryFix.AdvisoryID != advisory.ID { - continue - } - - for _, fix := range a.Fixes { - if fix.ID == advisoryFix.FixID { - if !utils.StrContains(fix.Ticket.String, advisory.Fixes) { - advisory.Fixes = append(advisory.Fixes, fix.Ticket.String) - } - } - } - } - - for _, advisoryReference := range a.AdvisoryReferences { - if advisoryReference.AdvisoryId != advisory.ID { - continue - } - - if !utils.StrContains(advisoryReference.URL, advisory.References) { - advisory.References = append(advisory.References, advisoryReference.URL) - } - } - - for _, advisoryRPM := range a.AdvisoryRPMs { - if advisoryRPM.AdvisoryID != advisory.ID { - continue - } - - if !utils.StrContains(advisoryRPM.Name, advisory.RPMs) { - advisory.RPMs = append(advisory.RPMs, advisoryRPM.Name) - } - } - } - - return advisories -} - -func (a *Access) GetAllAdvisories(filters *apollopb.AdvisoryFilters, page int32, limit int32) ([]*apollodb.Advisory, error) { - return a.getAdvisoriesWithJoin(func(advisory *apollodb.Advisory) bool { - if filters.Product != nil { - if !utils.StrContains(filters.Product.Value, advisory.AffectedProducts) { - return false - } - } - if advisory.PublishedAt.Valid { - if filters.Before != nil { - if advisory.PublishedAt.Time.After(filters.Before.AsTime()) { - return false - } - } - if filters.After != nil { - if advisory.PublishedAt.Time.Before(filters.After.AsTime()) { - return false - } - } - } - if filters.IncludeUnpublished != nil { - if !filters.IncludeUnpublished.Value && !advisory.PublishedAt.Valid { - return false - } - } else { - if !advisory.PublishedAt.Valid { - return false - } - } - - if advisory.Fixes != nil && len(advisory.Fixes) < 1 { - return false - } - - return true - }), nil -} - -func (a *Access) GetAdvisoryByCodeAndYearAndNum(code string, year int, num int) (*apollodb.Advisory, error) { - advisories := a.getAdvisoriesWithJoin(func(advisory *apollodb.Advisory) bool { - if advisory.ShortCodeCode == code && advisory.Year == year && advisory.Num == num { - return true - } - - return false - }) - - if len(advisories) == 0 { - return nil, sql.ErrNoRows - } - - advisory := advisories[0] - - if advisory.Fixes != nil && len(advisory.Fixes) < 1 { - return nil, fmt.Errorf("Expected advisory fixes. Was empty.") - } - - return advisory, nil -} - -func (a *Access) CreateAdvisory(advisory *apollodb.Advisory) (*apollodb.Advisory, error) { - var lastId int64 = 1 - if len(a.Advisories) > 0 { - lastId = a.Advisories[len(a.Advisories)-1].ID + 1 - } - - now := time.Now() - ret := &apollodb.Advisory{ - ID: lastId, - CreatedAt: &now, - Year: advisory.Year, - Num: advisory.Num, - Synopsis: advisory.Synopsis, - Topic: advisory.Topic, - Severity: advisory.Severity, - Type: advisory.Type, - Description: advisory.Description, - Solution: advisory.Solution, - RedHatIssuedAt: advisory.RedHatIssuedAt, - ShortCodeCode: advisory.ShortCodeCode, - PublishedAt: advisory.PublishedAt, - } - - return ret, nil -} - -func (a *Access) UpdateAdvisory(advisory *apollodb.Advisory) (*apollodb.Advisory, error) { - for _, val := range a.Advisories { - if val.ID == advisory.ID { - val.Year = advisory.Year - val.Num = advisory.Num - val.Synopsis = advisory.Synopsis - val.Topic = advisory.Topic - val.Severity = advisory.Severity - val.Type = advisory.Type - val.Description = advisory.Description - val.Solution = advisory.Solution - val.ShortCodeCode = advisory.ShortCodeCode - val.PublishedAt = advisory.PublishedAt - - return val, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) GetAllUnresolvedCVEs() ([]*apollodb.CVE, error) { - var cves []*apollodb.CVE - var addedCVEIds []string - - for _, cve := range a.Cves { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.CveID.String == cve.ID { - switch affectedProduct.State { - case - int(apollopb.AffectedProduct_STATE_UNDER_INVESTIGATION_UPSTREAM), - int(apollopb.AffectedProduct_STATE_UNDER_INVESTIGATION_DOWNSTREAM), - int(apollopb.AffectedProduct_STATE_AFFECTED_UPSTREAM), - int(apollopb.AffectedProduct_STATE_AFFECTED_DOWNSTREAM): - nCve := *cve - nCve.AffectedProductId = sql.NullInt64{Valid: true, Int64: affectedProduct.ID} - cves = append(cves, &nCve) - break - } - } - } - } - for _, cve := range a.Cves { - if !utils.StrContains(cve.ID, addedCVEIds) { - cves = append(cves, cve) - } - } - - return cves, nil -} - -func (a *Access) GetPendingAffectedProducts() ([]*apollodb.AffectedProduct, error) { - var ret []*apollodb.AffectedProduct - - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.State == int(apollopb.AffectedProduct_STATE_FIXED_UPSTREAM) { - ret = append(ret, affectedProduct) - } - } - - return ret, nil -} - -func (a *Access) GetAllCVEsFixedDownstream() ([]*apollodb.CVE, error) { - var cves []*apollodb.CVE - - for _, cve := range a.Cves { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.CveID.String == cve.ID { - if affectedProduct.State == int(apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM) { - nCve := *cve - nCve.AffectedProductId = sql.NullInt64{Valid: true, Int64: affectedProduct.ID} - cves = append(cves, &nCve) - break - } - } - } - } - - return cves, nil -} - -func (a *Access) GetCVEByID(id string) (*apollodb.CVE, error) { - for _, cve := range a.Cves { - if cve.ID == id { - return cve, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) GetAllCVEs() ([]*apollodb.CVE, error) { - return a.Cves, nil -} - -func (a *Access) CreateCVE(cveId string, shortCode string, sourceBy *string, sourceLink *string, content types.NullJSONText) (*apollodb.CVE, error) { - var sby sql.NullString - var sl sql.NullString - - if sourceBy != nil { - sby.String = *sourceBy - sby.Valid = true - } - - if sourceLink != nil { - sl.String = *sourceLink - sl.Valid = true - } - - now := time.Now() - cve := &apollodb.CVE{ - ID: cveId, - CreatedAt: &now, - AdvisoryId: sql.NullInt64{}, - ShortCode: shortCode, - SourceBy: sby, - SourceLink: sl, - Content: content, - } - a.Cves = append(a.Cves, cve) - - return cve, nil -} - -func (a *Access) SetCVEContent(cveId string, content types.JSONText) error { - for _, cve := range a.Cves { - if cve.ID == cveId { - cve.Content = types.NullJSONText{Valid: true, JSONText: content} - return nil - } - } - - return sql.ErrNoRows -} - -func (a *Access) GetProductsByShortCode(code string) ([]*apollodb.Product, error) { - var products []*apollodb.Product - - for _, product := range a.Products { - if product.ShortCode == code { - products = append(products, product) - } - } - - return products, nil -} - -func (a *Access) GetProductByNameAndShortCode(name string, code string) (*apollodb.Product, error) { - for _, product := range a.Products { - if product.Name == name && product.ShortCode == code { - return product, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) GetProductByID(id int64) (*apollodb.Product, error) { - for _, product := range a.Products { - if product.ID == id { - return product, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) CreateProduct(name string, currentFullVersion string, redHatMajorVersion *int32, code string, archs []string) (*apollodb.Product, error) { - var lastId int64 = 1 - if len(a.Products) > 0 { - lastId = a.Products[len(a.Products)-1].ID + 1 - } - - var rhmv sql.NullInt32 - if redHatMajorVersion != nil { - rhmv.Int32 = *redHatMajorVersion - rhmv.Valid = true - } - - product := &apollodb.Product{ - ID: lastId, - Name: name, - CurrentFullVersion: currentFullVersion, - RedHatMajorVersion: rhmv, - ShortCode: code, - Archs: archs, - MirrorFromDate: sql.NullTime{}, - RedHatProductPrefix: sql.NullString{}, - } - a.Products = append(a.Products, product) - - return product, nil -} - -func (a *Access) GetAllAffectedProductsByCVE(cve string) ([]*apollodb.AffectedProduct, error) { - var affectedProducts []*apollodb.AffectedProduct - - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.CveID.String == cve { - affectedProducts = append(affectedProducts, affectedProduct) - } - } - - return affectedProducts, nil -} - -func (a *Access) GetAffectedProductByCVEAndPackage(cve string, pkg string) (*apollodb.AffectedProduct, error) { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.CveID.String == cve && affectedProduct.Package == pkg { - return affectedProduct, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) GetAffectedProductByAdvisory(advisory string) (*apollodb.AffectedProduct, error) { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.Advisory.String == advisory { - return affectedProduct, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) GetAffectedProductByID(id int64) (*apollodb.AffectedProduct, error) { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.ID == id { - return affectedProduct, nil - } - } - - return nil, sql.ErrNoRows -} - -func (a *Access) CreateAffectedProduct(productId int64, cveId string, state int, version string, pkg string, advisory *string) (*apollodb.AffectedProduct, error) { - var lastId int64 = 1 - if len(a.AffectedProducts) > 0 { - lastId = a.AffectedProducts[len(a.AffectedProducts)-1].ID + 1 - } - - var adv sql.NullString - if advisory != nil { - adv.String = *advisory - adv.Valid = true - } - - affectedProduct := &apollodb.AffectedProduct{ - ID: lastId, - ProductID: productId, - CveID: sql.NullString{Valid: true, String: cveId}, - State: state, - Version: version, - Package: pkg, - Advisory: adv, - } - a.AffectedProducts = append(a.AffectedProducts, affectedProduct) - - return affectedProduct, nil -} - -func (a *Access) UpdateAffectedProductStateAndPackageAndAdvisory(id int64, state int, pkg string, advisory *string) error { - for _, affectedProduct := range a.AffectedProducts { - if affectedProduct.ID == id { - affectedProduct.State = state - affectedProduct.Package = pkg - - var adv sql.NullString - if advisory != nil { - adv.String = *advisory - adv.Valid = true - } - affectedProduct.Advisory = adv - - return nil - } - } - - return sql.ErrNoRows -} - -func (a *Access) DeleteAffectedProduct(id int64) error { - var index *int - for i, affectedProduct := range a.AffectedProducts { - if affectedProduct.ID == id { - index = &i - } - } - if index == nil { - return sql.ErrNoRows - } - - a.AffectedProducts = append(a.AffectedProducts[:*index], a.AffectedProducts[*index+1:]...) - - return nil -} - -func (a *Access) CreateFix(ticket string, sourceBy string, sourceLink string, description string) (int64, error) { - var lastId int64 = 1 - if len(a.Fixes) > 0 { - lastId = a.Fixes[len(a.Fixes)-1].ID + 1 - } - - fix := &apollodb.Fix{ - ID: lastId, - Ticket: sql.NullString{Valid: true, String: ticket}, - SourceBy: sql.NullString{Valid: true, String: sourceBy}, - SourceLink: sql.NullString{Valid: true, String: sourceLink}, - Description: sql.NullString{Valid: true, String: description}, - } - a.Fixes = append(a.Fixes, fix) - - return lastId, nil -} - -func (a *Access) GetMirrorState(code string) (*apollodb.MirrorState, error) { - var lastSync *apollodb.MirrorState - - for _, mirrorState := range a.MirrorStates { - if mirrorState.ShortCode == code { - if mirrorState.LastSync.Valid { - lastSync = mirrorState - } - } - } - - if lastSync == nil { - return nil, sql.ErrNoRows - } - - return lastSync, nil -} - -func (a *Access) UpdateMirrorState(code string, lastSync *time.Time) error { - for _, mirrorState := range a.MirrorStates { - if mirrorState.ShortCode == code { - mirrorState.LastSync.Time = *lastSync - mirrorState.LastSync.Valid = true - - return nil - } - } - - mirrorState := &apollodb.MirrorState{ - ShortCode: code, - LastSync: sql.NullTime{Valid: true, Time: *lastSync}, - } - a.MirrorStates = append(a.MirrorStates, mirrorState) - - return nil -} - -func (a *Access) UpdateMirrorStateErrata(code string, lastSync *time.Time) error { - for _, mirrorState := range a.MirrorStates { - if mirrorState.ShortCode == code { - mirrorState.ErrataAfter.Time = *lastSync - mirrorState.ErrataAfter.Valid = true - - return nil - } - } - - mirrorState := &apollodb.MirrorState{ - ShortCode: code, - ErrataAfter: sql.NullTime{Valid: true, Time: *lastSync}, - } - a.MirrorStates = append(a.MirrorStates, mirrorState) - - return nil -} - -func (a *Access) GetMaxLastSync() (*time.Time, error) { - var maxLastSync *time.Time - - for _, mirrorState := range a.MirrorStates { - if mirrorState.LastSync.Valid { - if maxLastSync == nil || mirrorState.LastSync.Time.After(*maxLastSync) { - maxLastSync = &mirrorState.LastSync.Time - } - } - } - - if maxLastSync == nil { - return nil, sql.ErrNoRows - } - - return maxLastSync, nil -} - -func (a *Access) CreateBuildReference(affectedProductId int64, rpm string, srcRpm string, cveId string, sha256Sum string, kojiId *string, peridotId *string) (*apollodb.BuildReference, error) { - var lastId int64 = 1 - if len(a.BuildReferences) > 0 { - lastId = a.BuildReferences[len(a.BuildReferences)-1].ID + 1 - } - - buildReference := &apollodb.BuildReference{ - ID: lastId, - AffectedProductId: affectedProductId, - Rpm: rpm, - SrcRpm: srcRpm, - CveID: cveId, - Sha256Sum: sha256Sum, - } - if kojiId != nil { - buildReference.KojiID = sql.NullString{Valid: true, String: *kojiId} - } - if peridotId != nil { - buildReference.PeridotID = sql.NullString{Valid: true, String: *peridotId} - } - - a.BuildReferences = append(a.BuildReferences, buildReference) - - return buildReference, nil -} - -func (a *Access) CreateAdvisoryReference(advisoryId int64, url string) error { - var lastId int64 = 1 - if len(a.AdvisoryReferences) > 0 { - lastId = a.AdvisoryReferences[len(a.AdvisoryReferences)-1].ID + 1 - } - - advisoryReference := &apollodb.AdvisoryReference{ - ID: lastId, - URL: url, - AdvisoryId: advisoryId, - } - a.AdvisoryReferences = append(a.AdvisoryReferences, advisoryReference) - - return nil -} - -func (a *Access) GetAllIgnoredPackagesByProductID(productID int64) ([]string, error) { - var packages []string - - for _, ignoredPackage := range a.IgnoredUpstreamPackages { - if ignoredPackage.ProductID == productID { - packages = append(packages, ignoredPackage.Package) - } - } - - return packages, nil -} - -func (a *Access) GetAllRebootSuggestedPackages() ([]string, error) { - var packages []string - - for _, p := range a.RebootSuggestedPackages { - packages = append(packages, p.Name) - } - - return packages, nil -} - -func (a *Access) AddAdvisoryFix(advisoryId int64, fixId int64) error { - advisoryFix := &apollodb.AdvisoryFix{ - AdvisoryID: advisoryId, - FixID: fixId, - } - a.AdvisoryFixes = append(a.AdvisoryFixes, advisoryFix) - - return nil -} - -func (a *Access) AddAdvisoryCVE(advisoryId int64, cveId string) error { - advisoryCVE := &apollodb.AdvisoryCVE{ - AdvisoryID: advisoryId, - CveID: cveId, - } - a.AdvisoryCVEs = append(a.AdvisoryCVEs, advisoryCVE) - - return nil -} - -func (a *Access) AddAdvisoryRPM(advisoryId int64, name string, productID int64) error { - advisoryRPM := &apollodb.AdvisoryRPM{ - AdvisoryID: advisoryId, - Name: name, - ProductID: productID, - } - a.AdvisoryRPMs = append(a.AdvisoryRPMs, advisoryRPM) - - return nil -} - -func (a *Access) Begin() (utils.Tx, error) { - return &utils.MockTx{}, nil -} - -func (a *Access) UseTransaction(_ utils.Tx) apollodb.Access { - return a -} diff --git a/apollo/db/psql/BUILD.bazel b/apollo/db/psql/BUILD.bazel deleted file mode 100644 index 243f0ef..0000000 --- a/apollo/db/psql/BUILD.bazel +++ /dev/null @@ -1,15 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "psql", - srcs = ["psql.go"], - importpath = "peridot.resf.org/apollo/db/psql", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/proto/v1:pb", - "//utils", - "//vendor/github.com/jmoiron/sqlx", - "//vendor/github.com/jmoiron/sqlx/types", - ], -) diff --git a/apollo/db/psql/psql.go b/apollo/db/psql/psql.go deleted file mode 100644 index e5ab41a..0000000 --- a/apollo/db/psql/psql.go +++ /dev/null @@ -1,797 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apollopsql - -import ( - "database/sql" - "github.com/jmoiron/sqlx/types" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "time" - - "github.com/jmoiron/sqlx" - "peridot.resf.org/utils" -) - -type Access struct { - db *sqlx.DB - query utils.SqlQuery -} - -func New() *Access { - pgx := utils.PgInitx() - return &Access{ - db: pgx, - query: pgx, - } -} - -func (a *Access) GetAllShortCodes() ([]*apollodb.ShortCode, error) { - var shortCodes []*apollodb.ShortCode - err := a.query.Select( - &shortCodes, - ` - select - code, - mode, - created_at, - archived_at - from short_codes - order by created_at desc - `, - ) - if err != nil { - return nil, err - } - - return shortCodes, nil -} - -func (a *Access) GetShortCodeByCode(code string) (*apollodb.ShortCode, error) { - var shortCode apollodb.ShortCode - err := a.query.Get(&shortCode, "select code, mode, created_at from short_codes where code = $1", code) - if err != nil { - return nil, err - } - - return &shortCode, nil -} - -func (a *Access) CreateShortCode(code string, mode apollopb.ShortCode_Mode) (*apollodb.ShortCode, error) { - var shortCode apollodb.ShortCode - err := a.query.Get(&shortCode, "insert into short_codes (code, mode) values ($1, $2) returning code, mode, created_at", code, int(mode)) - if err != nil { - return nil, err - } - - return &shortCode, nil -} - -func (a *Access) GetAllAdvisories(filters *apollopb.AdvisoryFilters, page int32, limit int32) ([]*apollodb.Advisory, error) { - if filters == nil { - filters = &apollopb.AdvisoryFilters{} - } - - var advisories []*apollodb.Advisory - err := a.query.Select( - &advisories, - ` - select - a.id, - a.created_at, - a.year, - a.num, - a.synopsis, - a.topic, - a.severity, - a.type, - a.description, - a.solution, - a.redhat_issued_at, - a.short_code_code, - a.reboot_suggested, - a.published_at, - array_remove(array_agg(distinct p.name), NULL) as affected_products, - (select array_agg(distinct(f.ticket || ':::' || f.source_by || ':::' || f.source_link || ':::' || f.description)) from advisory_fixes adf inner join fixes f on f.id = adf.fix_id where adf.advisory_id = a.id) as fixes, - (select array_agg(distinct( - case when c.content is null then c.source_by || ':::' || c.source_link || ':::' || c.id || ':::::::::' - else c.source_by || ':::' || c.source_link || ':::' || c.id || ':::' || jsonb_extract_path_text(c.content, 'cvss3', 'cvss3_scoring_vector') || ':::' || jsonb_extract_path_text(c.content, 'cvss3', 'cvss3_base_score') || ':::' || jsonb_extract_path_text(c.content, 'cwe') - end - )) from advisory_cves ac inner join cves c on c.id = ac.cve_id where ac.advisory_id = a.id) as cves, - (select array_agg(distinct(url)) from advisory_references where advisory_id = a.id) as references, - case when $4 :: bool = true then array(select distinct concat(rpm, ':::', src_rpm) from build_references where affected_product_id in (select id from affected_products where advisory = 'RH' || (case when a.type=1 then 'SA' when a.type=2 then 'BA' else 'EA' end) || '-' || a.year || ':' || a.num)) - else array [] :: text[] - end as build_artifacts, - case when $7 :: bool = true then array(select distinct(ar.name || ':::' || p.name) from advisory_rpms ar inner join products p on p.id = ar.product_id where advisory_id = a.id) - else array [] :: text[] - end as rpms, - count(a.*) over() as total - from advisories a - inner join affected_products ap on ap.advisory = 'RH' || (case when a.type=1 then 'SA' when a.type=2 then 'BA' else 'EA' end) || '-' || a.year || ':' || a.num - inner join products p on ap.product_id = p.id - where - ($1 :: text is null or p.name = $1 :: text) - and ($2 :: timestamp is null or a.published_at < $2 :: timestamp) - and ($3 :: timestamp is null or a.published_at > $3 :: timestamp) - and (a.published_at is not null or $4 :: bool = true) - and ($5 :: text is null or exists (select cve_id from advisory_cves where advisory_id = a.id and cve_id ilike '%' || $5 :: text || '%')) - and ($6 :: text is null or a.synopsis ilike '%' || $6 :: text || '%') - and ($8 :: text is null or ((a.synopsis ilike '%' || $8 :: text || '%') or (a.topic ilike '%' || $8 :: text || '%') or (a.description ilike '%' || $8 :: text || '%') or (a.solution ilike '%' || $8 :: text || '%') or exists (select cve_id from advisory_cves where advisory_id = a.id and cve_id ilike '%' || $8 :: text || '%') or (a.short_code_code || (case when a.type=1 then 'SA' when a.type=2 then 'BA' else 'EA' end) || '-' || a.year || ':' || a.num ilike '%' || $8 :: text || '%'))) - and ($9 :: numeric = 0 or a.severity = $9 :: numeric) - and ($10 :: numeric = 0 or a.type = $10 :: numeric) - group by a.id - order by a.published_at desc - limit $11 offset $12 - `, - utils.StringValueToNullString(filters.Product), - utils.TimestampToNullTime(filters.Before), - utils.TimestampToNullTime(filters.After), - utils.BoolValueP(filters.IncludeUnpublished), - utils.StringValueToNullString(filters.Cve), - utils.StringValueToNullString(filters.Synopsis), - utils.BoolValueP(filters.IncludeRpms), - utils.StringValueToNullString(filters.Keyword), - int32(filters.Severity), - int32(filters.Type), - utils.UnlimitedLimit(limit), - utils.GetOffset(page, limit), - ) - if err != nil { - return nil, err - } - - return advisories, nil -} - -func (a *Access) GetAdvisoryByCodeAndYearAndNum(code string, year int, num int) (*apollodb.Advisory, error) { - var advisory apollodb.Advisory - err := a.query.Get( - &advisory, - ` - select - a.id, - a.created_at, - a.year, - a.num, - a.synopsis, - a.topic, - a.severity, - a.type, - a.description, - a.solution, - a.redhat_issued_at, - a.short_code_code, - a.reboot_suggested, - a.published_at, - array_remove(array_agg(distinct p.name), NULL) as affected_products, - (select array_agg(distinct(f.ticket || ':::' || f.source_by || ':::' || f.source_link || ':::' || f.description)) from advisory_fixes adf inner join fixes f on f.id = adf.fix_id where adf.advisory_id = a.id) as fixes, - (select array_agg(distinct( - case when c.content is null then c.source_by || ':::' || c.source_link || ':::' || c.id || ':::::::::' - else c.source_by || ':::' || c.source_link || ':::' || c.id || ':::' || jsonb_extract_path_text(c.content, 'cvss3', 'cvss3_scoring_vector') || ':::' || jsonb_extract_path_text(c.content, 'cvss3', 'cvss3_base_score') || ':::' || jsonb_extract_path_text(c.content, 'cwe') - end - )) from advisory_cves ac inner join cves c on c.id = ac.cve_id where ac.advisory_id = a.id) as cves, - (select array_agg(distinct(url)) from advisory_references where advisory_id = a.id) as references, - (select array_agg(distinct(ar.name || ':::' || p.name)) from advisory_rpms ar inner join products p on p.id = ar.product_id where advisory_id = a.id) as rpms - from advisories a - inner join affected_products ap on ap.advisory = 'RH' || (case when a.type=1 then 'SA' when a.type=2 then 'BA' else 'EA' end) || '-' || a.year || ':' || a.num - inner join products p on ap.product_id = p.id - where - a.year = $1 - and a.num = $2 - and a.short_code_code = $3 - group by a.id - `, - year, - num, - code, - ) - if err != nil { - return nil, err - } - - return &advisory, nil -} - -func (a *Access) CreateAdvisory(advisory *apollodb.Advisory) (*apollodb.Advisory, error) { - var ret apollodb.Advisory - - var redHatIssuedAt *time.Time - var publishedAt *time.Time - - if advisory.RedHatIssuedAt.Valid { - redHatIssuedAt = &advisory.RedHatIssuedAt.Time - } - if advisory.PublishedAt.Valid { - publishedAt = &advisory.PublishedAt.Time - } - - err := a.query.Get( - &ret, - ` - insert into advisories - (year, num, synopsis, topic, severity, type, description, solution, - redhat_issued_at, short_code_code, reboot_suggested, published_at) - values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12) - returning - id, - created_at, - year, - num, - synopsis, - topic, - severity, - type, - description, - solution, - redhat_issued_at, - short_code_code, - reboot_suggested, - published_at - `, - advisory.Year, - advisory.Num, - advisory.Synopsis, - advisory.Topic, - advisory.Severity, - advisory.Type, - advisory.Description, - advisory.Solution, - redHatIssuedAt, - advisory.ShortCodeCode, - advisory.RebootSuggested, - publishedAt, - ) - if err != nil { - return nil, err - } - - return &ret, nil -} - -func (a *Access) UpdateAdvisory(advisory *apollodb.Advisory) (*apollodb.Advisory, error) { - var ret apollodb.Advisory - - var publishedAt *time.Time - - if advisory.PublishedAt.Valid { - publishedAt = &advisory.PublishedAt.Time - } - - err := a.query.Get( - &ret, - ` - update advisories - set - year = $1, - num = $2, - synopsis = $3, - topic = $4, - severity = $5, - type = $6, - description = $7, - solution = $8, - short_code_code = $9, - reboot_suggested = $10, - published_at = $11 - where - id = $12 - returning - id, - created_at, - year, - num, - synopsis, - topic, - severity, - type, - description, - solution, - redhat_issued_at, - short_code_code, - reboot_suggested, - published_at - `, - advisory.Year, - advisory.Num, - advisory.Synopsis, - advisory.Topic, - advisory.Severity, - advisory.Type, - advisory.Description, - advisory.Solution, - advisory.ShortCodeCode, - advisory.RebootSuggested, - publishedAt, - advisory.ID, - ) - if err != nil { - return nil, err - } - - return &ret, nil -} - -func (a *Access) GetAllUnresolvedCVEs() ([]*apollodb.CVE, error) { - var cves []*apollodb.CVE - err := a.query.Select( - &cves, - ` - select - c.id, - c.created_at, - c.short_code_code, - c.source_by, - c.source_link, - c.content, - ap.id as affected_product_id - from cves c - left join affected_products ap on ap.cve_id = c.id - where (ap.state is null or ap.state in (1, 2, 8, 9)) - `, - ) - if err != nil { - return nil, err - } - - return cves, nil -} - -func (a *Access) GetPendingAffectedProducts() ([]*apollodb.AffectedProduct, error) { - var ret []*apollodb.AffectedProduct - err := a.query.Select( - &ret, - ` - select - ap.id, - ap.product_id, - ap.cve_id, - ap.state, - ap.version, - ap.package, - ap.advisory - from affected_products ap - where ap.state = 3 - `, - ) - if err != nil { - return nil, err - } - - return ret, nil -} - -func (a *Access) GetAllCVEsFixedDownstream() ([]*apollodb.CVE, error) { - var cves []*apollodb.CVE - err := a.query.Select( - &cves, - ` - select - c.id, - c.created_at, - c.short_code_code, - c.source_by, - c.source_link, - c.content, - ap.id as affected_product_id - from cves c - inner join affected_products ap on ap.cve_id = c.id - where - ap.state = 4 - `, - ) - if err != nil { - return nil, err - } - - return cves, nil -} - -func (a *Access) GetCVEByID(id string) (*apollodb.CVE, error) { - var cve apollodb.CVE - err := a.query.Get(&cve, "select id, created_at, short_code_code, source_by, source_link, content from cves where id = $1", id) - if err != nil { - return nil, err - } - - return &cve, nil -} - -func (a *Access) GetAllCVEs() ([]*apollodb.CVE, error) { - var cves []*apollodb.CVE - err := a.query.Select(&cves, "select id, created_at, short_code_code, source_by, source_link, content from cves") - if err != nil { - return nil, err - } - - return cves, nil -} - -func (a *Access) CreateCVE(cveId string, shortCode string, sourceBy *string, sourceLink *string, content types.NullJSONText) (*apollodb.CVE, error) { - var cve apollodb.CVE - err := a.query.Get(&cve, "insert into cves (id, short_code_code, source_by, source_link, content) values ($1, $2, $3, $4, $5) returning id, created_at, short_code_code, source_by, source_link, content", cveId, shortCode, sourceBy, sourceLink, content) - if err != nil { - return nil, err - } - - return &cve, nil -} - -func (a *Access) SetCVEContent(cveId string, content types.JSONText) error { - _, err := a.query.Exec("update cves set content = $1 where id = $2", content, cveId) - return err -} - -func (a *Access) GetProductsByShortCode(code string) ([]*apollodb.Product, error) { - var products []*apollodb.Product - err := a.query.Select( - &products, - ` - select - id, - name, - current_full_version, - redhat_major_version, - short_code_code, - archs, - mirror_from_date, - redhat_product_prefix, - cpe, - eol_at, - build_system, - build_system_endpoint, - koji_compose, - koji_module_compose, - peridot_project_id - from products - where - short_code_code = $1 - and (eol_at < now() or eol_at is null) - `, - code, - ) - if err != nil { - return nil, err - } - - return products, nil -} - -func (a *Access) GetProductByNameAndShortCode(name string, code string) (*apollodb.Product, error) { - var product apollodb.Product - err := a.query.Get( - &product, - ` - select - id, - name, - current_full_version, - redhat_major_version, - short_code_code, - archs, - mirror_from_date, - redhat_product_prefix, - cpe, - eol_at, - build_system, - build_system_endpoint, - koji_compose, - koji_module_compose, - peridot_project_id - from products - where - name = $1 - and short_code_code = $2 - `, - name, - code, - ) - if err != nil { - return nil, err - } - - return &product, nil -} - -func (a *Access) GetProductByID(id int64) (*apollodb.Product, error) { - var product apollodb.Product - err := a.query.Get( - &product, - ` - select - id, - name, - current_full_version, - redhat_major_version, - short_code_code, - archs, - mirror_from_date, - redhat_product_prefix, - cpe, - eol_at, - build_system, - build_system_endpoint, - koji_compose, - koji_module_compose, - peridot_project_id - from products - where - id = $1 - `, - id, - ) - if err != nil { - return nil, err - } - - return &product, nil -} - -func (a *Access) CreateProduct(name string, currentFullVersion string, redHatMajorVersion *int32, code string, archs []string) (*apollodb.Product, error) { - var product apollodb.Product - err := a.query.Get(&product, "insert into products (name, current_full_version, redhat_major_version, short_code_code, archs) values ($1, $2, $3, $4) returning id, name, current_full_version, redhat_major_version, short_code_code, archs", name, currentFullVersion, redHatMajorVersion, code, archs) - if err != nil { - return nil, err - } - - return &product, nil -} - -func (a *Access) GetAllAffectedProductsByCVE(cve string) ([]*apollodb.AffectedProduct, error) { - var affectedProducts []*apollodb.AffectedProduct - err := a.query.Select(&affectedProducts, "select id, product_id, cve_id, state, version, package, advisory from affected_products where cve_id = $1", cve) - if err != nil { - return nil, err - } - - return affectedProducts, nil -} - -func (a *Access) GetAffectedProductByCVEAndPackage(cve string, pkg string) (*apollodb.AffectedProduct, error) { - var affectedProduct apollodb.AffectedProduct - err := a.query.Get(&affectedProduct, "select id, product_id, cve_id, state, version, package, advisory from affected_products where cve_id = $1 and package = $2", cve, pkg) - if err != nil { - return nil, err - } - - return &affectedProduct, nil -} - -func (a *Access) GetAffectedProductByAdvisory(advisory string) (*apollodb.AffectedProduct, error) { - var affectedProduct apollodb.AffectedProduct - err := a.query.Get(&affectedProduct, "select id, product_id, cve_id, state, version, package, advisory from affected_products where advisory = $1", advisory) - if err != nil { - return nil, err - } - - return &affectedProduct, nil -} - -func (a *Access) GetAffectedProductByID(id int64) (*apollodb.AffectedProduct, error) { - var affectedProduct apollodb.AffectedProduct - err := a.query.Get(&affectedProduct, "select id, product_id, cve_id, state, version, package, advisory from affected_products where id = $1", id) - if err != nil { - return nil, err - } - - return &affectedProduct, nil -} - -func (a *Access) CreateAffectedProduct(productId int64, cveId string, state int, version string, pkg string, advisory *string) (*apollodb.AffectedProduct, error) { - var affectedProduct apollodb.AffectedProduct - err := a.query.Get(&affectedProduct, "insert into affected_products (product_id, cve_id, state, version, package, advisory) values ($1, $2, $3, $4, $5, $6) returning id, product_id, cve_id, state, version, package, advisory", productId, cveId, state, version, pkg, advisory) - if err != nil { - return nil, err - } - - return &affectedProduct, nil -} - -func (a *Access) UpdateAffectedProductStateAndPackageAndAdvisory(id int64, state int, pkg string, advisory *string) error { - _, err := a.query.Exec( - ` - update affected_products - set - state = $1, - package = $2, - advisory = $3 - where id = $4 - `, - state, - pkg, - advisory, - id, - ) - return err -} - -func (a *Access) DeleteAffectedProduct(id int64) error { - _, err := a.query.Exec( - ` - delete from affected_products - where id = $1 - `, - id, - ) - return err -} - -func (a *Access) CreateFix(ticket string, sourceBy string, sourceLink, description string) (int64, error) { - var id int64 - err := a.query.Get(&id, "insert into fixes (ticket, source_by, source_link, description) values ($1, $2, $3, $4) returning id", ticket, sourceBy, sourceLink, description) - return id, err -} - -func (a *Access) GetMirrorState(code string) (*apollodb.MirrorState, error) { - var lastSync apollodb.MirrorState - err := a.query.Get(&lastSync, "select short_code_code, last_sync, errata_after from mirror_state where short_code_code = $1", code) - if err != nil { - if err == sql.ErrNoRows { - return nil, nil - } - - return nil, err - } - - return &lastSync, nil -} - -func (a *Access) UpdateMirrorState(code string, lastSync *time.Time) error { - _, err := a.query.Exec( - ` - insert into mirror_state (short_code_code, last_sync) - values ($1, $2) - on conflict (short_code_code) do - update - set last_sync = EXCLUDED.last_sync - `, - code, - lastSync, - ) - return err -} - -func (a *Access) UpdateMirrorStateErrata(code string, lastSync *time.Time) error { - _, err := a.query.Exec( - ` - insert into mirror_state (short_code_code, errata_after) - values ($1, $2) - on conflict (short_code_code) do - update - set errata_after = EXCLUDED.errata_after - `, - code, - lastSync, - ) - return err -} - -func (a *Access) GetMaxLastSync() (*time.Time, error) { - var lastSync time.Time - err := a.query.Get(&lastSync, "select max(last_sync) from mirror_state") - if err != nil { - return nil, err - } - - return &lastSync, nil -} - -func (a *Access) CreateBuildReference(affectedProductId int64, rpm string, srcRpm string, cveId string, sha256Sum string, kojiId *string, peridotId *string) (*apollodb.BuildReference, error) { - var buildReference apollodb.BuildReference - err := a.query.Get( - &buildReference, - ` - insert into build_references - (affected_product_id, rpm, src_rpm, cve_id, sha256_sum, koji_id, peridot_id) - values ($1, $2, $3, $4, $5, $6, $7) - returning id, affected_product_id, rpm, src_rpm, cve_id, sha256_sum, koji_id, peridot_id - `, - affectedProductId, - rpm, - srcRpm, - cveId, - sha256Sum, - kojiId, - peridotId, - ) - if err != nil { - return nil, err - } - - return &buildReference, nil -} - -func (a *Access) CreateAdvisoryReference(advisoryId int64, url string) error { - _, err := a.query.Exec("insert into advisory_references (advisory_id, url) values ($1, $2)", advisoryId, url) - return err -} - -func (a *Access) GetAllIgnoredPackagesByProductID(productID int64) ([]string, error) { - var packages []string - err := a.query.Select(&packages, "select package from ignored_upstream_packages where product_id = $1", productID) - if err != nil { - return nil, err - } - - return packages, nil -} - -func (a *Access) GetAllRebootSuggestedPackages() ([]string, error) { - var packages []string - err := a.query.Select(&packages, "select name from reboot_suggested_packages") - if err != nil { - return nil, err - } - - return packages, nil -} - -func (a *Access) AddAdvisoryFix(advisoryId int64, fixId int64) error { - _, err := a.query.Exec("insert into advisory_fixes (advisory_id, fix_id) values ($1, $2) on conflict do nothing", advisoryId, fixId) - if err != nil { - return err - } - - return nil -} - -func (a *Access) AddAdvisoryCVE(advisoryId int64, cveId string) error { - _, err := a.query.Exec("insert into advisory_cves (advisory_id, cve_id) values ($1, $2) on conflict do nothing", advisoryId, cveId) - if err != nil { - return err - } - - return nil -} - -func (a *Access) AddAdvisoryRPM(advisoryId int64, name string, productID int64) error { - _, err := a.query.Exec("insert into advisory_rpms (advisory_id, name, product_id) values ($1, $2, $3) on conflict do nothing", advisoryId, name, productID) - if err != nil { - return err - } - - return nil -} - -func (a *Access) Begin() (utils.Tx, error) { - tx, err := a.db.Beginx() - if err != nil { - return nil, err - } - - return tx, nil -} - -func (a *Access) UseTransaction(tx utils.Tx) apollodb.Access { - newAccess := *a - newAccess.query = tx - - return &newAccess -} diff --git a/apollo/impl/v1/BUILD.bazel b/apollo/impl/v1/BUILD.bazel deleted file mode 100644 index a666e6c..0000000 --- a/apollo/impl/v1/BUILD.bazel +++ /dev/null @@ -1,26 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "impl", - srcs = [ - "advisory.go", - "server.go", - ], - importpath = "peridot.resf.org/apollo/impl/v1", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/proto/v1:pb", - "//apollo/rpmutils", - "//proto:common", - "//utils", - "//vendor/github.com/gorilla/feeds", - "//vendor/github.com/sirupsen/logrus", - "//vendor/github.com/spf13/viper", - "@go_googleapis//google/api:httpbody_go_proto", - "@org_golang_google_grpc//:go_default_library", - "@org_golang_google_grpc//codes", - "@org_golang_google_grpc//status", - "@org_golang_google_protobuf//types/known/timestamppb:go_default_library", - ], -) diff --git a/apollo/impl/v1/advisory.go b/apollo/impl/v1/advisory.go deleted file mode 100644 index 238976c..0000000 --- a/apollo/impl/v1/advisory.go +++ /dev/null @@ -1,185 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apolloimpl - -import ( - "context" - "database/sql" - "fmt" - "github.com/gorilla/feeds" - "github.com/sirupsen/logrus" - "google.golang.org/genproto/googleapis/api/httpbody" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" - "google.golang.org/protobuf/types/known/timestamppb" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rpmutils" - "peridot.resf.org/utils" - "strconv" - "time" -) - -// ListAdvisories returns advisories with given filters -func (s *Server) ListAdvisories(_ context.Context, req *apollopb.ListAdvisoriesRequest) (*apollopb.ListAdvisoriesResponse, error) { - if err := req.ValidateAll(); err != nil { - return nil, err - } - if req.Filters != nil { - req.Filters.IncludeUnpublished = nil - } - - page := utils.MinPage(req.Page) - limit := utils.MinLimit(req.Limit) - ret, err := s.db.GetAllAdvisories(req.Filters, page, limit) - if err != nil { - s.log.Errorf("could not get advisories, error: %s", err) - return nil, status.Error(codes.Internal, "failed to list advisories") - } - total := int64(0) - if len(ret) > 0 { - total = ret[0].Total - } - - var lastUpdatedPb *timestamppb.Timestamp - lastUpdated, err := s.db.GetMaxLastSync() - if err != nil && err != sql.ErrNoRows { - s.log.Errorf("could not get last sync time, error: %s", err) - return nil, status.Error(codes.Internal, "failed to get last updated") - } - if lastUpdated != nil { - lastUpdatedPb = timestamppb.New(*lastUpdated) - } - - return &apollopb.ListAdvisoriesResponse{ - Advisories: apollodb.DTOListAdvisoriesToPB(ret), - Total: total, - Page: page, - Size: limit, - LastUpdated: lastUpdatedPb, - }, nil -} - -// ListAdvisoriesRSS returns advisories in RSS format. Only returns latest 25 published advisories -func (s *Server) ListAdvisoriesRSS(_ context.Context, req *apollopb.ListAdvisoriesRSSRequest) (*httpbody.HttpBody, error) { - if err := req.ValidateAll(); err != nil { - return nil, err - } - if req.Filters == nil { - req.Filters = &apollopb.AdvisoryFilters{} - } - req.Filters.IncludeUnpublished = nil - - ret, err := s.db.GetAllAdvisories(req.Filters, 0, 25) - if err != nil { - s.log.Errorf("could not get advisories, error: %s", err) - return nil, status.Error(codes.Internal, "failed to list advisories") - } - total := int64(0) - if len(ret) > 0 { - total = ret[0].Total - } - - var updated time.Time - if total != 0 { - updated = ret[0].PublishedAt.Time - } - - feed := &feeds.Feed{ - Title: "Apollo Security RSS Feed", - Link: &feeds.Link{Href: s.homepage}, - Description: "Security advisories issued using Apollo Errata Management", - Author: &feeds.Author{ - Name: "Rocky Enterprise Software Foundation, Inc.", - Email: "releng@rockylinux.org", - }, - Updated: updated, - Items: []*feeds.Item{}, - Copyright: "(C) Rocky Enterprise Software Foundation, Inc. 2022. All rights reserved. CVE sources are copyright of their respective owners.", - } - if s.rssFeedTitle != "" { - feed.Title = s.rssFeedTitle - } - if s.rssFeedDescription != "" { - feed.Description = s.rssFeedDescription - } - for _, a := range ret { - dtoToPB := apollodb.DTOAdvisoryToPB(a) - item := &feeds.Item{ - Title: fmt.Sprintf("%s: %s", dtoToPB.Name, a.Synopsis), - Link: &feeds.Link{Href: fmt.Sprintf("%s/%s", s.homepage, dtoToPB.Name)}, - Description: a.Topic, - Id: fmt.Sprintf("%d", a.ID), - Created: a.PublishedAt.Time, - } - feed.Items = append(feed.Items, item) - } - - rss, err := feed.ToRss() - if err != nil { - s.log.Errorf("could not generate RSS feed, error: %s", err) - return nil, status.Error(codes.Internal, "failed to generate RSS feed") - } - - return &httpbody.HttpBody{ - ContentType: "application/rss+xml", - Data: []byte(rss), - }, nil -} - -// GetAdvisory returns a single advisory by name -func (s *Server) GetAdvisory(_ context.Context, req *apollopb.GetAdvisoryRequest) (*apollopb.GetAdvisoryResponse, error) { - if err := req.ValidateAll(); err != nil { - return nil, err - } - advisoryId := rpmutils.AdvisoryId().FindStringSubmatch(req.Id) - code := advisoryId[1] - year, err := strconv.Atoi(advisoryId[3]) - if err != nil { - return nil, status.Error(codes.InvalidArgument, "invalid year") - } - num, err := strconv.Atoi(advisoryId[4]) - if err != nil { - return nil, status.Error(codes.InvalidArgument, "invalid num") - } - - advisory, err := s.db.GetAdvisoryByCodeAndYearAndNum(code, year, num) - if err != nil { - logrus.Error(err) - } - if err != nil || !advisory.PublishedAt.Valid { - return nil, utils.CouldNotFindObject - } - - return &apollopb.GetAdvisoryResponse{ - Advisory: apollodb.DTOAdvisoryToPB(advisory), - }, nil -} diff --git a/apollo/impl/v1/server.go b/apollo/impl/v1/server.go deleted file mode 100644 index 6116763..0000000 --- a/apollo/impl/v1/server.go +++ /dev/null @@ -1,98 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package apolloimpl - -import ( - "context" - "github.com/sirupsen/logrus" - "github.com/spf13/viper" - "google.golang.org/grpc" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - commonpb "peridot.resf.org/common" - "peridot.resf.org/utils" -) - -type Server struct { - apollopb.UnimplementedApolloServiceServer - - log *logrus.Logger - db apollodb.Access - rssFeedTitle string - rssFeedDescription string - homepage string -} - -// NewServer creates a new Apollo server. -func NewServer(db apollodb.Access) *Server { - return &Server{ - log: logrus.New(), - db: db, - rssFeedTitle: "RESF Errata Feed", - rssFeedDescription: "Advisories issued by the Rocky Enterprise Software Foundation", - homepage: viper.GetString("homepage"), - } -} - -func (s *Server) interceptor(ctx context.Context, req interface{}, usi *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) { - n := utils.EndInterceptor - - return n(ctx, req, usi, handler) -} - -func (s *Server) Run() { - res := utils.NewGRPCServer( - &utils.GRPCOptions{ - Interceptor: s.interceptor, - }, - func(r *utils.Register) { - endpoints := []utils.GrpcEndpointRegister{ - commonpb.RegisterHealthCheckServiceHandlerFromEndpoint, - apollopb.RegisterApolloServiceHandlerFromEndpoint, - } - - for _, endpoint := range endpoints { - err := endpoint(r.Context, r.Mux, r.Endpoint, r.Options) - if err != nil { - s.log.Fatalf("could not register handler - %v", err) - } - } - }, - func(r *utils.RegisterServer) { - commonpb.RegisterHealthCheckServiceServer(r.Server, &utils.HealthServer{}) - - apollopb.RegisterApolloServiceServer(r.Server, s) - }, - ) - - defer res.Cancel() - res.WaitGroup.Wait() -} diff --git a/apollo/migrate/20210702021142_create_short_codes.down.sql b/apollo/migrate/20210702021142_create_short_codes.down.sql deleted file mode 100644 index 0784b84..0000000 --- a/apollo/migrate/20210702021142_create_short_codes.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table short_codes; diff --git a/apollo/migrate/20210702021142_create_short_codes.up.sql b/apollo/migrate/20210702021142_create_short_codes.up.sql deleted file mode 100644 index 35cd61b..0000000 --- a/apollo/migrate/20210702021142_create_short_codes.up.sql +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table short_codes -( - code text not null primary key, - mode numeric not null, - - created_at timestamp default now() not null, - archived_at timestamp -); diff --git a/apollo/migrate/20210702021143_create_products.down.sql b/apollo/migrate/20210702021143_create_products.down.sql deleted file mode 100644 index 402433a..0000000 --- a/apollo/migrate/20210702021143_create_products.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table products; diff --git a/apollo/migrate/20210702021143_create_products.up.sql b/apollo/migrate/20210702021143_create_products.up.sql deleted file mode 100644 index 16f79a7..0000000 --- a/apollo/migrate/20210702021143_create_products.up.sql +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table products -( - id bigserial primary key, - name text not null, - current_full_version text not null, - redhat_major_version numeric, - short_code_code text references short_codes (code) not null, - archs text[] not null, - mirror_from_date timestamp, - redhat_product_prefix text, - cpe text, - eol_at timestamp, - - build_system text not null, - build_system_endpoint text not null, - koji_compose text, - koji_module_compose text, - peridot_project_id text -) diff --git a/apollo/migrate/20210702041656_create_advisories.down.sql b/apollo/migrate/20210702041656_create_advisories.down.sql deleted file mode 100644 index 234d97c..0000000 --- a/apollo/migrate/20210702041656_create_advisories.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table advisories; diff --git a/apollo/migrate/20210702041656_create_advisories.up.sql b/apollo/migrate/20210702041656_create_advisories.up.sql deleted file mode 100644 index eb65c45..0000000 --- a/apollo/migrate/20210702041656_create_advisories.up.sql +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table advisories -( - id bigserial primary key not null, - created_at timestamp default now() not null, - - year numeric not null, - num numeric not null, - - synopsis text not null, - topic text not null, - severity numeric not null, - type numeric not null, - description text not null, - solution text null, - - redhat_issued_at timestamp null, - short_code_code text references short_codes (code) not null, - reboot_suggested bool default false not null, - published_at timestamp null -) diff --git a/apollo/migrate/20210702041659_create_cves.down.sql b/apollo/migrate/20210702041659_create_cves.down.sql deleted file mode 100644 index 32c3efe..0000000 --- a/apollo/migrate/20210702041659_create_cves.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table cves; diff --git a/apollo/migrate/20210702041659_create_cves.up.sql b/apollo/migrate/20210702041659_create_cves.up.sql deleted file mode 100644 index eb99444..0000000 --- a/apollo/migrate/20210702041659_create_cves.up.sql +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table cves -( - id text primary key, - created_at timestamp default now() not null, - short_code_code text references short_codes (code) not null, - - source_by text, - source_link text -) diff --git a/apollo/migrate/20210702041701_create_fixes.down.sql b/apollo/migrate/20210702041701_create_fixes.down.sql deleted file mode 100644 index c85852f..0000000 --- a/apollo/migrate/20210702041701_create_fixes.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table fixes; diff --git a/apollo/migrate/20210702041701_create_fixes.up.sql b/apollo/migrate/20210702041701_create_fixes.up.sql deleted file mode 100644 index e108b73..0000000 --- a/apollo/migrate/20210702041701_create_fixes.up.sql +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table fixes -( - id bigserial primary key, - ticket text, - source_by text, - source_link text, - description text -) diff --git a/apollo/migrate/20210702041756_create_advisory_references.down.sql b/apollo/migrate/20210702041756_create_advisory_references.down.sql deleted file mode 100644 index ff6cfee..0000000 --- a/apollo/migrate/20210702041756_create_advisory_references.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table advisory_references; diff --git a/apollo/migrate/20210702041756_create_advisory_references.up.sql b/apollo/migrate/20210702041756_create_advisory_references.up.sql deleted file mode 100644 index 07d2af2..0000000 --- a/apollo/migrate/20210702041756_create_advisory_references.up.sql +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table advisory_references -( - id bigserial primary key, - url text not null, - advisory_id bigint references advisories (id) not null -) diff --git a/apollo/migrate/20210702041956_create_affected_products.down.sql b/apollo/migrate/20210702041956_create_affected_products.down.sql deleted file mode 100644 index 17e83b4..0000000 --- a/apollo/migrate/20210702041956_create_affected_products.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table affected_products; diff --git a/apollo/migrate/20210702041956_create_affected_products.up.sql b/apollo/migrate/20210702041956_create_affected_products.up.sql deleted file mode 100644 index 28b49a7..0000000 --- a/apollo/migrate/20210702041956_create_affected_products.up.sql +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table affected_products -( - id bigserial primary key, - product_id bigint references products (id) not null, - cve_id text references cves (id) not null, - state numeric not null, - version text not null, - package text not null, - advisory text -) diff --git a/apollo/migrate/20210702043031_create_build_references.down.sql b/apollo/migrate/20210702043031_create_build_references.down.sql deleted file mode 100644 index a8694e9..0000000 --- a/apollo/migrate/20210702043031_create_build_references.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table build_references; diff --git a/apollo/migrate/20210702043031_create_build_references.up.sql b/apollo/migrate/20210702043031_create_build_references.up.sql deleted file mode 100644 index ae81e88..0000000 --- a/apollo/migrate/20210702043031_create_build_references.up.sql +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table build_references -( - id bigserial primary key, - affected_product_id bigint references affected_products (id), - rpm text not null, - src_rpm text not null, - cve_id text references cves (id) not null, - sha256_sum text not null, - koji_id text, - peridot_id text -) diff --git a/apollo/migrate/20210703202420_create_mirror_state.down.sql b/apollo/migrate/20210703202420_create_mirror_state.down.sql deleted file mode 100644 index 4be55bc..0000000 --- a/apollo/migrate/20210703202420_create_mirror_state.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table mirror_state; diff --git a/apollo/migrate/20210703202420_create_mirror_state.up.sql b/apollo/migrate/20210703202420_create_mirror_state.up.sql deleted file mode 100644 index 49f66d9..0000000 --- a/apollo/migrate/20210703202420_create_mirror_state.up.sql +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table mirror_state -( - short_code_code text references short_codes (code) primary key, - last_sync timestamp, - errata_after timestamp -); diff --git a/apollo/migrate/20210711014759_create_advisory_cves.down.sql b/apollo/migrate/20210711014759_create_advisory_cves.down.sql deleted file mode 100644 index 9282aab..0000000 --- a/apollo/migrate/20210711014759_create_advisory_cves.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table advisory_cves; diff --git a/apollo/migrate/20210711014759_create_advisory_cves.up.sql b/apollo/migrate/20210711014759_create_advisory_cves.up.sql deleted file mode 100644 index 2a7d310..0000000 --- a/apollo/migrate/20210711014759_create_advisory_cves.up.sql +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table advisory_cves -( - advisory_id bigint references advisories (id) not null, - cve_id text references cves (id) not null, - - unique (advisory_id, cve_id) -) diff --git a/apollo/migrate/20210711020255_create_advisory_fixes.down.sql b/apollo/migrate/20210711020255_create_advisory_fixes.down.sql deleted file mode 100644 index a8fdf81..0000000 --- a/apollo/migrate/20210711020255_create_advisory_fixes.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table advisory_fixes; diff --git a/apollo/migrate/20210711020255_create_advisory_fixes.up.sql b/apollo/migrate/20210711020255_create_advisory_fixes.up.sql deleted file mode 100644 index 86d8774..0000000 --- a/apollo/migrate/20210711020255_create_advisory_fixes.up.sql +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table advisory_fixes -( - advisory_id bigint references advisories (id) not null, - fix_id bigint references fixes (id) not null, - - unique (advisory_id, fix_id) -) diff --git a/apollo/migrate/20210713031253_create_ignored_upstream_packages.down.sql b/apollo/migrate/20210713031253_create_ignored_upstream_packages.down.sql deleted file mode 100644 index d03308b..0000000 --- a/apollo/migrate/20210713031253_create_ignored_upstream_packages.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table ignored_upstream_packages; diff --git a/apollo/migrate/20210713031253_create_ignored_upstream_packages.up.sql b/apollo/migrate/20210713031253_create_ignored_upstream_packages.up.sql deleted file mode 100644 index 6f94701..0000000 --- a/apollo/migrate/20210713031253_create_ignored_upstream_packages.up.sql +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table ignored_upstream_packages -( - id bigserial primary key, - product_id bigint references products (id) not null, - package text not null -); diff --git a/apollo/migrate/20210717040945_create_advisory_rpms.down.sql b/apollo/migrate/20210717040945_create_advisory_rpms.down.sql deleted file mode 100644 index 0e7bb62..0000000 --- a/apollo/migrate/20210717040945_create_advisory_rpms.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table advisory_rpms; diff --git a/apollo/migrate/20210717040945_create_advisory_rpms.up.sql b/apollo/migrate/20210717040945_create_advisory_rpms.up.sql deleted file mode 100644 index 198441a..0000000 --- a/apollo/migrate/20210717040945_create_advisory_rpms.up.sql +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table advisory_rpms -( - advisory_id bigint references advisories (id) not null, - name text not null, - product_id bigint references products (id) not null, - - unique (advisory_id, name) -) diff --git a/apollo/migrate/20210803052113_updateinfo_history.down.sql b/apollo/migrate/20210803052113_updateinfo_history.down.sql deleted file mode 100644 index ec500aa..0000000 --- a/apollo/migrate/20210803052113_updateinfo_history.down.sql +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -drop table updateinfo_history; diff --git a/apollo/migrate/20210803052113_updateinfo_history.up.sql b/apollo/migrate/20210803052113_updateinfo_history.up.sql deleted file mode 100644 index 80fd989..0000000 --- a/apollo/migrate/20210803052113_updateinfo_history.up.sql +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -create table updateinfo_history -( - repo text primary key, - xml text not null -); diff --git a/apollo/migrate/20220913121538_create_reboot_suggested_packages.down.sql b/apollo/migrate/20220913121538_create_reboot_suggested_packages.down.sql deleted file mode 100644 index 66b788f..0000000 --- a/apollo/migrate/20220913121538_create_reboot_suggested_packages.down.sql +++ /dev/null @@ -1 +0,0 @@ -drop table reboot_suggested_packages; diff --git a/apollo/migrate/20220913121538_create_reboot_suggested_packages.up.sql b/apollo/migrate/20220913121538_create_reboot_suggested_packages.up.sql deleted file mode 100644 index d3fd23c..0000000 --- a/apollo/migrate/20220913121538_create_reboot_suggested_packages.up.sql +++ /dev/null @@ -1,6 +0,0 @@ -create table reboot_suggested_packages -( - created_at timestamp default now() not null, - - name text unique not null -) diff --git a/apollo/migrate/20220921231425_add_indexes.down.sql b/apollo/migrate/20220921231425_add_indexes.down.sql deleted file mode 100644 index 458b43b..0000000 --- a/apollo/migrate/20220921231425_add_indexes.down.sql +++ /dev/null @@ -1,9 +0,0 @@ -drop index affected_products_advisoryx; -drop index affected_products_product_idx; -drop index advisory_fixes_advisory_idx; -drop index advisory_fixes_fix_idx; -drop index advisory_cves_advisory_idx; -drop index advisory_cves_cve_idx; -drop index advisory_references_advisory_idx; -drop index advisory_rpms_advisory_idx; -drop index advisory_rpms_product_idx; diff --git a/apollo/migrate/20220921231425_add_indexes.up.sql b/apollo/migrate/20220921231425_add_indexes.up.sql deleted file mode 100644 index 1232742..0000000 --- a/apollo/migrate/20220921231425_add_indexes.up.sql +++ /dev/null @@ -1,9 +0,0 @@ -create index affected_products_advisoryx on affected_products (advisory); -create index affected_products_product_idx on affected_products (product_id); -create index advisory_fixes_advisory_idx on advisory_fixes (advisory_id); -create index advisory_fixes_fix_idx on advisory_fixes (fix_id); -create index advisory_cves_advisory_idx on advisory_cves (advisory_id); -create index advisory_cves_cve_idx on advisory_cves (cve_id); -create index advisory_references_advisory_idx on advisory_references (advisory_id); -create index advisory_rpms_advisory_idx on advisory_rpms (advisory_id); -create index advisory_rpms_product_idx on advisory_rpms (product_id); diff --git a/apollo/migrate/20221020182658_add_content_to_cves.down.sql b/apollo/migrate/20221020182658_add_content_to_cves.down.sql deleted file mode 100644 index 41914a8..0000000 --- a/apollo/migrate/20221020182658_add_content_to_cves.down.sql +++ /dev/null @@ -1 +0,0 @@ -alter table cves drop column content; diff --git a/apollo/migrate/20221020182658_add_content_to_cves.up.sql b/apollo/migrate/20221020182658_add_content_to_cves.up.sql deleted file mode 100644 index 557265d..0000000 --- a/apollo/migrate/20221020182658_add_content_to_cves.up.sql +++ /dev/null @@ -1 +0,0 @@ -alter table cves add column content jsonb; diff --git a/apollo/migrate/BUILD b/apollo/migrate/BUILD deleted file mode 100644 index 57d1df0..0000000 --- a/apollo/migrate/BUILD +++ /dev/null @@ -1,5 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -load("//rules_resf:defs.bzl", "migration_tar") - -migration_tar() diff --git a/apollo/proto/v1/BUILD.bazel b/apollo/proto/v1/BUILD.bazel deleted file mode 100644 index 75b73f5..0000000 --- a/apollo/proto/v1/BUILD.bazel +++ /dev/null @@ -1,65 +0,0 @@ -load("@rules_proto//proto:defs.bzl", "proto_library") -load("@io_bazel_rules_go//go:def.bzl", "go_library") -load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") -load("@com_github_grpc_ecosystem_grpc_gateway_v2//protoc-gen-openapiv2:defs.bzl", "protoc_gen_openapiv2") -load("@openapi_tools_generator_bazel//:defs.bzl", "openapi_generator") - -proto_library( - name = "apollopb_proto", - srcs = [ - "advisory.proto", - "affected_product.proto", - "apollo.proto", - "build.proto", - "cve.proto", - "fix.proto", - "short_code.proto", - ], - visibility = ["//visibility:public"], - deps = [ - "@com_envoyproxy_protoc_gen_validate//validate:validate_proto", - "@com_google_protobuf//:timestamp_proto", - "@com_google_protobuf//:wrappers_proto", - "@go_googleapis//google/api:annotations_proto", - "@go_googleapis//google/api:httpbody_proto", - ], -) - -go_proto_library( - name = "apollopb_go_proto", - compilers = [ - "//:go_apiv2", - "//:go_grpc", - "//:go_validate", - "@com_github_grpc_ecosystem_grpc_gateway_v2//protoc-gen-grpc-gateway:go_gen_grpc_gateway", - ], - importpath = "peridot.resf.org/apollo/pb", - proto = ":apollopb_proto", - visibility = ["//visibility:public"], - deps = [ - "@com_envoyproxy_protoc_gen_validate//validate:validate_go_proto", - "@go_googleapis//google/api:annotations_go_proto", - "@go_googleapis//google/api:httpbody_go_proto", - ], -) - -go_library( - name = "pb", - embed = [":apollopb_go_proto"], - importpath = "peridot.resf.org/apollo/pb", - visibility = ["//visibility:public"], -) - -protoc_gen_openapiv2( - name = "openapi", - proto = ":apollopb_proto", - simple_operation_ids = True, - single_output = True, -) - -openapi_generator( - name = "client_typescript", - generator = "typescript-fetch", - spec = ":openapi", - visibility = ["//visibility:public"], -) diff --git a/apollo/proto/v1/advisory.proto b/apollo/proto/v1/advisory.proto deleted file mode 100644 index 7dc1a27..0000000 --- a/apollo/proto/v1/advisory.proto +++ /dev/null @@ -1,112 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -import "google/protobuf/timestamp.proto"; -import "google/protobuf/wrappers.proto"; -import "apollo/proto/v1/cve.proto"; -import "apollo/proto/v1/fix.proto"; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -message RPMs { - repeated string nvras = 1; -} - -// Advisory -// -// Product advisory -message Advisory { - enum Type { - TYPE_UNKNOWN = 0; - TYPE_SECURITY = 1; - TYPE_BUGFIX = 2; - TYPE_ENHANCEMENT = 3; - } - - // Type - // - // Type of advisory - Type type = 1; - - // Short code - // - // Errata prefix or short code - // Example: RLBA, RLEA, RLSA - string short_code = 2; - - // Name - // - // Full errata name - // Example: RLBA-2021:0001, RLSA-2021:0002 - string name = 3; - - // Synopsis - // - // Short description of advisory - string synopsis = 4; - - enum Severity { - SEVERITY_UNKNOWN = 0; - SEVERITY_LOW = 1; - SEVERITY_MODERATE = 2; - SEVERITY_IMPORTANT = 3; - SEVERITY_CRITICAL = 4; - } - - // Severity - // - // Severity of advisory. Used only for security advisories - Severity severity = 5; - - // Topic - // - // Topic of advisory - // Example: An update for the go-toolset:rhel8 module is now available for Rocky Linux 8. - string topic = 6; - - // Description - // - // Description of advisory. Contains information about changes and package. - string description = 7; - - // Solution - // - // How to solve the advisory. Contains information about how to apply the advisory changes - google.protobuf.StringValue solution = 8; - - // Affected products - // - // A list of affected products - repeated string affected_products = 9; - - // Fixes - // - // A list of tickets from upstream bug trackers - repeated Fix fixes = 10; - - // CVEs - // - // A list of CVEs assigned to this advisory - repeated CVE cves = 11; - - // References - // - // General references used in this advisory - repeated string references = 12; - - // Published at - // - // Timestamp the advisory is published at - google.protobuf.Timestamp published_at = 13; - - // RPMs - // - // Affected RPMs - map rpms = 14; - - // Reboot suggested - // - // Whether a system reboot should be suggested after applying this advisory - bool reboot_suggested = 15; -} diff --git a/apollo/proto/v1/affected_product.proto b/apollo/proto/v1/affected_product.proto deleted file mode 100644 index ca3458c..0000000 --- a/apollo/proto/v1/affected_product.proto +++ /dev/null @@ -1,41 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -import "google/protobuf/wrappers.proto"; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -message AffectedProduct { - int64 product_id = 1; - google.protobuf.StringValue cve_id = 2; - string version = 3; - - enum State { - STATE_UNKNOWN = 0; - // CVE only affects downstream - STATE_UNDER_INVESTIGATION_DOWNSTREAM = 1; - // CVE affecting upstream and a fix still hasn't been issued - STATE_UNDER_INVESTIGATION_UPSTREAM = 2; - // CVE has been fixed upstream - STATE_FIXED_UPSTREAM = 3; - // CVE has been fixed downstream - // At this stage the CVE can be included in errata - STATE_FIXED_DOWNSTREAM = 4; - // CVE will NOT be fixed upstream - STATE_WILL_NOT_FIX_UPSTREAM = 5; - // CVE will NOT be fixed downstream - // This will probably never happen with Core, but may happen for SIGs - STATE_WILL_NOT_FIX_DOWNSTREAM = 6; - // CVE is out of support scope - STATE_OUT_OF_SUPPORT_SCOPE = 7; - // CVE affects product and upstream is working on a fix - STATE_AFFECTED_UPSTREAM = 8; - // CVE affects product and a fix is being worked out - STATE_AFFECTED_DOWNSTREAM = 9; - } - State state = 4; - - string package = 5; - google.protobuf.StringValue advisory = 6; -} diff --git a/apollo/proto/v1/apollo.proto b/apollo/proto/v1/apollo.proto deleted file mode 100644 index 7923444..0000000 --- a/apollo/proto/v1/apollo.proto +++ /dev/null @@ -1,161 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -import "google/api/annotations.proto"; -import "google/api/httpbody.proto"; -import "google/protobuf/wrappers.proto"; -import "google/protobuf/timestamp.proto"; -import "validate/validate.proto"; -import "apollo/proto/v1/advisory.proto"; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -service ApolloService { - // ListAdvisories - // - // Return a list of advisories by given filters. - // No filters returns all advisories - // This method is paginated - rpc ListAdvisories (ListAdvisoriesRequest) returns (ListAdvisoriesResponse) { - option (google.api.http) = { - get: "/v2/advisories" - }; - } - - // ListAdvisoriesRSS - // - // Same as ListAdvisories but returns an RSS feed - // Only returns 25 latest advisories - // Supports filters - rpc ListAdvisoriesRSS (ListAdvisoriesRSSRequest) returns (google.api.HttpBody) { - option (google.api.http) = { - get: "/v2/advisories:rss" - }; - } - - // GetAdvisory - // - // Returns an advisory with given ID if found, else returns NotFound - rpc GetAdvisory (GetAdvisoryRequest) returns (GetAdvisoryResponse) { - option (google.api.http) = { - get: "/v2/advisories/{id=*}" - }; - } -} - -message AdvisoryFilters { - // Product - // - // The product to fetch advisories for - // For example: Rocky Linux 8 - google.protobuf.StringValue product = 1; - - // Before - // - // Advisories published before timestamp - google.protobuf.Timestamp before = 2; - - // After - // - // Advisories published after timestamp - google.protobuf.Timestamp after = 3; - - // Include unpublished - // - // Whether to include unpublished advisories - // apollo/impl never respects this, but internal services - // may rely on this - google.protobuf.BoolValue include_unpublished = 4; - - // CVE - // - // Only return advisories with given CVE - google.protobuf.StringValue cve = 5; - - // Synopsis - // - // Only return advisories if synopsis contains given text - google.protobuf.StringValue synopsis = 6; - - // Include RPMs - // - // Includes RPMs in list response (slow) - google.protobuf.BoolValue include_rpms = 7; - - // Keyword - // - // Searches all fields for given keyword - google.protobuf.StringValue keyword = 8; - - // Severity - // - // Only return advisories with given severity - Advisory.Severity severity = 9; - - // Type - // - // Only return advisories with given type - Advisory.Type type = 10; -} - -// ListAdvisoriesRequest -// -// Request body for `ListAdvisories` -// All fields are optional -message ListAdvisoriesRequest { - // Filters for the given query - // No filters returns all advisories - AdvisoryFilters filters = 1; - - int32 page = 2; - int32 limit = 3 [(validate.rules).int32.lte = 100]; -} - -// ListAdvisoriesResponse -// -// Response body for `ListAdvisories` -message ListAdvisoriesResponse { - repeated Advisory advisories = 1; - - // Total packages from server - int64 total = 2; - - // Limit from request - int32 size = 3; - - // Current page - int32 page = 4; - - // Last updated - google.protobuf.Timestamp last_updated = 5; -} - -// ListAdvisoriesRSSRequest -// Request body for `ListAdvisoriesRSS` -// All fields are optional -message ListAdvisoriesRSSRequest { - // Filters for the given query - // No filters returns all advisories - AdvisoryFilters filters = 1; -} - -// GetAdvisoryRequest -// -// Request body for `GetAdvisory` -message GetAdvisoryRequest { - // ID - // - // Errata ID - // Example: RLSA:2021-1515 - string id = 1 [(validate.rules).string = { - pattern: "^(.+)([SEB]A)-([0-9]{4}):([0-9]+)$", - }]; -} - -// GetAdvisoryResponse -// -// Response body for `GetAdvisory` -message GetAdvisoryResponse { - Advisory advisory = 1; -} diff --git a/apollo/proto/v1/build.proto b/apollo/proto/v1/build.proto deleted file mode 100644 index 1ff48c5..0000000 --- a/apollo/proto/v1/build.proto +++ /dev/null @@ -1,13 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -enum BuildStatus { - BUILD_STATUS_UNKNOWN = 0; - BUILD_STATUS_FIXED = 1; - BUILD_STATUS_NOT_FIXED = 2; - BUILD_STATUS_WILL_NOT_FIX = 3; - BUILD_STATUS_SKIP = 4; -} diff --git a/apollo/proto/v1/cve.proto b/apollo/proto/v1/cve.proto deleted file mode 100644 index f9c8aae..0000000 --- a/apollo/proto/v1/cve.proto +++ /dev/null @@ -1,28 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -import "google/protobuf/wrappers.proto"; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -message CVE { - string name = 1; - - google.protobuf.StringValue source_by = 2; - google.protobuf.StringValue source_link = 3; - - google.protobuf.StringValue cvss3_scoring_vector = 4; - google.protobuf.StringValue cvss3_base_score = 5; - google.protobuf.StringValue cwe = 6; -} - -message ListUnresolvedCVEsRequest {} -message ListUnresolvedCVEsResponse { - repeated CVE cves = 1; -} - -message ListFixedCVEsRequest {} -message ListFixedCVEsResponse { - repeated CVE cves = 1; -} diff --git a/apollo/proto/v1/fix.proto b/apollo/proto/v1/fix.proto deleted file mode 100644 index 6c0e69e..0000000 --- a/apollo/proto/v1/fix.proto +++ /dev/null @@ -1,14 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -import "google/protobuf/wrappers.proto"; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -message Fix { - google.protobuf.StringValue ticket = 1; - google.protobuf.StringValue source_by = 2; - google.protobuf.StringValue source_link = 3; - google.protobuf.StringValue description = 4; -} diff --git a/apollo/proto/v1/short_code.proto b/apollo/proto/v1/short_code.proto deleted file mode 100644 index 8f7c9d4..0000000 --- a/apollo/proto/v1/short_code.proto +++ /dev/null @@ -1,29 +0,0 @@ -syntax = "proto3"; - -package resf.apollo.v1; - -option go_package = "peridot.resf.org/apollo/pb;apollopb"; - -message ShortCode { - // Code - // - // Full short code - string code = 1; - - enum Mode { - MODE_UNKNOWN = 0; - MODE_PUBLISH = 1; - MODE_MIRROR = 2; - } - // Mode - // - // Mode for short code - // Currently only publish and mirror is supported - Mode mode = 2; - - // Archived - // - // Whether the short code is archived or not - // An archived short code CANNOT be used to issue errata - bool archived = 3; -} diff --git a/apollo/seed.sql b/apollo/seed.sql deleted file mode 100644 index 8181889..0000000 --- a/apollo/seed.sql +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -insert into short_codes (code, mode) -values ('RL', 2); -insert into short_codes (code, mode) -values ('RK', 1); ---insert into products (id, name, current_full_version, redhat_major_version, short_code_code, archs, mirror_from_date, redhat_product_prefix, cpe) ---values (1, 'Rocky Linux 9', '9.0', 9, 'RL', array ['x86_64', 'aarch64', 'ppc64le', 's390x'], '2022-05-15'::timestamp, 'Rocky Linux', 'cpe:/o:redhat:enterprise_linux:9'); -insert into products (id, name, current_full_version, redhat_major_version, short_code_code, archs, mirror_from_date, redhat_product_prefix, cpe, build_system, build_system_endpoint, koji_compose, koji_module_compose) -values (2, 'Rocky Linux 8', '8.6', 8, 'RL', array ['x86_64', 'aarch64'], '2022-05-15'::timestamp, 'Rocky Linux', 'cpe:/o:redhat:enterprise_linux:8', 'koji', 'https://koji.rockylinux.org/kojihub', 'dist-rocky8-compose', 'dist-rocky8-module-compose'); ---insert into ignored_upstream_packages (product_id, package) ---values --- (1, 'tfm-rubygem-unicode*'), --- (1, 'katello-host-tools*'), --- (1, 'openssl-ibmca*'), --- (1, 'insights-client*'), --- (1, 'tfm-rubygem-unicode-display_width*'), --- (1, 'pulp*'), --- (1, 'satellite*'), --- (1, 'tfm-rubygem-unf_ext*'), --- (1, 'foreman*'), --- (1, 'kpatch*'), --- (1, 'rhc-worker-playbook*'); -insert into ignored_upstream_packages (product_id, package) -values - (2, 'tfm-rubygem-unicode*'), - (2, 'katello-host-tools*'), - (2, 'openssl-ibmca*'), - (2, 'insights-client*'), - (2, 'tfm-rubygem-unicode-display_width*'), - (2, 'pulp*'), - (2, 'satellite*'), - (2, 'tfm-rubygem-unf_ext*'), - (2, 'foreman*'), - (2, 'kpatch*'), - (2, 'rhc-worker-playbook*'); -insert into reboot_suggested_packages (name) -values - ('kernel'), - ('kernel-PAE'), - ('kernel-rt'), - ('kernel-smp'), - ('kernel-xen'), - ('linux-firmware'), - ('*-firmware-*'), - ('dbus'), - ('glibc'), - ('hal'), - ('systemd'), - ('udev'), - ('gnutls'), - ('openssl-libs'); diff --git a/apollo/ui/BUILD.bazel b/apollo/ui/BUILD.bazel deleted file mode 100644 index b5738d1..0000000 --- a/apollo/ui/BUILD.bazel +++ /dev/null @@ -1,60 +0,0 @@ -load("//rules_resf:defs.bzl", "RESFDEPLOY_OUTS_BASE", "container", "peridot_k8s", "resf_frontend") - -package(default_visibility = ["//visibility:public"]) - -server_deps = ["//common/frontend_server"] - -server_entrypoint = "server/index.mjs" - -server_srcs = glob(["server/**/*.mjs"]) - -resf_frontend( - name = "apollo", - srcs = glob([ - "src/**/*.tsx", - "src/**/*.ts", - ]), - entrypoint = "apollo/ui/src/entrypoint.tsx", - index_html = "//rules_resf/internal/resf_bundle:index_no_mobile.hbs", - server_deps = server_deps, - server_entrypoint = server_entrypoint, - server_srcs = server_srcs, - tailwind_config = "//rules_resf/internal/resf_bundle:tailwind.config.nopreflight.js", - title = "Rocky Enterprise Software Foundation Product Errata", - deps = [ - "//apollo/proto/v1:client_typescript", - "//common/mui", - "//common/ui", - "//tailwind:css", - "@npm//@chakra-ui/react", - "@npm//@chakra-ui/icons", - "@npm//@emotion/unitless", - "@npm//framer-motion", - "@npm//framesync", - "@npm//popmotion", - "@npm//style-value-types", - "@npm//await-to-js", - "@npm//react", - "@npm//react-dom", - "@npm//react-router", - "@npm//react-router-dom", - ], -) - -container( - base = "//bases/bazel/node", - files = [ - ":apollo.bundle", - ], - frontend = True, - image_name = "apollo-frontend", - server_entrypoint = server_entrypoint, - server_files = server_srcs + server_deps, -) - -peridot_k8s( - name = "apollo-frontend", - src = "deploy.jsonnet", - outs = RESFDEPLOY_OUTS_BASE, - deps = ["//ci"], -) diff --git a/apollo/ui/deploy.jsonnet b/apollo/ui/deploy.jsonnet deleted file mode 100644 index 9b9b8bb..0000000 --- a/apollo/ui/deploy.jsonnet +++ /dev/null @@ -1,25 +0,0 @@ -local resfdeploy = import 'ci/resfdeploy.jsonnet'; -local kubernetes = import 'ci/kubernetes.jsonnet'; -local frontend = import 'ci/frontend.jsonnet'; - -local tag = std.extVar('tag'); - -resfdeploy.new({ - name: 'apollo-frontend', - backend: false, - migrate: false, - image: kubernetes.tag($.name), - tag: tag, - env: frontend.server_env, - ports: [ - { - name: 'http', - containerPort: 8086, - protocol: 'TCP', - expose: true, - }, - ], - health: { - port: 8086, - }, -}) diff --git a/apollo/ui/server/index.mjs b/apollo/ui/server/index.mjs deleted file mode 100644 index 80976ed..0000000 --- a/apollo/ui/server/index.mjs +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import server from '../../../common/frontend_server/index.mjs'; -import { - svcNameHttp, - endpointHttp, - NS, -} from '../../../common/frontend_server/upstream.mjs'; - -export default async function run(webpackConfig) { - const devFrontendUrl = 'http://errata.pdot.localhost:9007'; - const envPublicUrl = process.env['APOLLO_FRONTEND_HTTP_PUBLIC_URL']; - const frontendUrl = process.env['RESF_NS'] ? envPublicUrl : devFrontendUrl; - - server({ - baseURL: frontendUrl, - apis: { - '/api': { - prodApiUrl: endpointHttp(svcNameHttp('apollo'), NS('apollo')), - devApiUrl: `https://apollo-dev.internal.pdev.resf.localhost`, - }, - }, - port: 9007, - disableAuth: true, - webpackConfig, - }).then(); -} - -if (process.env.NODE_ENV === 'production') { - run().then(); -} diff --git a/apollo/ui/src/api.ts b/apollo/ui/src/api.ts deleted file mode 100644 index 058442f..0000000 --- a/apollo/ui/src/api.ts +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import * as apollo from 'bazel-bin/apollo/proto/v1/client_typescript'; - -export const api = new apollo.ApolloServiceApi( - new apollo.Configuration({ - basePath: '/api', // Points to frontend API proxy - }) -); diff --git a/apollo/ui/src/components/Overview.tsx b/apollo/ui/src/components/Overview.tsx deleted file mode 100644 index b7a6dd8..0000000 --- a/apollo/ui/src/components/Overview.tsx +++ /dev/null @@ -1,520 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import { - AddIcon, - ArrowLeftIcon, - ArrowRightIcon, - MinusIcon, - SearchIcon, -} from '@chakra-ui/icons'; -import { - Alert, - AlertDescription, - AlertIcon, - AlertTitle, - Box, - ButtonGroup, - FormControl, - FormLabel, - HStack, - IconButton, - Input, - InputGroup, - InputLeftElement, - Link, - Select, - Spinner, - Stack, - Table, - TableColumnHeaderProps, - TableContainer, - Tbody, - Td, - Text, - Th, - Thead, - Tr, - useColorModeValue, -} from '@chakra-ui/react'; -import { - severityToBadge, - severityToText, - typeToText, -} from 'apollo/ui/src/enumToText'; -import { - ListAdvisoriesFiltersSeverityEnum, - ListAdvisoriesFiltersTypeEnum, -} from 'bazel-bin/apollo/proto/v1/client_typescript'; -import { - V1Advisory, - V1AdvisoryType, -} from 'bazel-bin/apollo/proto/v1/client_typescript/models'; -import { reqap } from 'common/ui/reqap'; -import React, { useEffect, useState } from 'react'; -import { Link as RouterLink } from 'react-router-dom'; - -import { api } from '../api'; -import { COLOR_RESF_GREEN } from '../styles'; - -export const Overview = () => { - const inputBackground = useColorModeValue('white', undefined); - - const tableBg = useColorModeValue('white', 'gray.800'); - const pagerButtonScheme = useColorModeValue('blackAlpha', 'gray'); - const linkBlue = useColorModeValue('blue.600', 'blue.300'); - const linkPurple = useColorModeValue('purple.600', 'purple.300'); - - const [advisories, setAdvisories] = useState(); - const [lastUpdated, setLastUpdated] = useState(); - const [total, setTotal] = useState(0); - const [isLoading, setIsLoading] = useState(true); - const [isError, setIsError] = useState(false); - - // Request State - const [page, setPage] = useState(0); - const [pageSize, setPageSize] = useState(25); - const [filtersKeyword, setFiltersKeyword] = useState(); - const [filterBefore, setFilterBefore] = useState(); - const [filterAfter, setFilterAfter] = useState(); - const [filterProduct, setFilterProduct] = useState(''); - const [filtersType, setFiltersType] = - useState(); - const [filtersSeverity, setFiltersSeverity] = - useState(); - - useEffect(() => { - const fetch = async () => { - setIsLoading(true); - const [err, res] = await reqap(() => - api.listAdvisories({ - page, - limit: pageSize, - filtersKeyword, - filtersBefore: filterBefore, - filtersAfter: filterAfter, - filtersProduct: filterProduct, - filtersSeverity: filtersSeverity - ? ListAdvisoriesFiltersSeverityEnum[filtersSeverity] - : undefined, - filtersType: filtersType - ? ListAdvisoriesFiltersTypeEnum[filtersType] - : undefined, - }) - ); - - setIsLoading(false); - - if (err || !res) { - setIsError(true); - setAdvisories(undefined); - return; - } - - setIsError(false); - - if (res) { - setAdvisories(res.advisories); - setLastUpdated(res.lastUpdated); - setTotal(parseInt(res.total || '0')); - } - }; - - const timer = setTimeout(() => fetch(), 500); - - return () => clearTimeout(timer); - }, [ - pageSize, - page, - filtersKeyword, - filterBefore, - filterAfter, - filtersSeverity, - filterProduct, - filtersType, - ]); - - // TODO: Figure out why sticky isn't sticking - const stickyProps: TableColumnHeaderProps = { - position: 'sticky', - top: '0px', - zIndex: '10', - scope: 'col', - }; - - const lastPage = total < pageSize ? 0 : Math.ceil(total / pageSize) - 1; - - return ( - - - - - - - setFiltersKeyword(e.target.value)} - /> - - - - Type - - - {filtersType === 'Security' && ( - - Severity - - - )} - - Product - - - - - - From - { - const newVal = e.currentTarget.value; - console.log(newVal); - - if (!newVal) { - setFilterAfter(undefined); - } - - const asDate = new Date(newVal); - if (!(asDate instanceof Date) || isNaN(asDate.getTime())) { - // Check value parses as a date - return; - } - - const [year, month, date] = newVal.split('-').map(Number); - - setFilterAfter(new Date(year, month - 1, date)); - }} - /> - - - To - { - const newVal = e.currentTarget.value; - - if (!newVal) { - setFilterBefore(undefined); - } - - const asDate = new Date(newVal); - if (!(asDate instanceof Date) || isNaN(asDate.getTime())) { - // Check value parses as a date - return; - } - - const [year, month, date] = newVal.split('-').map(Number); - - setFilterBefore( - new Date(year, month - 1, date, 23, 59, 59, 59) // Set to 1ms prior to midnight to be inclusive of selected date - ); - }} - /> - - - - - - Last updated {lastUpdated?.toLocaleString() || 'never'} - - - - Displaying {(page * pageSize + 1).toLocaleString()}- - {Math.min(total, page * pageSize + pageSize).toLocaleString()} of{' '} - {total.toLocaleString()} - - - } - disabled={page <= 0} - onClick={() => setPage(0)} - /> - } - disabled={page <= 0} - onClick={() => setPage((old) => old - 1)} - /> - - {(page + 1).toLocaleString()} / {(lastPage + 1).toLocaleString()} - - } - disabled={page >= lastPage} - onClick={() => setPage((old) => old + 1)} - /> - } - disabled={page >= lastPage} - onClick={() => setPage(lastPage)} - /> - - - - {isLoading ? ( - - ) : isError ? ( - - - Something has gone wrong - Failed to load errata - - ) : ( - - - - - - - - - - - - - - {!advisories?.length && ( - - - - )} - {advisories?.map((a, idx) => ( - - - - - - - - - ))} - -
- AdvisorySynopsisType / SeverityProductsIssue Date
- No rows found -
- {severityToBadge(a.severity, a.type)} - - - {a.name} - - - {a.synopsis?.replace( - /^(Critical|Important|Moderate|Low): /, - '' - )} - - {typeToText(a.type)} - {a.type === V1AdvisoryType.Security - ? ` / ${severityToText(a.severity)}` - : ''} - {a.affectedProducts?.join(', ')} - {Intl.DateTimeFormat(undefined, { - day: '2-digit', - month: 'short', - year: 'numeric', - }).format(a.publishedAt)} -
- - - )} - - - Rows per page: - - - - - ); -}; diff --git a/apollo/ui/src/components/Root.tsx b/apollo/ui/src/components/Root.tsx deleted file mode 100644 index a6117a3..0000000 --- a/apollo/ui/src/components/Root.tsx +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import { MoonIcon, SunIcon } from '@chakra-ui/icons'; -import { - Box, - HStack, - Text, - Link as ChakraLink, - useColorMode, - IconButton, - useColorModeValue, - DarkMode, -} from '@chakra-ui/react'; -import { RESFLogo } from 'common/ui/RESFLogo'; -import React from 'react'; -import { Route, Switch } from 'react-router'; -import { Link } from 'react-router-dom'; - -import { COLOR_RESF_BLUE, COLOR_RESF_GREEN } from '../styles'; -import { Overview } from './Overview'; -import { ShowErrata } from './ShowErrata'; - -export const Root = () => { - const { colorMode, toggleColorMode } = useColorMode(); - - const SwitchIcon = useColorModeValue(MoonIcon, SunIcon); - const bodyBg = useColorModeValue('gray.100', 'gray.900'); - - return ( - - - - - - - Product Errata - - - - - } - /> - - - - - - - - - - - - - - - RSS - - - - ); -}; diff --git a/apollo/ui/src/components/ShowErrata.tsx b/apollo/ui/src/components/ShowErrata.tsx deleted file mode 100644 index a1efd7e..0000000 --- a/apollo/ui/src/components/ShowErrata.tsx +++ /dev/null @@ -1,343 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import { - Alert, - AlertDescription, - AlertIcon, - AlertTitle, - Box, - Breadcrumb, - BreadcrumbItem, - BreadcrumbLink, - Heading, - HStack, - Link, - ListItem, - Spinner, - Tab, - TabList, - TabPanel, - TabPanels, - Tabs, - Text, - UnorderedList, - useColorModeValue, - VStack, -} from '@chakra-ui/react'; -import { - severityToBadge, - severityToText, - typeToText, -} from 'apollo/ui/src/enumToText'; -import { - V1Advisory, - V1AdvisoryType, -} from 'bazel-bin/apollo/proto/v1/client_typescript'; -import { reqap } from 'common/ui/reqap'; -import React, { useState } from 'react'; -import { RouteComponentProps } from 'react-router'; -import { Link as RouterLink } from 'react-router-dom'; - -import { api } from '../api'; -import { COLOR_RESF_GREEN } from '../styles'; - -interface ShowErrataParams { - id: string; -} - -export interface ShowErrataProps - extends RouteComponentProps {} - -export const ShowErrata = (props: ShowErrataProps) => { - const id = props.match.params.id; - - const cardBg = useColorModeValue('white', 'gray.800'); - const sideBg = useColorModeValue('gray.100', 'gray.700'); - const linkBlue = useColorModeValue('blue.600', 'blue.300'); - const linkPurple = useColorModeValue('purple.600', 'purple.300'); - - const [errata, setErrata] = useState(); - const [isLoading, setIsLoading] = useState(true); - const [isError, setIsError] = useState(false); - - React.useEffect(() => { - const fetch = async () => { - setIsLoading(true); - - const [err, res] = await reqap(() => api.getAdvisory({ id })); - - setIsLoading(false); - - if (err || !res) { - setIsError(true); - setErrata(undefined); - return; - } - - setIsError(false); - - setErrata(res.advisory); - }; - - fetch(); - }, [id]); - - return ( - - - - - Product Errata - - - - {id} - - - {isLoading ? ( - - ) : isError ? ( - - - Something has gone wrong - Failed to load errata - - ) : ( - errata && ( - <> - - {severityToBadge(errata.severity, errata.type, 40)} - - - - {errata.name} - - - {errata.synopsis} - - - - - Erratum - Affected Packages - - - - - - Topic - - {errata.topic?.split('\n').map((p, i) => ( - - {p} - - ))} - - Description - - {errata.description?.split('\n').map((p, i) => ( - - {p} - - ))} - - - - {Object.keys(errata.rpms || {}).map((product) => ( -
- - {product} - - - SRPMs - - - {errata.rpms?.[product]?.nvras - ?.filter((x) => x.indexOf('.src.rpm') !== -1) - .map((x) => ( - {x} - ))} - - - RPMs - - - {errata.rpms?.[product]?.nvras - ?.filter((x) => x.indexOf('.src.rpm') === -1) - .map((x) => ( - {x} - ))} - -
- ))} - - - - - - Issued: {errata.publishedAt?.toLocaleDateString()} - - - Type: {typeToText(errata.type)} - - {errata.type === V1AdvisoryType.Security && ( - - Severity: {severityToText(errata.severity)} - - )} - - - Affected Product - {(errata.affectedProducts?.length || 0) > 1 ? 's' : ''} - - - {errata.affectedProducts?.map((x, idx) => ( - {x} - ))} - - - - Fixes - - {errata.fixes?.map((x, idx) => ( - - - {x.sourceBy} - {x.ticket} - - - ))} - - - - CVEs - - {!!errata.cves?.length ? ( - errata.cves?.map((x, idx) => { - let text = `${x.name}${ - x.sourceBy !== '' && ` (Source: ${x.sourceBy})` - }`; - - return ( - - {x.sourceLink === '' ? ( - {text} - ) : ( - - {text} - - )} - - ); - }) - ) : ( - No CVEs - )} - - - - References - - {!!errata.references?.length ? ( - errata.references?.map((x, idx) => ( - {x} - )) - ) : ( - No references - )} - - - - - - - ) - )} - - ); -}; diff --git a/apollo/ui/src/entrypoint.tsx b/apollo/ui/src/entrypoint.tsx deleted file mode 100644 index 6b351e3..0000000 --- a/apollo/ui/src/entrypoint.tsx +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import 'tailwind/tailwind.css'; - -import { ChakraProvider, ColorModeScript } from '@chakra-ui/react'; -import React from 'react'; -import ReactDOM from 'react-dom'; -import { BrowserRouter } from 'react-router-dom'; - -import { Root } from './components/Root'; -import theme from './theme'; - -export const app = () => { - ReactDOM.render( - <> - - - - - - - , - document.getElementById('root') - ); -}; - -app(); - -if (module.hot) { - module.hot.accept(app); -} diff --git a/apollo/ui/src/enumToText.tsx b/apollo/ui/src/enumToText.tsx deleted file mode 100644 index 8fcb848..0000000 --- a/apollo/ui/src/enumToText.tsx +++ /dev/null @@ -1,182 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import { Box, Tag, TagProps, Tooltip } from '@chakra-ui/react'; -import { - AdvisorySeverity, - V1AdvisoryType, -} from 'bazel-bin/apollo/proto/v1/client_typescript'; -import React from 'react'; - -export const severityToText = (severity?: AdvisorySeverity): string => { - switch (severity) { - case AdvisorySeverity.Critical: - return 'Critical'; - case AdvisorySeverity.Important: - return 'Important'; - case AdvisorySeverity.Moderate: - return 'Moderate'; - case AdvisorySeverity.Low: - return 'Low'; - default: - return 'None'; - } -}; - -export const severityToBadge = ( - severity: AdvisorySeverity | undefined, - type: V1AdvisoryType | undefined, - size: number = 20 -): React.ReactNode => { - return ( - - { - { - [AdvisorySeverity.Critical]: ( - - - - - - - ), - [AdvisorySeverity.Important]: ( - - - - - - - ), - [AdvisorySeverity.Moderate]: ( - - - - - ), - [AdvisorySeverity.Low]: ( - - - - - - - ), - [AdvisorySeverity.Unknown]: ( - - - - - - - - ), - }[severity || AdvisorySeverity.Unknown] - } - - ); -}; - -export const typeToText = (type?: V1AdvisoryType): string => { - switch (type) { - case V1AdvisoryType.Bugfix: - return 'Bug Fix'; - case V1AdvisoryType.Security: - return 'Security'; - case V1AdvisoryType.Enhancement: - return 'Enhancement'; - default: - return 'Unknown'; - } -}; diff --git a/apollo/ui/src/styles.ts b/apollo/ui/src/styles.ts deleted file mode 100644 index 2008bb7..0000000 --- a/apollo/ui/src/styles.ts +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -export const COLOR_RESF_GREEN = '#10B981'; -export const COLOR_RESF_BLUE = '#1054B9'; diff --git a/apollo/ui/src/theme.ts b/apollo/ui/src/theme.ts deleted file mode 100644 index d4b9e50..0000000 --- a/apollo/ui/src/theme.ts +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) All respective contributors to the Peridot Project. All rights reserved. - * Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. - * Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors - * may be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -import { extendTheme, type Theme, type ThemeConfig } from '@chakra-ui/react'; - -const config: ThemeConfig = { - initialColorMode: 'system', -}; - -const styles: Theme['styles'] = { - global: (props) => ({ - ':root': { - colorScheme: props.colorMode, - }, - }), -}; - -const theme = extendTheme({ - config, - styles, -}); - -export default theme; diff --git a/apollo/worker/BUILD.bazel b/apollo/worker/BUILD.bazel deleted file mode 100644 index e240224..0000000 --- a/apollo/worker/BUILD.bazel +++ /dev/null @@ -1,15 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "worker", - srcs = ["worker.go"], - importpath = "peridot.resf.org/apollo/worker", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/workflow", - "//vendor/github.com/sirupsen/logrus", - "//vendor/go.temporal.io/sdk/client", - "//vendor/go.temporal.io/sdk/worker", - ], -) diff --git a/apollo/worker/worker.go b/apollo/worker/worker.go deleted file mode 100644 index 07de405..0000000 --- a/apollo/worker/worker.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package worker - -import ( - "github.com/sirupsen/logrus" - "go.temporal.io/sdk/client" - "go.temporal.io/sdk/worker" - apollodb "peridot.resf.org/apollo/db" - "peridot.resf.org/apollo/workflow" -) - -type Worker struct { - Client client.Client - TaskQueue string - WorkflowController *workflow.Controller - Worker worker.Worker - - log *logrus.Logger -} - -type NewWorkerInput struct { - Temporal client.Client - Database apollodb.Access - TaskQueue string -} - -func NewWorker(input *NewWorkerInput, workflowOpts ...workflow.Option) (*Worker, error) { - log := logrus.New() - - controller, err := workflow.NewController(&workflow.NewControllerInput{ - Temporal: input.Temporal, - Database: input.Database, - MainQueue: input.TaskQueue, - }, workflowOpts...) - if err != nil { - return nil, err - } - - return &Worker{ - Client: input.Temporal, - TaskQueue: input.TaskQueue, - WorkflowController: controller, - Worker: worker.New(input.Temporal, input.TaskQueue, worker.Options{}), - log: log, - }, nil -} - -func (w *Worker) Run() { - err := w.Worker.Run(worker.InterruptCh()) - if err != nil { - w.log.Fatalf("could not run worker: %v", err) - } -} diff --git a/apollo/workflow/BUILD.bazel b/apollo/workflow/BUILD.bazel deleted file mode 100644 index 0828990..0000000 --- a/apollo/workflow/BUILD.bazel +++ /dev/null @@ -1,59 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "workflow", - srcs = [ - "autocreate_advisory.go", - "collect_cve_data.go", - "common.go", - "downstream_check.go", - "poll_mirror_cve.go", - "poll_mirror_errata.go", - "update_cve_state.go", - "workflow.go", - ], - importpath = "peridot.resf.org/apollo/workflow", - visibility = ["//visibility:public"], - deps = [ - "//apollo/db", - "//apollo/proto/v1:pb", - "//apollo/rherrata", - "//apollo/rhsecurity", - "//apollo/rpmutils", - "//koji", - "//utils", - "//vendor/github.com/gobwas/glob", - "//vendor/github.com/jmoiron/sqlx/types", - "//vendor/github.com/pkg/errors", - "//vendor/github.com/sirupsen/logrus", - "//vendor/github.com/spf13/viper", - "//vendor/go.temporal.io/sdk/activity", - "//vendor/go.temporal.io/sdk/client", - "//vendor/go.temporal.io/sdk/workflow", - ], -) - -go_test( - name = "workflow_test", - srcs = [ - "autocreate_advisory_test.go", - "downstream_check_test.go", - "poll_mirror_cve_test.go", - "poll_mirror_errata_test.go", - "update_cve_state_test.go", - "workflow_test.go", - ], - data = glob(["testdata/**"]), - embed = [":workflow"], - deps = [ - "//apollo/db", - "//apollo/db/mock", - "//apollo/proto/v1:pb", - "//apollo/rherrata", - "//apollo/rhsecurity", - "//apollo/rhsecuritymock", - "//koji", - "//vendor/github.com/stretchr/testify/require", - "//vendor/go.temporal.io/sdk/testsuite", - ], -) diff --git a/apollo/workflow/autocreate_advisory.go b/apollo/workflow/autocreate_advisory.go deleted file mode 100644 index f5e1d4a..0000000 --- a/apollo/workflow/autocreate_advisory.go +++ /dev/null @@ -1,231 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "database/sql" - "fmt" - "github.com/sirupsen/logrus" - "go.temporal.io/sdk/workflow" - apollodb "peridot.resf.org/apollo/db" - "peridot.resf.org/apollo/rpmutils" - "strconv" - "strings" - "time" -) - -func (c *Controller) AutoCreateAdvisoryActivity() error { - cves, err := c.db.GetAllCVEsFixedDownstream() - if err != nil { - c.log.Errorf("Could not get cves fixed downstream: %v", err) - return fmt.Errorf("could not get cves fixed downstream") - } - - rebootSuggestedPackages, err := c.db.GetAllRebootSuggestedPackages() - if err != nil { - c.log.Errorf("Could not get reboot suggested packages: %v", err) - return fmt.Errorf("could not get reboot suggested packages") - } - - for _, cve := range cves { - beginTx, err := c.db.Begin() - if err != nil { - logrus.Errorf("could not begin tx: %v", err) - continue - } - tx := c.db.UseTransaction(beginTx) - - affectedProducts, err := tx.GetAllAffectedProductsByCVE(cve.ID) - if err != nil { - logrus.Errorf("Could not get affected products for %s: %v", cve.ID, err) - _ = beginTx.Rollback() - continue - } - - var existingAdvisory *apollodb.Advisory - didSkip := false - - for _, affectedProduct := range affectedProducts { - if !affectedProduct.Advisory.Valid { - continue - } - product, err := c.db.GetProductByID(affectedProduct.ProductID) - if err != nil { - c.log.Errorf("could not get product by id %d: %v", affectedProduct.ProductID, err) - return fmt.Errorf("could not get product by id %d", affectedProduct.ProductID) - } - - advisorySplit := strings.Split(affectedProduct.Advisory.String, "-") - numYearSplit := strings.Split(advisorySplit[1], ":") - - year, err := strconv.Atoi(numYearSplit[0]) - if err != nil { - logrus.Errorf("invalid year %s", numYearSplit[0]) - continue - } - num, err := strconv.Atoi(numYearSplit[1]) - if err != nil { - logrus.Errorf("invalid num %s", numYearSplit[1]) - continue - } - - existingAdvisory, err = tx.GetAdvisoryByCodeAndYearAndNum(product.ShortCode, year, num) - if err != nil { - if err == sql.ErrNoRows { - errata, err := c.errata.GetErrata(affectedProduct.Advisory.String) - if err != nil { - logrus.Errorf("could not get errata from Red Hat: %v", err) - didSkip = true - break - } - - for i, _ := range errata.Topic { - errata.Topic[i] = strings.Replace(errata.Topic[i], "Red Hat Enterprise Linux", product.RedHatProductPrefix.String, -1) - errata.Topic[i] = strings.Replace(errata.Topic[i], "Red Hat", c.vendor, -1) - } - for i, _ := range errata.Description { - errata.Description[i] = strings.Replace(errata.Description[i], "Red Hat Enterprise Linux", product.RedHatProductPrefix.String, -1) - errata.Description[i] = strings.Replace(errata.Description[i], "Red Hat", c.vendor, -1) - } - - var packageName string - if !rpmutils.Module().MatchString(affectedProduct.Package) { - packageName = affectedProduct.Package - } - - newAdvisory := &apollodb.Advisory{ - Year: year, - Num: num, - Synopsis: errata.Synopsis, - Topic: strings.Join(errata.Topic, "\n"), - Severity: int(errata.Severity), - Type: int(errata.Type), - Description: strings.Join(errata.Description, "\n"), - RedHatIssuedAt: sql.NullTime{Valid: true, Time: errata.IssuedAt}, - ShortCodeCode: product.ShortCode, - PublishedAt: sql.NullTime{}, - } - if packageName != "" { - match, err := c.checkForRebootSuggestedPackage(rebootSuggestedPackages, packageName) - if err != nil { - c.log.Errorf("could not check for reboot suggested package: %v", err) - return fmt.Errorf("could not check for reboot suggested package") - } - if match { - newAdvisory.RebootSuggested = true - } - } - - newAdvisory, err = tx.CreateAdvisory(newAdvisory) - if err != nil { - logrus.Errorf("Could not create new advisory: %v", err) - didSkip = true - break - } - existingAdvisory = newAdvisory - - for _, fix := range errata.Fixes { - sourceLink := fmt.Sprintf("https://bugzilla.redhat.com/show_bug.cgi?id=%s", fix.BugzillaID) - id, err := tx.CreateFix(fix.BugzillaID, "Red Hat", sourceLink, fix.Description) - if err != nil { - logrus.Errorf("Could not create fix for BZ#%s", fix.BugzillaID) - didSkip = true - break - } - err = tx.AddAdvisoryFix(existingAdvisory.ID, id) - if err != nil { - logrus.Errorf("Could not add fix BZ#%s to advisory %d", fix.BugzillaID, existingAdvisory.ID) - didSkip = true - break - } - } - if didSkip { - break - } - for _, reference := range errata.References { - // Skip redhat.com references - if strings.Contains(reference, "redhat.com") { - continue - } - - err := tx.CreateAdvisoryReference(existingAdvisory.ID, reference) - if err != nil { - logrus.Errorf("Could not reference %s", reference) - didSkip = true - break - } - } - if didSkip { - break - } - } else { - logrus.Errorf("Could not reach database to retrieve advisory: %v", err) - didSkip = true - break - } - } - - if didSkip { - break - } - - err = tx.AddAdvisoryCVE(existingAdvisory.ID, cve.ID) - if err != nil { - logrus.Errorf("Could not add %s to advisory %d", cve.ID, existingAdvisory.ID) - didSkip = true - break - } - } - - if didSkip { - _ = beginTx.Rollback() - continue - } - - err = beginTx.Commit() - if err != nil { - logrus.Errorf("Could not commit database transaction: %v", err) - continue - } - - logrus.Infof("Created/updated advisory %s-%d:%d for %s", existingAdvisory.ShortCodeCode, existingAdvisory.Year, existingAdvisory.Num, cve.ID) - } - - return nil -} - -func (c *Controller) AutoCreateAdvisoryWorkflow(ctx workflow.Context) error { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 5 * time.Minute, - StartToCloseTimeout: time.Hour, - }) - return workflow.ExecuteActivity(activityCtx, c.AutoCreateAdvisoryActivity).Get(ctx, nil) -} diff --git a/apollo/workflow/autocreate_advisory_test.go b/apollo/workflow/autocreate_advisory_test.go deleted file mode 100644 index 42e7e2c..0000000 --- a/apollo/workflow/autocreate_advisory_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow diff --git a/apollo/workflow/collect_cve_data.go b/apollo/workflow/collect_cve_data.go deleted file mode 100644 index e83cff1..0000000 --- a/apollo/workflow/collect_cve_data.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "context" - "encoding/json" - "github.com/pkg/errors" - "go.temporal.io/sdk/workflow" - "strings" - "time" -) - -func (c *Controller) CollectCVEDataActivity(ctx context.Context) error { - cves, err := c.db.GetAllCVEs() - if err != nil { - return errors.Wrap(err, "could not get cves") - } - - // Go through each CVE and set CVE content by fetching from rhsecurity - for _, cve := range cves { - if cve.Content.Valid { - continue - } - if !strings.HasPrefix(cve.ID, "CVE") { - continue - } - - cveRh, _, err := c.security.GetCveExecute(c.security.GetCve(ctx, cve.ID)) - if err != nil { - return errors.Wrap(err, "could not get cve") - } - - cveBytes, err := json.Marshal(cveRh) - if err != nil { - return errors.Wrap(err, "could not marshal cve") - } - err = c.db.SetCVEContent(cve.ID, cveBytes) - if err != nil { - return errors.Wrap(err, "could not set cve content") - } - } - - return nil -} - -func (c *Controller) CollectCVEDataWorkflow(ctx workflow.Context) error { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 5 * time.Minute, - StartToCloseTimeout: 12 * time.Hour, - }) - return workflow.ExecuteActivity(activityCtx, c.CollectCVEDataActivity).Get(ctx, nil) -} diff --git a/apollo/workflow/common.go b/apollo/workflow/common.go deleted file mode 100644 index 42e7e2c..0000000 --- a/apollo/workflow/common.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow diff --git a/apollo/workflow/downstream_check.go b/apollo/workflow/downstream_check.go deleted file mode 100644 index 705bd11..0000000 --- a/apollo/workflow/downstream_check.go +++ /dev/null @@ -1,203 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "context" - "fmt" - "github.com/sirupsen/logrus" - "go.temporal.io/sdk/activity" - "go.temporal.io/sdk/workflow" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rpmutils" - "peridot.resf.org/utils" - "strings" - "time" -) - -func (c *Controller) DownstreamCVECheckActivity(ctx context.Context) error { - go func() { - for { - activity.RecordHeartbeat(ctx) - time.Sleep(10 * time.Second) - } - }() - - pendingProducts, err := c.db.GetPendingAffectedProducts() - if err != nil { - logrus.Errorf("could not get fixed cves: %v", err) - return fmt.Errorf("could not get fixed cves") - } - - for _, affectedProduct := range pendingProducts { - if !affectedProduct.CveID.Valid { - continue - } - - err = func() error { - willNotFixOnly := true - allFixed := true - - switch affectedProduct.State { - case - int(apollopb.AffectedProduct_STATE_WILL_NOT_FIX_UPSTREAM), - int(apollopb.AffectedProduct_STATE_OUT_OF_SUPPORT_SCOPE): - return nil - case - int(apollopb.AffectedProduct_STATE_UNDER_INVESTIGATION_UPSTREAM), - int(apollopb.AffectedProduct_STATE_AFFECTED_UPSTREAM): - allFixed = false - willNotFixOnly = false - return nil - } - - product, err := c.db.GetProductByID(affectedProduct.ProductID) - if err != nil { - logrus.Errorf("could not get product with id %d: %v", affectedProduct.ProductID, err) - return err - } - - ignoredUpstreamPackages, err := c.db.GetAllIgnoredPackagesByProductID(product.ID) - if err != nil { - logrus.Errorf("could not get ignored packages: %v", err) - return err - } - - beginTx, err := c.db.Begin() - if err != nil { - logrus.Errorf("could not begin transaction: %v", err) - return err - } - tx := c.db.UseTransaction(beginTx) - - skipProduct := false - defer func(skipProduct *bool, affectedProduct apollodb.AffectedProduct) { - if *skipProduct { - logrus.Infof("%s: Skipping package for now", affectedProduct.Package) - _ = beginTx.Rollback() - } - }(&skipProduct, *affectedProduct) - - cve, err := c.db.GetCVEByID(affectedProduct.CveID.String) - if err != nil { - return err - } - - nvrOnly := strings.Replace(affectedProduct.Package, ":", "-", 1) - if rpmutils.Module().MatchString(nvrOnly) { - if !affectedProduct.Advisory.Valid { - skipProduct = true - } - - redHatAdvisory, err := c.errata.GetErrata(affectedProduct.Advisory.String) - if err != nil { - logrus.Errorf("Could not get Red Hat Advisory: %v", err) - skipProduct = true - } - - for _, arch := range product.Archs { - redHatProductName := affectedProductNameForArchAndVersion(arch, product.RedHatMajorVersion.Int32) - affected := redHatAdvisory.AffectedProducts[redHatProductName] - if affected == nil { - continue - } - srpms := affected.SRPMs - for _, srpm := range srpms { - status := c.checkKojiForBuild(tx, ignoredUpstreamPackages, srpm, affectedProduct, cve) - if status == apollopb.BuildStatus_BUILD_STATUS_SKIP { - skipProduct = true - break - } else if status == apollopb.BuildStatus_BUILD_STATUS_FIXED { - willNotFixOnly = false - } else if status == apollopb.BuildStatus_BUILD_STATUS_NOT_FIXED { - allFixed = false - willNotFixOnly = false - } - } - break - } - if skipProduct { - logrus.Errorf("%s has not been fixed for NVR %s", cve.ID, nvrOnly) - } - } else { - nvrOnly = rpmutils.Epoch().ReplaceAllString(affectedProduct.Package, "") - status := c.checkKojiForBuild(tx, ignoredUpstreamPackages, nvrOnly, affectedProduct, cve) - if status == apollopb.BuildStatus_BUILD_STATUS_SKIP { - skipProduct = true - } else if status == apollopb.BuildStatus_BUILD_STATUS_FIXED { - willNotFixOnly = false - } else if status == apollopb.BuildStatus_BUILD_STATUS_NOT_FIXED { - allFixed = false - willNotFixOnly = false - } - } - - if !skipProduct { - newState := apollopb.AffectedProduct_STATE_FIXED_UPSTREAM - if allFixed { - newState = apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM - } - if willNotFixOnly { - newState = apollopb.AffectedProduct_STATE_WILL_NOT_FIX_UPSTREAM - } - err := tx.UpdateAffectedProductStateAndPackageAndAdvisory(affectedProduct.ID, int(newState), affectedProduct.Package, utils.NullStringToPointer(affectedProduct.Advisory)) - if err != nil { - logrus.Errorf("Could not save new CVE state: %v", err) - return err - } - err = beginTx.Commit() - if err != nil { - logrus.Errorf("could not commit transaction: %v", err) - return err - } - - logrus.Infof("%s is now set to %s", cve.ID, newState.String()) - } - - return nil - }() - if err != nil { - return err - } - } - - return nil -} - -func (c *Controller) DownstreamCVECheckWorkflow(ctx workflow.Context) error { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 30 * time.Minute, - StartToCloseTimeout: 6 * time.Hour, - HeartbeatTimeout: 30 * time.Second, - }) - return workflow.ExecuteActivity(activityCtx, c.DownstreamCVECheckActivity).Get(ctx, nil) -} diff --git a/apollo/workflow/downstream_check_test.go b/apollo/workflow/downstream_check_test.go deleted file mode 100644 index e04e734..0000000 --- a/apollo/workflow/downstream_check_test.go +++ /dev/null @@ -1,462 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "github.com/stretchr/testify/require" - "go.temporal.io/sdk/testsuite" - "io/ioutil" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rherrata" - "peridot.resf.org/koji" - "testing" -) - -func getDownstreamCheckEnv() *testsuite.TestWorkflowEnvironment { - env := getPollRedHatErrataEnv() - env.RegisterActivity(controller.UpdateCVEStateActivity) - env.RegisterActivity(controller.DownstreamCVECheckActivity) - - return env -} - -func TestInstance_CheckIfCVEResolvedDownstream_RHBA20212593_NotFixedDownstream(t *testing.T) { - resetDb() - - errataMock.Advisories.Response.Docs = []*rherrata.CompactErrata{ - { - Name: "RHBA-2021:2593", - Description: "", - Synopsis: "", - Severity: "None", - Type: "Bug Fix", - AffectedPackages: []string{ - "cmake-3.18.2-11.el8_4.src.rpm", - "cmake-3.18.2-11.el8_4.x86_64.rpm", - "cmake-data-3.18.2-11.el8_4.noarch.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-debugsource-3.18.2-11.el8_4.i686.rpm", - "cmake-debugsource-3.18.2-11.el8_4.x86_64.rpm", - "cmake-doc-3.18.2-11.el8_4.noarch.rpm", - "cmake-filesystem-3.18.2-11.el8_4.i686.rpm", - "cmake-filesystem-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-rpm-macros-3.18.2-11.el8_4.noarch.rpm", - }, - CVEs: []string{}, - Fixes: []string{}, - PublicationDate: "2021-06-29T00:00:00Z", - }, - } - - env := getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.PollRedHatErrataWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.DownstreamCVECheckWorkflow) - require.Nil(t, env.GetWorkflowError()) - - affectedProducts, _ := controller.db.GetAllAffectedProductsByCVE("RHBA-2021:2593") - require.Len(t, affectedProducts, 1) - require.Equal(t, "cmake-3.18.2-11.el8_4", affectedProducts[0].Package) - require.Equal(t, int(apollopb.AffectedProduct_STATE_FIXED_UPSTREAM), affectedProducts[0].State) -} - -func TestInstance_CheckIfCVEResolvedDownstream_RHBA20212593_FixedDownstream(t *testing.T) { - resetDb() - - htmlFile, err := ioutil.ReadFile("testdata/RHBA-2021-2593.html") - require.Nil(t, err) - - errataMock.HTMLResponses["RHBA-2021:2593"] = string(htmlFile[:]) - - errataMock.Advisories.Response.Docs = []*rherrata.CompactErrata{ - { - Name: "RHBA-2021:2593", - Description: "", - Synopsis: "", - Severity: "None", - Type: "Bug Fix", - AffectedPackages: []string{ - "cmake-3.18.2-11.el8_4.src.rpm", - "cmake-3.18.2-11.el8_4.x86_64.rpm", - "cmake-data-3.18.2-11.el8_4.noarch.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-debugsource-3.18.2-11.el8_4.i686.rpm", - "cmake-debugsource-3.18.2-11.el8_4.x86_64.rpm", - "cmake-doc-3.18.2-11.el8_4.noarch.rpm", - "cmake-filesystem-3.18.2-11.el8_4.i686.rpm", - "cmake-filesystem-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-rpm-macros-3.18.2-11.el8_4.noarch.rpm", - }, - CVEs: []string{}, - Fixes: []string{}, - PublicationDate: "2021-06-29T00:00:00Z", - }, - } - - env := getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.PollRedHatErrataWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.UpdateCVEStateWorkflow) - require.Nil(t, env.GetWorkflowError()) - - kojiMock.Tagged = []*koji.Build{ - { - BuildId: 10, - CompletionTime: "", - CompletionTs: 0, - CreationEventId: 0, - CreationTime: "", - CreationTs: 0, - Epoch: "", - Extra: &koji.ListBuildsExtra{ - Source: &koji.ListBuildsExtraSource{ - OriginalUrl: "git+https://git.rockylinux.org/staging/rpms/cmake.git?#aa313111d4efd7cc6c36d41cd9fc29874d1e0740", - }, - }, - Name: "cmake", - Nvr: "cmake-3.18.2-11.el8_4", - OwnerId: 0, - OwnerName: "distrobuild", - PackageId: 0, - PackageName: "cmake", - Release: "11.el8_4", - Source: "", - StartTime: "", - StartTs: 0, - State: 0, - TaskId: 0, - Version: "3.18.2", - VolumeId: 0, - VolumeName: "", - TagId: 0, - TagName: "", - }, - } - - kojiMock.RPMs = []*koji.RPM{ - { - Arch: "src", - BuildId: 10, - Name: "cmake", - Nvr: "cmake-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake", - Nvr: "cmake-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake-gui", - Nvr: "cmake-gui-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "noarch", - BuildId: 10, - Name: "cmake-doc", - Nvr: "cmake-doc-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "noarch", - BuildId: 10, - Name: "cmake-rpm-macros", - Nvr: "cmake-rpm-macros-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "noarch", - BuildId: 10, - Name: "cmake-data", - Nvr: "cmake-data-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "i686", - BuildId: 10, - Name: "cmake-debuginfo", - Nvr: "cmake-debuginfo-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake-debuginfo", - Nvr: "cmake-debuginfo-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "i686", - BuildId: 10, - Name: "cmake-debugsource", - Nvr: "cmake-debugsource-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake-debugsource", - Nvr: "cmake-debugsource-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "i686", - BuildId: 10, - Name: "cmake-filesystem", - Nvr: "cmake-filesystem-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake-filesystem", - Nvr: "cmake-filesystem-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "i686", - BuildId: 10, - Name: "cmake-gui-debuginfo", - Nvr: "cmake-gui-debuginfo-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "cmake-gui-debuginfo", - Nvr: "cmake-gui-debuginfo-3.18.2-11.el8_4", - Release: "11.el8_4", - Version: "3.18.2", - }, - } - - env = getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.DownstreamCVECheckWorkflow) - require.Nil(t, env.GetWorkflowError()) - - affectedProducts, _ := controller.db.GetAllAffectedProductsByCVE("RHBA-2021:2593") - require.Len(t, affectedProducts, 1) - require.Equal(t, "cmake-3.18.2-11.el8_4", affectedProducts[0].Package) - require.Equal(t, int(apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM), affectedProducts[0].State) - - require.Len(t, mockDb.BuildReferences, 14) - require.Equal(t, "10", mockDb.BuildReferences[0].KojiID.String) -} - -/*func TestInstance_CheckIfCVEResolvedDownstream_RHSA20221642_FixedDownstream(t *testing.T) { - resetDb() - - htmlFile, err := ioutil.ReadFile("testdata/RHSA-2022-1642.html") - require.Nil(t, err) - - errataMock.HTMLResponses["RHSA-2022:1642"] = string(htmlFile[:]) - - errataMock.Advisories.Response.Docs = []*rherrata.CompactErrata{ - { - Name: "RHSA-2022:1642", - Description: "", - Synopsis: "", - Severity: "Important", - Type: "Security", - AffectedPackages: []string{ - "zlib-1.2.11-18.el8_5.src.rpm", - "zlib-1.2.11-18.el8_5.i686.rpm", - "zlib-1.2.11-18.el8_5.x86_64.rpm", - "zlib-debuginfo-1.2.11-18.el8_5.i686.rpm", - "zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm", - "zlib-debugsource-1.2.11-18.el8_5.i686.rpm", - "zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm", - "zlib-devel-1.2.11-18.el8_5.i686.rpm", - "zlib-devel-1.2.11-18.el8_5.x86_64.rpm", - }, - CVEs: []string{ - "CVE-2018-25032", - }, - Fixes: []string{}, - PublicationDate: "2022-04-28T00:00:00Z", - }, - } - - env := getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.PollRedHatErrataWorkflow) - require.Nil(t, env.GetWorkflowError()) - - kojiMock.Tagged = []*koji.Build{ - { - BuildId: 10, - CompletionTime: "", - CompletionTs: 0, - CreationEventId: 0, - CreationTime: "", - CreationTs: 0, - Epoch: "", - Extra: &koji.ListBuildsExtra{ - Source: &koji.ListBuildsExtraSource{ - OriginalUrl: "git+https://git.rockylinux.org/staging/rpms/zlib.git?#cc63be52ed1ba4f25d2015fd014558a3e7e19b08", - }, - }, - Name: "zlib", - Nvr: "zlib-1.2.11-18.el8_5", - OwnerId: 0, - OwnerName: "distrobuild", - PackageId: 0, - PackageName: "zlib", - Release: "18.el8_5", - Source: "", - StartTime: "", - StartTs: 0, - State: 0, - TaskId: 0, - Version: "1.2.11", - VolumeId: 0, - VolumeName: "", - TagId: 0, - TagName: "", - }, - } - - kojiMock.RPMs = []*koji.RPM{ - { - Arch: "src", - BuildId: 10, - Name: "zlib", - Nvr: "zlib-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "i686", - BuildId: 10, - Name: "zlib", - Nvr: "zlib-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "zlib", - Nvr: "zlib-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "i686", - BuildId: 10, - Name: "zlib-debuginfo", - Nvr: "zlib-debuginfo-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "zlib-debuginfo", - Nvr: "zlib-debuginfo-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "i686", - BuildId: 10, - Name: "zlib-debugsource", - Nvr: "zlib-debugsource-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "zlib-debugsource", - Nvr: "zlib-debugsource-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "i686", - BuildId: 10, - Name: "zlib-devel", - Nvr: "zlib-devel-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - { - Arch: "x86_64", - BuildId: 10, - Name: "zlib-devel", - Nvr: "zlib-devel-1.2.11-18.el8_5", - Release: "18.el8_5", - Version: "1.2.11", - }, - } - - env = getDownstreamCheckEnv() - env.ExecuteWorkflow(controller.DownstreamCVECheckWorkflow) - require.Nil(t, env.GetWorkflowError()) - - affectedProducts, _ := controller.db.GetAllAffectedProductsByCVE("RHSA-2022:1642") - require.Len(t, affectedProducts, 1) - require.Equal(t, "zlib-1.2.11-18.el8_5", affectedProducts[0].Package) - require.Equal(t, int(apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM), affectedProducts[0].State) - - require.Len(t, mockDb.BuildReferences, 14) - require.Equal(t, "10", mockDb.BuildReferences[0].KojiID) -}*/ diff --git a/apollo/workflow/poll_mirror_cve.go b/apollo/workflow/poll_mirror_cve.go deleted file mode 100644 index abb4d83..0000000 --- a/apollo/workflow/poll_mirror_cve.go +++ /dev/null @@ -1,212 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "context" - "database/sql" - "encoding/json" - "fmt" - "github.com/jmoiron/sqlx/types" - "github.com/pkg/errors" - "go.temporal.io/sdk/activity" - "go.temporal.io/sdk/workflow" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/utils" - "strings" - "time" -) - -type ShortCodesRes struct { - ShortCodes []*apollodb.ShortCode `json:"short_codes"` -} - -func (c *Controller) pollCVEProcessProduct(ctx context.Context, product *apollodb.Product, shortCode *apollodb.ShortCode) error { - // Skip if the product doesn't define a valid Red Hat version - if !product.RedHatMajorVersion.Valid { - return nil - } - // Skip if product doesn't have correct Red Hat prefix - if !strings.HasPrefix(product.Name, product.RedHatProductPrefix.String) { - return nil - } - - var lastSync *time.Time - mirrorState, err := c.db.GetMirrorState(shortCode.Code) - if err != nil { - if err != sql.ErrNoRows { - c.log.Errorf("could not get last sync for code %s: %v", shortCode.Code, err) - // The cron will retry this - return nil - } - } else { - if mirrorState != nil && mirrorState.LastSync.Valid { - lastSync = &mirrorState.LastSync.Time - } - } - if lastSync == nil { - now := time.Now() - if product.MirrorFromDate.Valid { - now = product.MirrorFromDate.Time - } - lastSync = &now - } - - req := c.security.GetCves(ctx) - req = req.Product(productName(product.RedHatMajorVersion.Int32)) - if lastSync != nil { - req = req.After(lastSync.Format("2006-01-02")) - } - - page := 1 - for { - reqNew := req.Page(float32(page)) - cves, _, err := c.security.GetCvesExecute(reqNew) - if err != nil { - c.log.Errorf("could not get cves: %v", err) - return fmt.Errorf("could not get cves") - } - if len(cves) == 0 { - break - } - - for _, cve := range cves { - _, err := c.db.GetCVEByID(cve.CVE) - if err == nil { - continue - } - if err != sql.ErrNoRows { - c.log.Errorf("an unknown error occurred: %v", err) - return fmt.Errorf("an unknown error occurred") - } - - cveRh, _, err := c.security.GetCveExecute(c.security.GetCve(ctx, cve.CVE)) - if err != nil { - return errors.Wrap(err, "could not get cve") - } - cveBytes, err := json.Marshal(cveRh) - if err != nil { - return fmt.Errorf("could not marshal cve: %v", err) - } - - sourceBy := "Red Hat" - _, err = c.db.CreateCVE(cve.CVE, shortCode.Code, &sourceBy, &cve.ResourceUrl, types.NullJSONText{Valid: true, JSONText: cveBytes}) - if err != nil { - c.log.Errorf("could not create cve: %v", err) - return fmt.Errorf("could not create cve") - } - c.log.Infof("Added %s to %s with state NewFromUpstream", cve.CVE, shortCode.Code) - } - page++ - } - - err = c.db.UpdateMirrorState(shortCode.Code, utils.Pointer[time.Time](time.Now())) - if err != nil { - c.log.Errorf("could not update mirroring state: %v", err) - } - - return nil -} - -func (c *Controller) PollCVEProcessShortCodeActivity(ctx context.Context, shortCode *apollodb.ShortCode) error { - go func() { - for { - activity.RecordHeartbeat(ctx) - time.Sleep(10 * time.Second) - } - }() - - if int32(shortCode.Mode) != int32(apollopb.ShortCode_MODE_MIRROR) { - // This is not a mirrored short code, continue - return nil - } - - allProducts, err := c.db.GetProductsByShortCode(shortCode.Code) - if err != nil { - c.log.Errorf("could not get all products for code %s: %v", shortCode.Code, err) - // Returning nil since the cron will retry this - // We can set up an alert on the Grafana side to alert us - // if this happens too often - return nil - } - - for _, product := range allProducts { - err := c.pollCVEProcessProduct(ctx, product, shortCode) - if err != nil { - return err - } - } - - return nil -} - -func (c *Controller) GetAllShortCodesActivity() (*ShortCodesRes, error) { - s, err := c.db.GetAllShortCodes() - if err != nil { - return nil, err - } - - return &ShortCodesRes{ - ShortCodes: s, - }, nil -} - -func (c *Controller) PollRedHatCVEsWorkflow(ctx workflow.Context) error { - shortCodeCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: time.Minute, - StartToCloseTimeout: time.Minute, - }) - var shortCodeRes ShortCodesRes - err := workflow.ExecuteActivity(shortCodeCtx, c.GetAllShortCodesActivity).Get(ctx, &shortCodeRes) - if err != nil { - return err - } - - var futures []workflow.Future - for _, shortCode := range shortCodeRes.ShortCodes { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 5 * time.Minute, - StartToCloseTimeout: 12 * time.Hour, - HeartbeatTimeout: 30 * time.Second, - }) - futures = append(futures, workflow.ExecuteActivity(activityCtx, c.PollCVEProcessShortCodeActivity, shortCode)) - } - - for _, future := range futures { - err := future.Get(ctx, nil) - if err != nil { - return err - } - } - - return nil -} diff --git a/apollo/workflow/poll_mirror_cve_test.go b/apollo/workflow/poll_mirror_cve_test.go deleted file mode 100644 index 70972b9..0000000 --- a/apollo/workflow/poll_mirror_cve_test.go +++ /dev/null @@ -1,118 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "github.com/stretchr/testify/require" - "go.temporal.io/sdk/testsuite" - "peridot.resf.org/apollo/rhsecurity" - "testing" -) - -func getPollRedHatCVEsEnv() *testsuite.TestWorkflowEnvironment { - env := testWfSuite.NewTestWorkflowEnvironment() - env.RegisterActivity(controller.GetAllShortCodesActivity) - env.RegisterActivity(controller.PollCVEProcessShortCodeActivity) - - return env -} - -func TestInstance_PollRedHatForNewCVEs_AddNewCVE(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{} - require.Nil(t, readTestDataJson("testdata/CVE-2021-3602.json", securityMock.ActiveCVE)) - - env := getPollRedHatCVEsEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - cves, _ := controller.db.GetAllUnresolvedCVEs() - require.Len(t, cves, 1) - require.Equal(t, "CVE-2021-3602", cves[0].ID) -} - -func TestPollRedHatForNewCVEs_SkipExistingCVE(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{} - require.Nil(t, readTestDataJson("testdata/CVE-2021-3602.json", securityMock.ActiveCVE)) - - env := getPollRedHatCVEsEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - cves, _ := controller.db.GetAllUnresolvedCVEs() - require.Len(t, cves, 1) - require.Equal(t, "CVE-2021-3602", cves[0].ID) - - env = getPollRedHatCVEsEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - cves, _ = controller.db.GetAllUnresolvedCVEs() - require.Len(t, cves, 1) - require.Equal(t, "CVE-2021-3602", cves[0].ID) -} diff --git a/apollo/workflow/poll_mirror_errata.go b/apollo/workflow/poll_mirror_errata.go deleted file mode 100644 index f0fe044..0000000 --- a/apollo/workflow/poll_mirror_errata.go +++ /dev/null @@ -1,304 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "context" - "database/sql" - "encoding/json" - "fmt" - "github.com/jmoiron/sqlx/types" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" - "go.temporal.io/sdk/activity" - "go.temporal.io/sdk/workflow" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rpmutils" - "peridot.resf.org/utils" - "strconv" - "strings" - "time" -) - -func (c *Controller) processErrataShortCodeProduct(shortCode *apollodb.ShortCode, product *apollodb.Product) error { - if !product.RedHatMajorVersion.Valid { - return nil - } - if !strings.HasPrefix(product.Name, product.RedHatProductPrefix.String) { - return nil - } - - ignoredUpstreamPackages, err := c.db.GetAllIgnoredPackagesByProductID(product.ID) - if err != nil { - logrus.Errorf("could not get ignored packages: %v", err) - return fmt.Errorf("could not get ignored packages") - } - - var lastSync *time.Time - mirrorState, err := c.db.GetMirrorState(shortCode.Code) - if err == nil { - if mirrorState.ErrataAfter.Valid { - lastSync = &mirrorState.ErrataAfter.Time - } - } - - advisories, err := c.errata.GetAdvisories(product.CurrentFullVersion, lastSync) - if err != nil { - logrus.Errorf("Could not get Red Hat Advisories: %v", err) - return fmt.Errorf("could not get Red Hat Advisories") - } - - var newLastSync *time.Time - - parentBeginTx, err := c.db.Begin() - if err != nil { - return fmt.Errorf("could not begin transaction: %v", err) - } - parentTx := c.db.UseTransaction(parentBeginTx) - rollbackParent := true - defer func() { - if rollbackParent { - _ = parentBeginTx.Rollback() - } - }() - - for _, advisory := range advisories { - if newLastSync == nil { - parsedTime, err := time.Parse(time.RFC3339, advisory.PublicationDate) - if err == nil { - newLastSync = &parsedTime - _ = parentTx.UpdateMirrorStateErrata(shortCode.Code, newLastSync) - } - } - - advisoryId := rpmutils.AdvisoryId().FindStringSubmatch(advisory.Name) - if len(advisoryId) < 5 { - logrus.Errorf("Invalid advisory %s", advisory.Name) - return nil - } - code := advisoryId[1] - year, err := strconv.Atoi(advisoryId[3]) - if err != nil { - logrus.Errorf("Invalid advisory %s", advisory.Name) - return nil - } - num, err := strconv.Atoi(advisoryId[4]) - if err != nil { - logrus.Errorf("Invalid advisory %s", advisory.Name) - return nil - } - - beginTx, err := c.db.Begin() - if err != nil { - logrus.Errorf("Could not begin tx: %v", err) - return fmt.Errorf("could not begin tx") - } - tx := c.db.UseTransaction(beginTx) - - _, err = tx.GetAdvisoryByCodeAndYearAndNum(code, year, num) - if err != nil { - if err == sql.ErrNoRows { - // If security then just add CVEs, the rest should be automatic - if strings.HasPrefix(advisory.Name, "RHSA") { - for _, cve := range advisory.CVEs { - _, err := tx.GetCVEByID(cve) - if err == nil { - continue - } - if err != sql.ErrNoRows { - logrus.Errorf("an unknown error occurred: %v", err) - _ = beginTx.Rollback() - return fmt.Errorf("an unknown error occurred") - } - - sourceBy := "Red Hat" - resourceUrl := fmt.Sprintf("https://access.redhat.com/hydra/rest/securitydata/cve/%s.json", cve) - - cveRh, _, err := c.security.GetCveExecute(c.security.GetCve(context.TODO(), cve)) - if err != nil { - return errors.Wrap(err, "could not get cve") - } - cveBytes, err := json.Marshal(cveRh) - if err != nil { - return fmt.Errorf("could not marshal cve: %v", err) - } - - _, err = tx.CreateCVE(cve, shortCode.Code, &sourceBy, &resourceUrl, types.NullJSONText{Valid: true, JSONText: cveBytes}) - if err != nil { - logrus.Errorf("could not create cve: %v", err) - _ = beginTx.Rollback() - return fmt.Errorf("could not create cve") - } - logrus.Infof("Added %s to %s (%s)", cve, shortCode.Code, advisory.Name) - } - } else if strings.HasPrefix(advisory.Name, "RHBA") || strings.HasPrefix(advisory.Name, "RHEA") { - _, err := tx.GetAffectedProductByAdvisory(advisory.Name) - if err != nil { - if err == sql.ErrNoRows { - _, err := tx.GetCVEByID(advisory.Name) - if err == nil { - continue - } - if err != sql.ErrNoRows { - logrus.Errorf("an unknown error occurred: %v", err) - _ = beginTx.Rollback() - return fmt.Errorf("an unknown error occurred") - } - - sourceBy := "Red Hat" - resourceUrl := fmt.Sprintf("https://access.redhat.com/errata/%s", advisory.Name) - _, err = tx.CreateCVE(advisory.Name, product.ShortCode, &sourceBy, &resourceUrl, types.NullJSONText{}) - if err != nil { - _ = beginTx.Rollback() - return fmt.Errorf("could not create cve: %v", err) - } - - for _, srpm := range advisory.AffectedPackages { - if !strings.Contains(srpm, ".src.rpm") { - continue - } - - pkg := strings.Replace(srpm, ".src.rpm", "", 1) - - nvr := rpmutils.NVR().FindStringSubmatch(pkg) - var packageName string - if len(nvr) >= 2 { - packageName = nvr[1] - } else { - packageName = pkg - } - if utils.StrContains(packageName, ignoredUpstreamPackages) { - continue - } - dist := fmt.Sprintf("el%d", product.RedHatMajorVersion.Int32) - if !strings.Contains(pkg, dist) { - continue - } - if strings.Contains(pkg, dist+"sat") { - continue - } - _, err := tx.CreateAffectedProduct(product.ID, advisory.Name, int(apollopb.AffectedProduct_STATE_FIXED_UPSTREAM), product.CurrentFullVersion, pkg, &advisory.Name) - if err != nil { - _ = beginTx.Rollback() - return fmt.Errorf("could not create affected product for srpm: %v", err) - } - } - logrus.Infof("Added %s to %s", advisory.Name, shortCode.Code) - } else { - _ = beginTx.Rollback() - return fmt.Errorf("Could not get affected product by advisory: %v", err) - } - } - } - } else { - _ = beginTx.Rollback() - logrus.Errorf("Could not fetch advisory: %v", err) - return err - } - } - - err = beginTx.Commit() - if err != nil { - logrus.Errorf("Could not commit new advisory tx: %v", err) - return err - } - } - - rollbackParent = false - err = parentBeginTx.Commit() - if err != nil { - logrus.Errorf("Could not commit parent tx: %v", err) - return err - } - - return nil -} - -func (c *Controller) ProcessRedHatErrataShortCodeActivity(ctx context.Context, shortCode *apollodb.ShortCode) error { - go func() { - for { - activity.RecordHeartbeat(ctx) - time.Sleep(10 * time.Second) - } - }() - - if int32(shortCode.Mode) != int32(apollopb.ShortCode_MODE_MIRROR) { - // This is not a mirrored short code, continue - return nil - } - - allProducts, err := c.db.GetProductsByShortCode(shortCode.Code) - if err != nil { - logrus.Errorf("could not get all products for code %s: %v", shortCode.Code, err) - return fmt.Errorf("could not get all products for code %s", shortCode.Code) - } - - for _, product := range allProducts { - err := c.processErrataShortCodeProduct(shortCode, product) - if err != nil { - return err - } - } - - return nil -} - -func (c *Controller) PollRedHatErrataWorkflow(ctx workflow.Context) error { - shortCodeCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: time.Minute, - StartToCloseTimeout: time.Minute, - }) - var shortCodeRes ShortCodesRes - err := workflow.ExecuteActivity(shortCodeCtx, c.GetAllShortCodesActivity).Get(ctx, &shortCodeRes) - if err != nil { - return err - } - - var futures []workflow.Future - for _, shortCode := range shortCodeRes.ShortCodes { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 5 * time.Minute, - StartToCloseTimeout: 12 * time.Hour, - HeartbeatTimeout: 30 * time.Second, - }) - futures = append(futures, workflow.ExecuteActivity(activityCtx, c.ProcessRedHatErrataShortCodeActivity, shortCode)) - } - - for _, future := range futures { - err := future.Get(ctx, nil) - if err != nil { - return err - } - } - - return nil -} diff --git a/apollo/workflow/poll_mirror_errata_test.go b/apollo/workflow/poll_mirror_errata_test.go deleted file mode 100644 index 0efc745..0000000 --- a/apollo/workflow/poll_mirror_errata_test.go +++ /dev/null @@ -1,141 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "github.com/stretchr/testify/require" - "go.temporal.io/sdk/testsuite" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rherrata" - "testing" -) - -func getPollRedHatErrataEnv() *testsuite.TestWorkflowEnvironment { - env := testWfSuite.NewTestWorkflowEnvironment() - env.RegisterActivity(controller.GetAllShortCodesActivity) - env.RegisterActivity(controller.ProcessRedHatErrataShortCodeActivity) - - return env -} - -func TestInstance_ScanRedHatErrata_RHSA20212595_Security_CVE(t *testing.T) { - resetDb() - - errataMock.Advisories.Response.Docs = []*rherrata.CompactErrata{ - { - Name: "RHSA-2021:2595", - Description: "", - Synopsis: "", - Severity: "Moderate", - Type: "Security", - AffectedPackages: []string{ - "389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm", - "389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm", - "python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm", - }, - CVEs: []string{ - "CVE-2021-3514", - }, - Fixes: []string{ - "1952907", - "1960720", - "1968588", - "1970791", - "1972721", - "1972738", - }, - PublicationDate: "2021-06-29T00:00:00Z", - }, - } - - env := getPollRedHatErrataEnv() - env.ExecuteWorkflow(controller.PollRedHatErrataWorkflow) - require.Nil(t, env.GetWorkflowError()) - - cves, _ := controller.db.GetAllUnresolvedCVEs() - require.Len(t, cves, 1) - require.Equal(t, "CVE-2021-3514", cves[0].ID) -} - -func TestInstance_ScanRedHatErrata_BugFix_Erratum(t *testing.T) { - resetDb() - - errataMock.Advisories.Response.Docs = []*rherrata.CompactErrata{ - { - Name: "RHBA-2021:2593", - Description: "", - Synopsis: "", - Severity: "None", - Type: "Bug Fix", - AffectedPackages: []string{ - "cmake-3.18.2-11.el8_4.src.rpm", - "cmake-3.18.2-11.el8_4.x86_64.rpm", - "cmake-data-3.18.2-11.el8_4.noarch.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-debugsource-3.18.2-11.el8_4.i686.rpm", - "cmake-debugsource-3.18.2-11.el8_4.x86_64.rpm", - "cmake-doc-3.18.2-11.el8_4.noarch.rpm", - "cmake-filesystem-3.18.2-11.el8_4.i686.rpm", - "cmake-filesystem-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-3.18.2-11.el8_4.x86_64.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.i686.rpm", - "cmake-gui-debuginfo-3.18.2-11.el8_4.x86_64.rpm", - "cmake-rpm-macros-3.18.2-11.el8_4.noarch.rpm", - }, - CVEs: []string{}, - Fixes: []string{}, - PublicationDate: "2021-06-29T00:00:00Z", - }, - } - - env := getPollRedHatErrataEnv() - env.ExecuteWorkflow(controller.PollRedHatErrataWorkflow) - require.Nil(t, env.GetWorkflowError()) - - cves := mockDb.Cves - require.Len(t, cves, 1) - require.Equal(t, "RHBA-2021:2593", cves[0].ID) - - affectedProducts, _ := controller.db.GetAllAffectedProductsByCVE(cves[0].ID) - require.Len(t, affectedProducts, 1) - require.Equal(t, "cmake-3.18.2-11.el8_4", affectedProducts[0].Package) - require.Equal(t, int(apollopb.AffectedProduct_STATE_FIXED_UPSTREAM), affectedProducts[0].State) -} diff --git a/apollo/workflow/testdata/CVE-2021-3602.json b/apollo/workflow/testdata/CVE-2021-3602.json deleted file mode 100644 index 6a30594..0000000 --- a/apollo/workflow/testdata/CVE-2021-3602.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "threat_severity": "Moderate", - "public_date": "2021-07-15T14:00:00Z", - "bugzilla": { - "description": "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - "id": "1969264", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969264" - }, - "cvss3": { - "cvss3_base_score": "5.6", - "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - "status": "verified" - }, - "cwe": "CWE-200", - "details": [ - "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).", - "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials)." - ], - "statement": "OpenShift Container Platform 4's builder container is not vulnerable to this flaw as it uses OCI isolation (i.e. using runc) and does not use chroot isolation.", - "acknowledgement": "Red Hat would like to thank Blake Burkhart for reporting this issue.", - "affected_release": [ - { - "product_name": "Red Hat Enterprise Linux 8", - "release_date": "2021-11-09T00:00:00Z", - "advisory": "RHSA-2021:4154", - "cpe": "cpe:/a:redhat:enterprise_linux:8", - "package": "container-tools:rhel8-8050020210921082437.faa19cc5" - }, - { - "product_name": "Red Hat Enterprise Linux 8", - "release_date": "2021-11-09T00:00:00Z", - "advisory": "RHSA-2021:4221", - "cpe": "cpe:/a:redhat:enterprise_linux:8", - "package": "container-tools:2.0-8050020210817115648.faa19cc5" - }, - { - "product_name": "Red Hat Enterprise Linux 8", - "release_date": "2021-11-09T00:00:00Z", - "advisory": "RHSA-2021:4222", - "cpe": "cpe:/a:redhat:enterprise_linux:8", - "package": "container-tools:3.0-8050020210915114620.faa19cc5" - } - ], - "package_state": [ - { - "product_name": "Red Hat Enterprise Linux 7", - "fix_state": "Out of support scope", - "package_name": "buildah", - "cpe": "cpe:/o:redhat:enterprise_linux:7" - }, - { - "product_name": "Red Hat Enterprise Linux 7", - "fix_state": "Out of support scope", - "package_name": "podman", - "cpe": "cpe:/o:redhat:enterprise_linux:7" - }, - { - "product_name": "Red Hat Enterprise Linux 9", - "fix_state": "Not affected", - "package_name": "buildah", - "cpe": "cpe:/o:redhat:enterprise_linux:9" - }, - { - "product_name": "Red Hat Enterprise Linux 9", - "fix_state": "Not affected", - "package_name": "podman", - "cpe": "cpe:/o:redhat:enterprise_linux:9" - }, - { - "product_name": "Red Hat OpenShift Container Platform 3.11", - "fix_state": "Will not fix", - "package_name": "podman", - "cpe": "cpe:/a:redhat:openshift:3.11" - }, - { - "product_name": "Red Hat OpenShift Container Platform 4", - "fix_state": "Will not fix", - "package_name": "buildah", - "cpe": "cpe:/a:redhat:openshift:4" - }, - { - "product_name": "Red Hat OpenShift Container Platform 4", - "fix_state": "Not affected", - "package_name": "cri-o", - "cpe": "cpe:/a:redhat:openshift:4" - }, - { - "product_name": "Red Hat OpenShift Container Platform 4", - "fix_state": "Not affected", - "package_name": "openshift4/ose-docker-builder", - "cpe": "cpe:/a:redhat:openshift:4" - }, - { - "product_name": "Red Hat OpenShift Container Platform 4", - "fix_state": "Will not fix", - "package_name": "podman", - "cpe": "cpe:/a:redhat:openshift:4" - }, - { - "product_name": "Red Hat Quay 3", - "fix_state": "Affected", - "package_name": "quay/quay-builder-rhel8", - "cpe": "cpe:/a:redhat:quay:3" - } - ], - "upstream_fix": "buildah 1.16.8, buildah 1.19.9, buildah 1.17.2, buildah 1.21.3", - "references": [ - "https://github.com/containers/buildah/security/advisories/GHSA-7638-r9r3-rmjj" - ], - "name": "CVE-2021-3602", - "csaw": false -} diff --git a/apollo/workflow/testdata/RHBA-2021-2593.html b/apollo/workflow/testdata/RHBA-2021-2593.html deleted file mode 100644 index 38b3015..0000000 --- a/apollo/workflow/testdata/RHBA-2021-2593.html +++ /dev/null @@ -1,1153 +0,0 @@ -
-
-
Issued:
-
2021-06-29
-
Updated:
-
2021-06-29
-
-

RHSA-2021:2595 - Security Advisory

-
- -
-
-
-
-
-

Synopsis

-

Moderate: 389-ds:1.4 security and bug fix update

-
-
-

Type/Severity

-

Security Advisory: Moderate

-
-
-
-
-
-

Red Hat Insights patch analysis

-
-
-

Identify and remediate systems affected by this advisory.

-

- View - affected systems -

-
-
-
-
-
-

Topic

-

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.

-

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common - Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for - each vulnerability from the CVE link(s) in the References section.

-
-
-

Description

-

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the - Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. -

-

Security Fix(es):

-
    -
  • 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() (CVE-2021-3514)
    • -
-

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and - other related information, refer to the CVE page(s) listed in the References section.

-

Bug Fix(es):

-
    -
  • ACIs are being evaluated against the Replication Manager account in a replication context. - (BZ#1968588) -
    • -
  • A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind - rule (BZ#1970791) -
    • -
  • Large updates can reset the CLcache to the beginning of the changelog (BZ#1972721)
    • -
  • Changelog cache can upload updates from a wrong starting point (CSN) (BZ#1972738)
    • -
-
-
-

Solution

-

For details on how to apply this update, which includes the changes described in this advisory, refer - to:

-

https://access.redhat.com/articles/11258

-
-
-

Affected Products

-
    -
  • - Red Hat Enterprise Linux for x86_64 8 x86_64 -
    • -
  • - Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux Server - AUS 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux for IBM z Systems 8 s390x -
    • -
  • - Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x -
    • -
  • - Red Hat Enterprise Linux for Power, little endian 8 ppc64le -
    • -
  • - Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le -
    • -
  • - Red Hat Enterprise Linux Server - TUS 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux for ARM 64 8 aarch64 -
    • -
  • - Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64 -
    • -
  • - Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le -
    • -
  • - Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64 -
    • -
-
-
-

Fixes

-
    -
  • - BZ - 1952907 - - CVE-2021-3514 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() -
    • -
  • - BZ - 1960720 - - CVE-2021-3514 389-ds:1.4/389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() - [rhel-8] [rhel-8.4.0.z] -
    • -
  • - BZ - 1968588 - - ACIs are being evaluated against the Replication Manager account in a replication context. - [rhel-8.4.0.z] -
    • -
  • - BZ - 1970791 - - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind - rule [rhel-8.4.0.z] -
    • -
  • - BZ - 1972721 - - Large updates can reset the CLcache to the beginning of the changelog [rhel-8.4.0.z] -
    • -
  • - BZ - 1972738 - - Changelog cache can upload updates from a wrong starting point (CSN) [rhel-8.4.0.z] -
    • -
-
-
-

CVEs

- -
- -
-
- - - -

Red Hat Enterprise Linux for x86_64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux Server - AUS 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for IBM z Systems 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
s390x
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 4c67f8291f6a3d86d94d72a929888b6f1c04c49e631d5b5a93767e00a7b131de
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bc95c0c35c86de91a275f795efea6f5749086a1af2ceb7da264acf3a17fe44ab
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b5fe4ec98e3d1f4a71463e4e17b382cbecb3dcf8cbd8d9b4856e0d9d3e9d4c46
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 9a87d174335e25060e7b83f73e8168f3ece5589749a21329d4ff08002fd8c725
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b010286dc4e5768e21cccb1487c5760c91f024d503ec0f5df87ff4adc0480ced
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: a1af023b7338a9507557f681b01317c6c0414841450e600ad35eb79a8e30e78c
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bab58b58b44cad6ed1ae1412286d205a881d529c16b350b9750585ca10122587
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: c65bee40e8c1355f22eb0f8cdb2b90169aa502d88522e7aeca822712b728679b
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: e18be9b78761cb08a939c42693bc154a2d5a5e4025b4e65ebe3b8d8da7ab0ed8
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: cb424203287c1fe6b8ba2ec01aefecbcced7edcc838226cd2e62f4a8c0715d14
-

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
s390x
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 4c67f8291f6a3d86d94d72a929888b6f1c04c49e631d5b5a93767e00a7b131de
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bc95c0c35c86de91a275f795efea6f5749086a1af2ceb7da264acf3a17fe44ab
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b5fe4ec98e3d1f4a71463e4e17b382cbecb3dcf8cbd8d9b4856e0d9d3e9d4c46
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 9a87d174335e25060e7b83f73e8168f3ece5589749a21329d4ff08002fd8c725
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b010286dc4e5768e21cccb1487c5760c91f024d503ec0f5df87ff4adc0480ced
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: a1af023b7338a9507557f681b01317c6c0414841450e600ad35eb79a8e30e78c
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bab58b58b44cad6ed1ae1412286d205a881d529c16b350b9750585ca10122587
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: c65bee40e8c1355f22eb0f8cdb2b90169aa502d88522e7aeca822712b728679b
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: e18be9b78761cb08a939c42693bc154a2d5a5e4025b4e65ebe3b8d8da7ab0ed8
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: cb424203287c1fe6b8ba2ec01aefecbcced7edcc838226cd2e62f4a8c0715d14
-

Red Hat Enterprise Linux for Power, little endian 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux Server - TUS 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for ARM 64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
aarch64
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4a02eb7de4f3a30919e45c3ad43f623ef398f31a8fcbe9dc7eef935aa757b310
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 7d711dca2bae3010368dea818533792b040623af04986b4fc35ea4221796696e
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: c77de0fe44e3354b8d9f72141292963214219c4089a1e0751cb47d2c94073f83
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 86a182dc254fc1af5b72ea2cc02a60aac6dad1c79a1737f0086d23ef2820bc7b
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: db01a32dbef6f7aaaf653393cff8eccc623ab636710cdfd38ae4e9893f209445
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 75687d57c4a1e5204077df134580c7209f71b5739100f8e9b6a9cdddadb3de4d
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 2c896dcdfd5ac4efe3646ae228757c06c8d5e63337a88b972396b67c772f2bed
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 02e87aaef082258ed1a949e797b7d1d4eb45b49cd8258501733fa0f4a126265a
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 79c53724af87e7d82bc0095e57c803caabddc0aec1922c642f981674c8b5df89
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4aa01a4d8bb3bd73f3a1f8d624090fb0efa95f70e4d713f0f6cfdd7a05061da3
-

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
aarch64
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4a02eb7de4f3a30919e45c3ad43f623ef398f31a8fcbe9dc7eef935aa757b310
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 7d711dca2bae3010368dea818533792b040623af04986b4fc35ea4221796696e
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: c77de0fe44e3354b8d9f72141292963214219c4089a1e0751cb47d2c94073f83
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 86a182dc254fc1af5b72ea2cc02a60aac6dad1c79a1737f0086d23ef2820bc7b
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: db01a32dbef6f7aaaf653393cff8eccc623ab636710cdfd38ae4e9893f209445
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 75687d57c4a1e5204077df134580c7209f71b5739100f8e9b6a9cdddadb3de4d
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 2c896dcdfd5ac4efe3646ae228757c06c8d5e63337a88b972396b67c772f2bed
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 02e87aaef082258ed1a949e797b7d1d4eb45b49cd8258501733fa0f4a126265a
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 79c53724af87e7d82bc0095e57c803caabddc0aec1922c642f981674c8b5df89
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4aa01a4d8bb3bd73f3a1f8d624090fb0efa95f70e4d713f0f6cfdd7a05061da3
-

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- -
-
-
-
diff --git a/apollo/workflow/testdata/RHSA-2021-2595.html b/apollo/workflow/testdata/RHSA-2021-2595.html deleted file mode 100644 index f390d9f..0000000 --- a/apollo/workflow/testdata/RHSA-2021-2595.html +++ /dev/null @@ -1,1154 +0,0 @@ -
-
-
Issued:
-
2021-06-29
-
Updated:
-
2021-06-29
-
-

RHSA-2021:2595 - Security Advisory

-
- -
-
-
-
-
-

Synopsis

-

Moderate: 389-ds:1.4 security and bug fix update

-
-
-

Type/Severity

-

Security Advisory: Moderate

-
-
-
-
-
-

Red Hat Insights patch analysis

-
-
-

Identify and remediate systems affected by this advisory.

-

- View - affected systems -

-
-
-
-
-
-

Topic

-

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.

-

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common - Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for - each vulnerability from the CVE link(s) in the References section.

-
-
-

Description

-

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the - Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server - administration.

-

Security Fix(es):

-
    -
  • 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() (CVE-2021-3514)
    • -
-

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and - other related information, refer to the CVE page(s) listed in the References section.

-

Bug Fix(es):

-
    -
  • ACIs are being evaluated against the Replication Manager account in a replication context. - (BZ#1968588) -
    • -
  • A connection can be erroneously flagged as replication conn during evaluation of an aci with ip - bind rule (BZ#1970791) -
    • -
  • Large updates can reset the CLcache to the beginning of the changelog (BZ#1972721)
    • -
  • Changelog cache can upload updates from a wrong starting point (CSN) (BZ#1972738)
    • -
-
-
-

Solution

-

For details on how to apply this update, which includes the changes described in this advisory, refer - to:

-

https://access.redhat.com/articles/11258 -

-
-
-

Affected Products

-
    -
  • - Red Hat Enterprise Linux for x86_64 8 x86_64 -
    • -
  • - Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux Server - AUS 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux for IBM z Systems 8 s390x -
    • -
  • - Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x -
    • -
  • - Red Hat Enterprise Linux for Power, little endian 8 ppc64le -
    • -
  • - Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le -
    • -
  • - Red Hat Enterprise Linux Server - TUS 8.4 x86_64 -
    • -
  • - Red Hat Enterprise Linux for ARM 64 8 aarch64 -
    • -
  • - Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64 -
    • -
  • - Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le -
    • -
  • - Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64 -
    • -
-
-
-

Fixes

-
    -
  • - BZ - 1952907 - - CVE-2021-3514 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() -
    • -
  • - BZ - 1960720 - - CVE-2021-3514 389-ds:1.4/389-ds-base: sync_repl NULL pointer dereference in - sync_create_state_control() [rhel-8] [rhel-8.4.0.z] -
    • -
  • - BZ - 1968588 - - ACIs are being evaluated against the Replication Manager account in a replication context. - [rhel-8.4.0.z] -
    • -
  • - BZ - 1970791 - - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind - rule [rhel-8.4.0.z] -
    • -
  • - BZ - 1972721 - - Large updates can reset the CLcache to the beginning of the changelog [rhel-8.4.0.z] -
    • -
  • - BZ - 1972738 - - Changelog cache can upload updates from a wrong starting point (CSN) [rhel-8.4.0.z] -
    • -
-
-
-

CVEs

- -
- -
-
- - - -

Red Hat Enterprise Linux for x86_64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux Server - AUS 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for IBM z Systems 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
s390x
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 4c67f8291f6a3d86d94d72a929888b6f1c04c49e631d5b5a93767e00a7b131de
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bc95c0c35c86de91a275f795efea6f5749086a1af2ceb7da264acf3a17fe44ab
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b5fe4ec98e3d1f4a71463e4e17b382cbecb3dcf8cbd8d9b4856e0d9d3e9d4c46
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 9a87d174335e25060e7b83f73e8168f3ece5589749a21329d4ff08002fd8c725
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b010286dc4e5768e21cccb1487c5760c91f024d503ec0f5df87ff4adc0480ced
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: a1af023b7338a9507557f681b01317c6c0414841450e600ad35eb79a8e30e78c
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bab58b58b44cad6ed1ae1412286d205a881d529c16b350b9750585ca10122587
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: c65bee40e8c1355f22eb0f8cdb2b90169aa502d88522e7aeca822712b728679b
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: e18be9b78761cb08a939c42693bc154a2d5a5e4025b4e65ebe3b8d8da7ab0ed8
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: cb424203287c1fe6b8ba2ec01aefecbcced7edcc838226cd2e62f4a8c0715d14
-

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
s390x
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 4c67f8291f6a3d86d94d72a929888b6f1c04c49e631d5b5a93767e00a7b131de
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bc95c0c35c86de91a275f795efea6f5749086a1af2ceb7da264acf3a17fe44ab
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b5fe4ec98e3d1f4a71463e4e17b382cbecb3dcf8cbd8d9b4856e0d9d3e9d4c46
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: 9a87d174335e25060e7b83f73e8168f3ece5589749a21329d4ff08002fd8c725
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: b010286dc4e5768e21cccb1487c5760c91f024d503ec0f5df87ff4adc0480ced
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: a1af023b7338a9507557f681b01317c6c0414841450e600ad35eb79a8e30e78c
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: bab58b58b44cad6ed1ae1412286d205a881d529c16b350b9750585ca10122587
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: c65bee40e8c1355f22eb0f8cdb2b90169aa502d88522e7aeca822712b728679b
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: e18be9b78761cb08a939c42693bc154a2d5a5e4025b4e65ebe3b8d8da7ab0ed8
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm - SHA-256: cb424203287c1fe6b8ba2ec01aefecbcced7edcc838226cd2e62f4a8c0715d14
-

Red Hat Enterprise Linux for Power, little endian 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux Server - TUS 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
-

Red Hat Enterprise Linux for ARM 64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
aarch64
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4a02eb7de4f3a30919e45c3ad43f623ef398f31a8fcbe9dc7eef935aa757b310
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 7d711dca2bae3010368dea818533792b040623af04986b4fc35ea4221796696e
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: c77de0fe44e3354b8d9f72141292963214219c4089a1e0751cb47d2c94073f83
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 86a182dc254fc1af5b72ea2cc02a60aac6dad1c79a1737f0086d23ef2820bc7b
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: db01a32dbef6f7aaaf653393cff8eccc623ab636710cdfd38ae4e9893f209445
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 75687d57c4a1e5204077df134580c7209f71b5739100f8e9b6a9cdddadb3de4d
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 2c896dcdfd5ac4efe3646ae228757c06c8d5e63337a88b972396b67c772f2bed
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 02e87aaef082258ed1a949e797b7d1d4eb45b49cd8258501733fa0f4a126265a
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 79c53724af87e7d82bc0095e57c803caabddc0aec1922c642f981674c8b5df89
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4aa01a4d8bb3bd73f3a1f8d624090fb0efa95f70e4d713f0f6cfdd7a05061da3
-

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
aarch64
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4a02eb7de4f3a30919e45c3ad43f623ef398f31a8fcbe9dc7eef935aa757b310
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 7d711dca2bae3010368dea818533792b040623af04986b4fc35ea4221796696e
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: c77de0fe44e3354b8d9f72141292963214219c4089a1e0751cb47d2c94073f83
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 86a182dc254fc1af5b72ea2cc02a60aac6dad1c79a1737f0086d23ef2820bc7b
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: db01a32dbef6f7aaaf653393cff8eccc623ab636710cdfd38ae4e9893f209445
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 75687d57c4a1e5204077df134580c7209f71b5739100f8e9b6a9cdddadb3de4d
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 2c896dcdfd5ac4efe3646ae228757c06c8d5e63337a88b972396b67c772f2bed
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 02e87aaef082258ed1a949e797b7d1d4eb45b49cd8258501733fa0f4a126265a
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 79c53724af87e7d82bc0095e57c803caabddc0aec1922c642f981674c8b5df89
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm - SHA-256: 4aa01a4d8bb3bd73f3a1f8d624090fb0efa95f70e4d713f0f6cfdd7a05061da3
-

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
ppc64le
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 82b5478f388a7b4d3ab6ebbe694aa50c110d3dc790d0d534e877fc76ab0de3aa
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3e54412e78f34d23442365108e4a0d0424d8dc032c2da56e8ac8f7cdbaed3457
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: eea7ebd121ca78ea1a7b02011cb3491bce0386726fc40ebe4267a3de3833c306
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 9c632d74776e53e1c0ef3b6841339f4b220a9658ea70538ec28b4db02e300149
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 1fcd8210cefa67e8842b80585f4056d998b6a4a301739ecfc47cbe0899e43a47
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 3356a98d0562c7dc47aca8e6bbde069787da312fcdbc59ecb36ecb884316ce97
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: f7b3c0b996ac3f630808e95e4e7ed42941ad3aa7d966793276f6b5f03287fd92
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 282f63a613497840acb0cb135bdc88cfdf4938eb413cbf838bb71ce84ad308ab
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: 56c370e8fec7ce09e4d244cf2574a8db2b1ca87e466383dbd705765630ebf361
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm - SHA-256: c7b0f0008aefbac918c3b420fb64c6d3ed4863e17f559b63f717125fc05a1890
-

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm - SHA-256: 755cf17fdb1a74fc9337afac69432be8c2aa4847fbb3922caee7671e72b0a80d
x86_64
- 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: ab0e771851af13568f5a9bef2d374b0a5eb07344377d7d87765971586c30dfb8
- 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: a1e3a8d44f130a02a09b06de7f29b9f7ba2a7ce583a6ca85051c8586f67778d6
- 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 5e0b83cea83eab865f5b695368f037c0fd7ad6854d356661dd12125c8bef1c0c
- 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 748bef59cab787e2dafbc0c527e686be41f062dc8a48f7ae2d7c1126cb8363aa
- 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 8dd54a6e093ab49262e95caaebb413a351445e98c68ea2c92357a20be6538d0c
- 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 73493aa075c0bbdac3d23e7aa96a3c6d47e1af886aa872d6ded92eb20e5846cb
- 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 9045d009deccc6172061775a159e4e9bc3ccea5872b4b21c9e9a6c11320380dd
- 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 49f9549f4423691dce5acb98c7e2fcc1333b07995a69342f9df2ed30887413c4
- 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 14b7ff465e97415f89ce6140a5921e76ae9a9db23be9bb662b99d34f98075f9e
- 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm - SHA-256: 1fb7c1eb45aaee6d014b4b93ef08ed5e94bf0980275bfd5278b07b6429eb6c46
- python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm - SHA-256: 9f2f30159d1ab4caae7ae56a7de82decece38eca9c1c9fb6fc648e95c128766e
- -
-
-
-
diff --git a/apollo/workflow/testdata/RHSA-2022-1642.html b/apollo/workflow/testdata/RHSA-2022-1642.html deleted file mode 100644 index 0a50bf7..0000000 --- a/apollo/workflow/testdata/RHSA-2022-1642.html +++ /dev/null @@ -1,1597 +0,0 @@ -
-
-
Issued:
-
2022-04-28
-
Updated:
-
2022-04-28
-
-

RHSA-2022:1642 - Security Advisory

-
- -
-
-
-
-
-

Synopsis

-

Important: zlib security update

-
-
-

Type/Severity

-

Security Advisory: Important

-
-
-
-
-
-

Red Hat Insights patch analysis

-
-
-

Identify and remediate systems affected by this advisory.

-

- View - affected systems -

-
-
-
-
-
-

Topic

-

An update for zlib is now available for Red Hat Enterprise Linux 8.

-

Red Hat Product Security has rated this update as having a security impact of - Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a - detailed severity rating, is available for each vulnerability from the CVE link(s) in - the References section.

-
-
-

Description

-

The zlib packages provide a general-purpose lossless data compression library that is - used by many different programs.

-

Security Fix(es):

-
    -
  • zlib: A flaw found in zlib when compressing (not decompressing) certain inputs - (CVE-2018-25032) -
    • -
-

For more details about the security issue(s), including the impact, a CVSS score, - acknowledgments, and other related information, refer to the CVE page(s) listed in the - References section.

-
-
-

Solution

-

For details on how to apply this update, which includes the changes described in this - advisory, refer to:

-

https://access.redhat.com/articles/11258 -

-
-
-

Affected Products

- -
-
-

Fixes

-
    -
  • - BZ - - 2067945 - - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) - certain inputs -
    • -
-
-
-

CVEs

- -
- -
-
- - - -

Red Hat Enterprise Linux for x86_64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 - Download -
x86_64
- zlib-1.2.11-18.el8_5.i686.rpm - SHA-256: - a90f109267770c6833fffc3ce3db8f26995212b3adccaaeabd1b128f74e101a1 - Download -
- zlib-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 6bf8c03ef185b79579f42ce3404d01b0444772cc476081807002124e0331661e - Download -
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa - Download -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 - Download -
- zlib-devel-1.2.11-18.el8_5.i686.rpm - SHA-256: - 6b413b39392059773fad7d90c48c8528c32620104e0b65a0868b1a9e7159a0cd - Download -
- zlib-devel-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - c86cd8db282fec7d3b9ca3d723f7c75f6c4b7028cd06feef7c4f9593c122d677 - Download -
-

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 - Download -
x86_64
- zlib-1.2.11-18.el8_5.i686.rpm - SHA-256: - a90f109267770c6833fffc3ce3db8f26995212b3adccaaeabd1b128f74e101a1 - Download -
- zlib-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 6bf8c03ef185b79579f42ce3404d01b0444772cc476081807002124e0331661e - Download -
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa - Download -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 - Download -
- zlib-devel-1.2.11-18.el8_5.i686.rpm - SHA-256: - 6b413b39392059773fad7d90c48c8528c32620104e0b65a0868b1a9e7159a0cd - Download -
- zlib-devel-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - c86cd8db282fec7d3b9ca3d723f7c75f6c4b7028cd06feef7c4f9593c122d677 - Download -
-

Red Hat Enterprise Linux Server - AUS 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
x86_64
- zlib-1.2.11-18.el8_5.i686.rpm - SHA-256: - a90f109267770c6833fffc3ce3db8f26995212b3adccaaeabd1b128f74e101a1 -
- zlib-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 6bf8c03ef185b79579f42ce3404d01b0444772cc476081807002124e0331661e -
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 -
- zlib-devel-1.2.11-18.el8_5.i686.rpm - SHA-256: - 6b413b39392059773fad7d90c48c8528c32620104e0b65a0868b1a9e7159a0cd -
- zlib-devel-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - c86cd8db282fec7d3b9ca3d723f7c75f6c4b7028cd06feef7c4f9593c122d677 -
-

Red Hat Enterprise Linux for IBM z Systems 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
s390x
- zlib-1.2.11-18.el8_5.s390x.rpm - SHA-256: - f855d1de821ab906965599385bff2762317f216870502718cf7db45ba085e2e8 -
- zlib-debuginfo-1.2.11-18.el8_5.s390x.rpm - SHA-256: - c6a9314ccaafc8afa50d09a330452a9f4ccc4996a72fab41b4b5cdc08f515da5 -
- zlib-debugsource-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 32c678291e8120c2fc75e5f4d0175caccdb147e05f69954df8d308fe6dd636f4 -
- zlib-devel-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 5a9fa6ee9b33bc9b66d74cccf9011f69f218efcbe79a80f616abe6a4071e04cb -
-

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 - Download -
s390x
- zlib-1.2.11-18.el8_5.s390x.rpm - SHA-256: - f855d1de821ab906965599385bff2762317f216870502718cf7db45ba085e2e8 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.s390x.rpm - SHA-256: - c6a9314ccaafc8afa50d09a330452a9f4ccc4996a72fab41b4b5cdc08f515da5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 32c678291e8120c2fc75e5f4d0175caccdb147e05f69954df8d308fe6dd636f4 - Download -
- zlib-devel-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 5a9fa6ee9b33bc9b66d74cccf9011f69f218efcbe79a80f616abe6a4071e04cb - Download -
-

Red Hat Enterprise Linux for Power, little endian 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
ppc64le
- zlib-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - c1f153398f6a0b3291e54e2d1d1d836d55f7b92a5ebbd530c43d4631df1939cd -
- zlib-debuginfo-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 1c922905addc0b5cf283cfdf7b0aa3e6c6a61637ae09e76a9d1599cc2d5ff76a -
- zlib-debugsource-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 504cc9c0972151777c8c7fabf1d17734f95c2dcf80bca7e595626bc3025031a3 -
- zlib-devel-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 179cc20699dc4c90086fe65c356afec7c7ae17cf461756e70c63c33fbc6a3d83 -
-

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
ppc64le
- zlib-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - c1f153398f6a0b3291e54e2d1d1d836d55f7b92a5ebbd530c43d4631df1939cd -
- zlib-debuginfo-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 1c922905addc0b5cf283cfdf7b0aa3e6c6a61637ae09e76a9d1599cc2d5ff76a -
- zlib-debugsource-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 504cc9c0972151777c8c7fabf1d17734f95c2dcf80bca7e595626bc3025031a3 -
- zlib-devel-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 179cc20699dc4c90086fe65c356afec7c7ae17cf461756e70c63c33fbc6a3d83 -
-

Red Hat Enterprise Linux Server - TUS 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
x86_64
- zlib-1.2.11-18.el8_5.i686.rpm - SHA-256: - a90f109267770c6833fffc3ce3db8f26995212b3adccaaeabd1b128f74e101a1 -
- zlib-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 6bf8c03ef185b79579f42ce3404d01b0444772cc476081807002124e0331661e -
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 -
- zlib-devel-1.2.11-18.el8_5.i686.rpm - SHA-256: - 6b413b39392059773fad7d90c48c8528c32620104e0b65a0868b1a9e7159a0cd -
- zlib-devel-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - c86cd8db282fec7d3b9ca3d723f7c75f6c4b7028cd06feef7c4f9593c122d677 -
-

Red Hat Enterprise Linux for ARM 64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 - Download -
aarch64
- zlib-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - dc8795d53e6e0393fae20d7c7b3539f35248791ecca30a88ae830196c2b25ee9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - e63db78f6f45649600760069995367e358e0a1c158114162cca416fb58abb75a - Download -
- zlib-debugsource-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - ae655d78892a4d5fe6cd498b89607e42227ede25c5df083dc0b635e104294f03 - Download -
- zlib-devel-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - a03810ebbdac3e02a7a5ce900c4a2b46b9739f40d8bb4a1398ecc505bee172b9 - Download -
-

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions - 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
ppc64le
- zlib-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - c1f153398f6a0b3291e54e2d1d1d836d55f7b92a5ebbd530c43d4631df1939cd -
- zlib-debuginfo-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 1c922905addc0b5cf283cfdf7b0aa3e6c6a61637ae09e76a9d1599cc2d5ff76a -
- zlib-debugsource-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 504cc9c0972151777c8c7fabf1d17734f95c2dcf80bca7e595626bc3025031a3 -
- zlib-devel-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 179cc20699dc4c90086fe65c356afec7c7ae17cf461756e70c63c33fbc6a3d83 -
-

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 - Download -
x86_64
- zlib-1.2.11-18.el8_5.i686.rpm - SHA-256: - a90f109267770c6833fffc3ce3db8f26995212b3adccaaeabd1b128f74e101a1 - Download -
- zlib-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 6bf8c03ef185b79579f42ce3404d01b0444772cc476081807002124e0331661e - Download -
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa - Download -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 - Download -
- zlib-devel-1.2.11-18.el8_5.i686.rpm - SHA-256: - 6b413b39392059773fad7d90c48c8528c32620104e0b65a0868b1a9e7159a0cd - Download -
- zlib-devel-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - c86cd8db282fec7d3b9ca3d723f7c75f6c4b7028cd06feef7c4f9593c122d677 - Download -
-

Red Hat CodeReady Linux Builder for x86_64 8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
x86_64
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa - Download -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 - Download -
- zlib-static-1.2.11-18.el8_5.i686.rpm - SHA-256: - 0c81efcdef79c41cdb4e0e382b9f208182596a624979dd8b99699f72061439b5 - Download -
- zlib-static-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 4b3fda7f8da19d64094d017b48d338a13bd0907746bdd8926d06ea114a6c2767 - Download -
-

Red Hat CodeReady Linux Builder for Power, little endian 8

- - - - - - - - - - - - - - - - - - - -
SRPM
ppc64le
- zlib-debuginfo-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 1c922905addc0b5cf283cfdf7b0aa3e6c6a61637ae09e76a9d1599cc2d5ff76a -
- zlib-debugsource-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 504cc9c0972151777c8c7fabf1d17734f95c2dcf80bca7e595626bc3025031a3 -
- zlib-static-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 510d5664bd515feca486b589df207bfc3583cfdabdde1d7ecc2356a5c1dbadca -
-

Red Hat CodeReady Linux Builder for ARM 64 8

- - - - - - - - - - - - - - - - - - - - - - -
SRPM
aarch64
- zlib-debuginfo-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - e63db78f6f45649600760069995367e358e0a1c158114162cca416fb58abb75a - Download -
- zlib-debugsource-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - ae655d78892a4d5fe6cd498b89607e42227ede25c5df083dc0b635e104294f03 - Download -
- zlib-static-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - 7ddc4808adb653739289298c4404d0db1f05eec7a679c63746e84e37e76746ee - Download -
-

Red Hat CodeReady Linux Builder for IBM z Systems 8

- - - - - - - - - - - - - - - - - - - -
SRPM
s390x
- zlib-debuginfo-1.2.11-18.el8_5.s390x.rpm - SHA-256: - c6a9314ccaafc8afa50d09a330452a9f4ccc4996a72fab41b4b5cdc08f515da5 -
- zlib-debugsource-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 32c678291e8120c2fc75e5f4d0175caccdb147e05f69954df8d308fe6dd636f4 -
- zlib-static-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 1fb21725a93cc1cfb5cca9790546d529723e5cdb5de82186e14cf6d31b673019 -
-

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
- zlib-1.2.11-18.el8_5.src.rpm - SHA-256: - 34d93329c0ea279550c264b979f735e6ce445f8c2029e5077be906be463d3380 -
aarch64
- zlib-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - dc8795d53e6e0393fae20d7c7b3539f35248791ecca30a88ae830196c2b25ee9 -
- zlib-debuginfo-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - e63db78f6f45649600760069995367e358e0a1c158114162cca416fb58abb75a -
- zlib-debugsource-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - ae655d78892a4d5fe6cd498b89607e42227ede25c5df083dc0b635e104294f03 -
- zlib-devel-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - a03810ebbdac3e02a7a5ce900c4a2b46b9739f40d8bb4a1398ecc505bee172b9 -
-

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SRPM
x86_64
- zlib-debuginfo-1.2.11-18.el8_5.i686.rpm - SHA-256: - 17ee86a6ffd9bf5974598678d5442bcf59f45df089d801c74454fbe1cd2602f9 - Download -
- zlib-debuginfo-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 84b374c5bf36a1ac5b9508a6b72a7107f0aa71cc7f75b0d99639ac5a475d81f5 - Download -
- zlib-debugsource-1.2.11-18.el8_5.i686.rpm - SHA-256: - cd8cdc70cbe91fcb0a007a708fb2d3a8c8e5c69576ead7171902e26c276f88aa - Download -
- zlib-debugsource-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 82a50dab598003cd7ad5154781281991cfc053be797234626226bcdb389c82d0 - Download -
- zlib-static-1.2.11-18.el8_5.i686.rpm - SHA-256: - 0c81efcdef79c41cdb4e0e382b9f208182596a624979dd8b99699f72061439b5 - Download -
- zlib-static-1.2.11-18.el8_5.x86_64.rpm - SHA-256: - 4b3fda7f8da19d64094d017b48d338a13bd0907746bdd8926d06ea114a6c2767 - Download -
-

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support - 8.6

- - - - - - - - - - - - - - - - - - - -
SRPM
ppc64le
- zlib-debuginfo-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 1c922905addc0b5cf283cfdf7b0aa3e6c6a61637ae09e76a9d1599cc2d5ff76a -
- zlib-debugsource-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 504cc9c0972151777c8c7fabf1d17734f95c2dcf80bca7e595626bc3025031a3 -
- zlib-static-1.2.11-18.el8_5.ppc64le.rpm - SHA-256: - 510d5664bd515feca486b589df207bfc3583cfdabdde1d7ecc2356a5c1dbadca -
-

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - -
SRPM
s390x
- zlib-debuginfo-1.2.11-18.el8_5.s390x.rpm - SHA-256: - c6a9314ccaafc8afa50d09a330452a9f4ccc4996a72fab41b4b5cdc08f515da5 -
- zlib-debugsource-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 32c678291e8120c2fc75e5f4d0175caccdb147e05f69954df8d308fe6dd636f4 -
- zlib-static-1.2.11-18.el8_5.s390x.rpm - SHA-256: - 1fb21725a93cc1cfb5cca9790546d529723e5cdb5de82186e14cf6d31b673019 -
-

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

- - - - - - - - - - - - - - - - - - - -
SRPM
aarch64
- zlib-debuginfo-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - e63db78f6f45649600760069995367e358e0a1c158114162cca416fb58abb75a -
- zlib-debugsource-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - ae655d78892a4d5fe6cd498b89607e42227ede25c5df083dc0b635e104294f03 -
- zlib-static-1.2.11-18.el8_5.aarch64.rpm - SHA-256: - 7ddc4808adb653739289298c4404d0db1f05eec7a679c63746e84e37e76746ee -
- -
-
-
-

- The Red Hat security contact is secalert@redhat.com. - More contact details at https://access.redhat.com/security/team/contact/. -

-
- - - - - - - - - - -
-
- - diff --git a/apollo/workflow/update_cve_state.go b/apollo/workflow/update_cve_state.go deleted file mode 100644 index 1437ea0..0000000 --- a/apollo/workflow/update_cve_state.go +++ /dev/null @@ -1,194 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "context" - "fmt" - "github.com/sirupsen/logrus" - "go.temporal.io/sdk/activity" - "go.temporal.io/sdk/workflow" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "strings" - "time" -) - -func (c *Controller) UpdateCVEStateActivity(ctx context.Context) error { - go func() { - for { - activity.RecordHeartbeat(ctx) - time.Sleep(10 * time.Second) - } - }() - - cves, err := c.db.GetAllUnresolvedCVEs() - if err != nil { - c.log.Errorf("could not get unresolved cves: %v", err) - return fmt.Errorf("could not get unresolved cves") - } - - shortCodeBuffer := map[string]*apollodb.ShortCode{} - productBuffer := map[string][]*apollodb.Product{} - ignoredPackagesBuffer := map[int64][]string{} - - for _, cve := range cves { - if !strings.HasPrefix(cve.ID, "CVE") { - continue - } - - if shortCodeBuffer[cve.ShortCode] == nil { - shortCode, err := c.db.GetShortCodeByCode(cve.ShortCode) - if err != nil { - logrus.Errorf("could not get short code: %v", err) - continue - } - - shortCodeBuffer[shortCode.Code] = shortCode - } - shortCode := shortCodeBuffer[cve.ShortCode] - - if productBuffer[shortCode.Code] == nil { - products, err := c.db.GetProductsByShortCode(shortCode.Code) - if err != nil { - logrus.Errorf("could not get products for code: %s: %v", shortCode.Code, err) - continue - } - productBuffer[shortCode.Code] = products - } - products := productBuffer[shortCode.Code] - - // Please do not simplify next statement - // During testing we're mocking pagination as well, and this is the - // easiest way to "wrap" and represent a new request restarting it from page 1 - cveRh, _, err := c.security.GetCveExecute(c.security.GetCve(ctx, cve.ID)) - if err != nil { - logrus.Errorf("could not retrieve new state for %s from Red Hat: %v", cve.ID, err) - continue - } - - for _, product := range products { - if ignoredPackagesBuffer[product.ID] == nil { - ignoredUpstreamPackages, err := c.db.GetAllIgnoredPackagesByProductID(product.ID) - if err != nil { - logrus.Errorf("could not get ignored packages: %v", err) - continue - } - ignoredPackagesBuffer[product.ID] = ignoredUpstreamPackages - } - ignoredUpstreamPackages := ignoredPackagesBuffer[product.ID] - - pName := productName(product.RedHatMajorVersion.Int32) - - beginTx, err := c.db.Begin() - if err != nil { - c.log.Errorf("could not begin transaction: %v", err) - continue - } - tx := c.db.UseTransaction(beginTx) - - skipCve := false - defer func() { - if skipCve { - _ = beginTx.Rollback() - } - }() - - if cveRh.AffectedRelease != nil { - for _, state := range *cveRh.AffectedRelease { - if (product.Cpe.Valid && state.Cpe == product.Cpe.String) || state.ProductName == pName { - st := apollopb.AffectedProduct_STATE_FIXED_UPSTREAM - packageName := "TBD" - if state.Package != nil { - packageName = *state.Package - - match, err := c.checkForIgnoredPackage(ignoredUpstreamPackages, packageName) - if err != nil { - c.log.Errorf("Invalid glob: %v", err) - continue - } - if match { - st = apollopb.AffectedProduct_STATE_UNKNOWN - } - } else { - st = apollopb.AffectedProduct_STATE_UNKNOWN - } - skipCve = c.checkProduct(tx, cve, shortCode, product, st, packageName, &state.Advisory) - if skipCve { - break - } - } - } - } - if cveRh.PackageState != nil { - for _, state := range *cveRh.PackageState { - if (product.Cpe.Valid && state.Cpe == product.Cpe.String) || state.ProductName == pName { - pState := productState(state.FixState) - packageName := "TBD" - if state.PackageName != "" { - packageName = state.PackageName - - match, err := c.checkForIgnoredPackage(ignoredUpstreamPackages, packageName) - if err != nil { - c.log.Errorf("Invalid glob: %v", err) - continue - } - if match { - pState = apollopb.AffectedProduct_STATE_UNKNOWN - } - } - skipCve = c.checkProduct(tx, cve, shortCode, product, pState, packageName, nil) - if skipCve { - break - } - } - } - } - - err = beginTx.Commit() - if err != nil { - c.log.Errorf("could not commit transaction: %v", err) - continue - } - } - } - - return nil -} - -func (c *Controller) UpdateCVEStateWorkflow(ctx workflow.Context) error { - activityCtx := workflow.WithActivityOptions(ctx, workflow.ActivityOptions{ - ScheduleToStartTimeout: 5 * time.Minute, - StartToCloseTimeout: 12 * time.Hour, - HeartbeatTimeout: 30 * time.Second, - }) - return workflow.ExecuteActivity(activityCtx, c.UpdateCVEStateActivity).Get(ctx, nil) -} diff --git a/apollo/workflow/update_cve_state_test.go b/apollo/workflow/update_cve_state_test.go deleted file mode 100644 index 4d5c421..0000000 --- a/apollo/workflow/update_cve_state_test.go +++ /dev/null @@ -1,249 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "github.com/stretchr/testify/require" - "go.temporal.io/sdk/testsuite" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rhsecurity" - "testing" -) - -func getUpdateCVEStateEnv() *testsuite.TestWorkflowEnvironment { - env := getPollRedHatCVEsEnv() - env.RegisterActivity(controller.UpdateCVEStateActivity) - - return env -} - -func TestInstance_UpdateCVEState_AffectedUpstream(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{ - Bugzilla: rhsecurity.CVEDetailedBugzilla{Id: "190", Url: "test-bugzilla-url"}, - Cvss3: rhsecurity.CVEDetailedCvss3{}, - Cwe: "CWE-200", - Details: []string{}, - Acknowledgement: "", - AffectedRelease: nil, - Name: "", - Csaw: false, - PackageState: &[]rhsecurity.CVEDetailedPackageState{ - { - ProductName: "Red Hat Enterprise Linux 8", - FixState: "Affected", - PackageName: "container-tools/2.0", - Cpe: "cpe:/o:redhat:enterprise_linux:8", - }, - }, - } - - env := getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.UpdateCVEStateWorkflow) - require.Nil(t, env.GetWorkflowError()) - - require.Len(t, mockDb.AffectedProducts, 1) - require.Equal(t, int(apollopb.AffectedProduct_STATE_AFFECTED_UPSTREAM), mockDb.AffectedProducts[0].State) -} - -func TestInstance_UpdateCVEState_WillNotFixUpstream(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{ - Bugzilla: rhsecurity.CVEDetailedBugzilla{Id: "190", Url: "test-bugzilla-url"}, - Cvss3: rhsecurity.CVEDetailedCvss3{}, - Cwe: "CWE-200", - Details: []string{}, - Acknowledgement: "", - AffectedRelease: nil, - Name: "", - Csaw: false, - PackageState: &[]rhsecurity.CVEDetailedPackageState{ - { - ProductName: "Red Hat Enterprise Linux 8", - FixState: "Will not fix", - PackageName: "container-tools/2.0", - Cpe: "cpe:/o:redhat:enterprise_linux:8", - }, - }, - } - - env := getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.UpdateCVEStateWorkflow) - require.Nil(t, env.GetWorkflowError()) - - require.Len(t, mockDb.AffectedProducts, 1) - require.Equal(t, int(apollopb.AffectedProduct_STATE_WILL_NOT_FIX_UPSTREAM), mockDb.AffectedProducts[0].State) -} - -func TestInstance_UpdateCVEState_NotAffectedUpstream(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{ - Bugzilla: rhsecurity.CVEDetailedBugzilla{Id: "190", Url: "test-bugzilla-url"}, - Cvss3: rhsecurity.CVEDetailedCvss3{}, - Cwe: "CWE-200", - Details: []string{}, - Acknowledgement: "", - AffectedRelease: nil, - Name: "", - Csaw: false, - PackageState: &[]rhsecurity.CVEDetailedPackageState{ - { - ProductName: "Red Hat Enterprise Linux 8", - FixState: "Not affected", - PackageName: "container-tools/2.0", - Cpe: "cpe:/o:redhat:enterprise_linux:8", - }, - }, - } - - env := getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.UpdateCVEStateWorkflow) - require.Nil(t, env.GetWorkflowError()) - - require.Len(t, mockDb.AffectedProducts, 0) -} - -func TestInstance_UpdateCVEState_OutOfSupportScope(t *testing.T) { - resetDb() - - securityMock.Cves[1] = []*rhsecurity.CVE{ - { - CVE: "CVE-2021-3602", - Severity: "moderate", - PublicDate: "2021-07-15T14:00:00Z", - Advisories: []string{}, - Bugzilla: "1969264", - BugzillaDescription: "CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation", - CvssScore: nil, - CvssScoringVector: nil, - CWE: "CWE-200", - AffectedPackages: nil, - ResourceUrl: "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3602.json", - Cvss3ScoringVector: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", - Cvss3Score: "5.6", - }, - } - securityMock.ActiveCVE = &rhsecurity.CVEDetailed{ - Bugzilla: rhsecurity.CVEDetailedBugzilla{Id: "190", Url: "test-bugzilla-url"}, - Cvss3: rhsecurity.CVEDetailedCvss3{}, - Cwe: "CWE-200", - Details: []string{}, - Acknowledgement: "", - AffectedRelease: nil, - Name: "", - Csaw: false, - PackageState: &[]rhsecurity.CVEDetailedPackageState{ - { - ProductName: "Red Hat Enterprise Linux 8", - FixState: "Out of support scope", - PackageName: "container-tools/2.0", - Cpe: "cpe:/o:redhat:enterprise_linux:8", - }, - }, - } - - env := getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.PollRedHatCVEsWorkflow) - require.Nil(t, env.GetWorkflowError()) - - env = getUpdateCVEStateEnv() - env.ExecuteWorkflow(controller.UpdateCVEStateWorkflow) - require.Nil(t, env.GetWorkflowError()) - - require.Len(t, mockDb.AffectedProducts, 1) - require.Equal(t, int(apollopb.AffectedProduct_STATE_OUT_OF_SUPPORT_SCOPE), mockDb.AffectedProducts[0].State) -} diff --git a/apollo/workflow/workflow.go b/apollo/workflow/workflow.go deleted file mode 100644 index 853e4c2..0000000 --- a/apollo/workflow/workflow.go +++ /dev/null @@ -1,452 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "database/sql" - "fmt" - "github.com/gobwas/glob" - "github.com/sirupsen/logrus" - "github.com/spf13/viper" - "go.temporal.io/sdk/client" - apollodb "peridot.resf.org/apollo/db" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rherrata" - "peridot.resf.org/apollo/rhsecurity" - "peridot.resf.org/apollo/rpmutils" - "peridot.resf.org/koji" - "peridot.resf.org/utils" - "strconv" - "strings" -) - -var forceKoji koji.API - -type Controller struct { - log *logrus.Logger - temporal client.Client - db apollodb.Access - mainQueue string - - errata rherrata.APIService - security rhsecurity.DefaultApi - - vendor string -} - -type Koji struct { - Endpoint string - Compose string - ModuleCompose string -} - -type NewControllerInput struct { - Temporal client.Client - Database apollodb.Access - MainQueue string -} - -type Option func(c *Controller) - -func WithSecurityAPI(api rhsecurity.DefaultApi) Option { - return func(c *Controller) { - c.security = api - } -} - -func WithErrataAPI(api rherrata.APIService) Option { - return func(c *Controller) { - c.errata = api - } -} - -// NewController returns a new workflow controller. It is the entry point for the Temporal worker. -// Usually each project share a common controller with different workflows and activities enabled -// in the `cmd` package. -func NewController(input *NewControllerInput, opts ...Option) (*Controller, error) { - c := &Controller{ - log: logrus.New(), - temporal: input.Temporal, - db: input.Database, - mainQueue: input.MainQueue, - vendor: viper.GetString("vendor"), - } - - for _, opt := range opts { - opt(c) - } - - return c, nil -} - -// productName simply appends major version to `Red Hat Enterprise Linux` -func productName(majorVersion int32) string { - return fmt.Sprintf("Red Hat Enterprise Linux %d", majorVersion) -} - -// affectedProductNameForArchAndVersion creates appropriate upstream product names for arch and version -// This is then used to parse affected packages -func affectedProductNameForArchAndVersion(arch string, majorVersion int32) string { - var archString string - switch arch { - case "x86_64": - archString = "x86_64" - break - case "aarch64": - archString = "ARM 64" - break - case "ppc64le": - archString = "Power, little endian" - break - case "s390x": - archString = "IBM z Systems" - break - default: - archString = "UnknownBreakOnPurpose" - break - } - return fmt.Sprintf("Red Hat Enterprise Linux for %s 8", archString) -} - -// productState returns appropriate proto type for string states -func productState(state string) apollopb.AffectedProduct_State { - switch state { - case "Under investigation": - return apollopb.AffectedProduct_STATE_UNDER_INVESTIGATION_UPSTREAM - case "Not affected": - return apollopb.AffectedProduct_STATE_UNKNOWN - case "Will not fix": - return apollopb.AffectedProduct_STATE_WILL_NOT_FIX_UPSTREAM - case "Out of support scope": - return apollopb.AffectedProduct_STATE_OUT_OF_SUPPORT_SCOPE - case "Affected": - return apollopb.AffectedProduct_STATE_AFFECTED_UPSTREAM - default: - return apollopb.AffectedProduct_STATE_UNDER_INVESTIGATION_UPSTREAM - } -} - -// checkProduct is used to check and validate CVE package states and releases -func (c *Controller) checkProduct(tx apollodb.Access, cve *apollodb.CVE, shortCode *apollodb.ShortCode, product *apollodb.Product, productState apollopb.AffectedProduct_State, packageName string, advisory *string) bool { - // Re-create a valid product name using the short code prefix and major version. - // Example: Red Hat Enterprise Linux 8 translates to Rocky Linux 8 for the short code `RL`. - // Check `//apollo:seed.sql` for more info - mirrorProductName := fmt.Sprintf("%s %d", product.RedHatProductPrefix.String, product.RedHatMajorVersion.Int32) - - // Get the affected product if exists - affectedProduct, err := tx.GetAffectedProductByCVEAndPackage(cve.ID, packageName) - if err != nil { - // The affected product does not exist, so we can mark this product as affected if this product exists - if err == sql.ErrNoRows { - // Check if the current package name matches an NVR and if we have a non-NVR variant - skipCreate := false - epochlessPackage := rpmutils.Epoch().ReplaceAllString(packageName, "") - if rpmutils.NVR().MatchString(epochlessPackage) { - nvr := rpmutils.NVR().FindStringSubmatch(epochlessPackage) - affectedProduct, err = tx.GetAffectedProductByCVEAndPackage(cve.ID, nvr[1]) - if err == nil { - skipCreate = true - } - } - - if !skipCreate { - // Get the mirrored product name product if exists (this should exist if supported) - // Example: Rocky Linux only supports 8 so we will only have `Rocky Linux 8` in our supported products - // In the future, when we support 8 and 9 at the same time, we only need to add `Rocky Linux 9` to start - // mirroring errata for el9 packages - product, err := tx.GetProductByNameAndShortCode(mirrorProductName, shortCode.Code) - if err != nil { - // Product isn't supported so skip - if err == sql.ErrNoRows { - logrus.Infof("Product %s not supported", mirrorProductName) - return true - } else { - logrus.Errorf("could not get product: %v", err) - return true - } - } - - // If product state isn't set to unknown (usually when product isn't affected) - // create a new affected product entry for the CVE - if productState != apollopb.AffectedProduct_STATE_UNKNOWN { - affectedProduct, err = tx.CreateAffectedProduct(product.ID, cve.ID, int(productState), product.CurrentFullVersion, packageName, advisory) - if err != nil { - logrus.Errorf("could not create affected product: %v", err) - return true - } - logrus.Infof("Added product %s (%s) to %s with state %s", mirrorProductName, packageName, cve.ID, productState.String()) - } - } - } else { - logrus.Errorf("could not get affected product: %v", err) - return true - } - } - - // We don't use else because this may change if a non-NVR variant is found - if err == nil { - // If the state isn't set to unknown (it is then usually queued for deletion) - if productState != apollopb.AffectedProduct_STATE_UNKNOWN { - // If it's already in that state, skip - if int(productState) == affectedProduct.State { - return true - } - - // If the affected product is set to FixedDownstream and we're trying to set it to FixedUpstream, skip - if affectedProduct.State == int(apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM) && productState == apollopb.AffectedProduct_STATE_FIXED_UPSTREAM { - return true - } - - err := tx.UpdateAffectedProductStateAndPackageAndAdvisory(affectedProduct.ID, int(productState), packageName, advisory) - if err != nil { - logrus.Errorf("could not update affected product state: %v", err) - return true - } - logrus.Infof("Updated product %s (%s) on %s with state %s", mirrorProductName, packageName, cve.ID, productState.String()) - } else { - // Delete affected product if state is set to Unknown - // That means that the product is set as NotAffected - err = tx.DeleteAffectedProduct(affectedProduct.ID) - if err != nil { - logrus.Errorf("could not delete unaffected product: %v", err) - return true - } - logrus.Infof("Product %s (%s) not affected by %s", mirrorProductName, packageName, cve.ID) - } - } - - return false -} - -func (c *Controller) isNvrIdentical(build *koji.Build, nvr []string) bool { - // Join all release bits and remove the dist tag (because sometimes downstream forks do not match the upstream dist tag) - // Example: Rocky Linux 8.3 initial build did not tag updated RHEL packages as el8_3, but as el8 - joinedRelease := rpmutils.Dist().ReplaceAllString(strings.TrimSuffix(strings.Join(nvr[2:], "."), "."), "") - // Remove all module release bits (to make it possible to actually match NVR) - joinedRelease = rpmutils.ModuleDist().ReplaceAllString(joinedRelease, "") - // Same operations for the build release - buildRelease := rpmutils.Dist().ReplaceAllString(build.Release, "") - buildRelease = rpmutils.ModuleDist().ReplaceAllString(buildRelease, "") - - // Check if package name, version matches and that the release prefix matches - // The reason we're only checking for prefix in release is that downstream - // builds may append `.1` or something else - // Example: Rocky Linux appends `.rocky` to modified packages - if build.PackageName == nvr[0] && build.Version == nvr[1] && strings.HasPrefix(buildRelease, joinedRelease) { - return true - } - - return false -} - -func (c *Controller) checkForIgnoredPackage(ignoredPackages []string, packageName string) (bool, error) { - for _, ignoredPackage := range ignoredPackages { - g, err := glob.Compile(ignoredPackage) - if err != nil { - return false, err - } - - if g.Match(packageName) { - return true, nil - } - } - - return false, nil -} - -func (c *Controller) checkForRebootSuggestedPackage(pkgs []string, packageName string) (bool, error) { - for _, p := range pkgs { - g, err := glob.Compile(p) - if err != nil { - return false, err - } - - if g.Match(packageName) { - return true, nil - } - } - - return false, nil -} - -func (c *Controller) checkKojiForBuild(tx apollodb.Access, ignoredPackages []string, nvrOnly string, affectedProduct *apollodb.AffectedProduct, cve *apollodb.CVE) apollopb.BuildStatus { - product, err := tx.GetProductByID(affectedProduct.ProductID) - if err != nil { - c.log.Errorf("could not get product: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - if product.BuildSystem != "koji" { - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - var k koji.API - if forceKoji != nil { - k = forceKoji - } else { - k, err = koji.New(product.BuildSystemEndpoint) - if err != nil { - c.log.Errorf("could not create koji client: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - } - - // Check if the submitted NVR is valid - nvr := rpmutils.NVR().FindStringSubmatch(nvrOnly) - if len(nvr) < 3 { - logrus.Errorf("Invalid NVR %s", nvrOnly) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - nvr = nvr[1:] - - match, err := c.checkForIgnoredPackage(ignoredPackages, nvr[0]) - if err != nil { - logrus.Errorf("Invalid glob: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - if match { - return apollopb.BuildStatus_BUILD_STATUS_WILL_NOT_FIX - } - - var tagged []*koji.Build - - // If the package is part of a module, we have to check for valid builds - // rather than check in the compose tag - if strings.Contains(nvrOnly, ".module") { - // We need to find the package id - packageRes, err := k.GetPackage(&koji.GetPackageRequest{ - PackageName: nvr[0], - }) - if err != nil { - logrus.Errorf("Could not get package information from Koji: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - // Use package id to get builds - buildsRes, err := k.ListBuilds(&koji.ListBuildsRequest{ - PackageID: packageRes.ID, - }) - if err != nil { - logrus.Errorf("Could not get builds from Koji: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - tagged = buildsRes.Builds - } else { - // Non-module packages can be queried using the list tagged operation. - // We only check the compose tag - taggedRes, err := k.ListTagged(&koji.ListTaggedRequest{ - Tag: product.KojiCompose.String, - Package: nvr[0], - }) - if err != nil { - logrus.Errorf("Could not get tagged builds for package %s: %v", nvr[0], err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - tagged = taggedRes.Builds - } - - // No valid builds found usually means that we don't ship that package - if len(tagged) <= 0 { - logrus.Errorf("No valid builds found for package %s", nvr[0]) - return apollopb.BuildStatus_BUILD_STATUS_NOT_FIXED - } - - // Use a top-level fixed state to track if the NVR exists (at least once for modules) - fixed := false - for _, build := range tagged { - latestBuild := build - // Skip module contents (this is content inserted by module-build-service) - if latestBuild.Extra != nil && latestBuild.Extra.Typeinfo != nil { - continue - } - - // Re-construct a valid NVR - kojiNvr := fmt.Sprintf("%s-%s-%s", latestBuild.PackageName, latestBuild.Version, latestBuild.Release) - - // If the NVR is identical, that means that the fix has been built - if c.isNvrIdentical(latestBuild, nvr) { - logrus.Infof("%s has been fixed downstream with build %d (%s)", cve.ID, latestBuild.BuildId, kojiNvr) - err := tx.UpdateAffectedProductStateAndPackageAndAdvisory(affectedProduct.ID, int(apollopb.AffectedProduct_STATE_FIXED_DOWNSTREAM), affectedProduct.Package, &affectedProduct.Advisory.String) - if err != nil { - logrus.Errorf("Could not update affected product %d: %v", affectedProduct.ID, err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - // Get all RPMs for build - rpms, err := k.ListRPMs(&koji.ListRPMsRequest{ - BuildID: latestBuild.BuildId, - }) - if err != nil { - logrus.Errorf("Could not get RPMs from Koji: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - - var srcRpm string - for _, rpm := range rpms.RPMs { - if rpm.Arch == "src" { - epochInt := 0 - if rpm.Epoch != nil { - epochInt = *rpm.Epoch - } - - srcRpm = fmt.Sprintf("%s-%d:%s-%s.%s.rpm", rpm.Name, epochInt, rpm.Version, rpm.Release, rpm.Arch) - break - } - } - - // Add all RPMs as a build reference to the CVE - // This is the "Affected packages" section of an advisory - for _, rpm := range rpms.RPMs { - // Construct a valid rpm name (this is what the repos will contain) - rpmStr := fmt.Sprintf("%s-%d:%s-%s.%s.rpm", rpm.Name, utils.Default[int](rpm.Epoch), rpm.Version, rpm.Release, rpm.Arch) - _, err = tx.CreateBuildReference(affectedProduct.ID, rpmStr, srcRpm, cve.ID, "", utils.Pointer[string](strconv.Itoa(latestBuild.BuildId)), nil) - if err != nil { - logrus.Errorf("Could not create build reference: %v", err) - return apollopb.BuildStatus_BUILD_STATUS_SKIP - } - } - - // We've seen at least one fix - fixed = true - // Since we've seen a fix, we don't have to keep looking - break - } - } - - // No fix has been detected, will mark as FixedUpstream - if !fixed { - logrus.Errorf("%s has not been fixed for NVR %s", cve.ID, nvrOnly) - return apollopb.BuildStatus_BUILD_STATUS_NOT_FIXED - } - - return apollopb.BuildStatus_BUILD_STATUS_FIXED -} diff --git a/apollo/workflow/workflow_test.go b/apollo/workflow/workflow_test.go deleted file mode 100644 index 76032ba..0000000 --- a/apollo/workflow/workflow_test.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright (c) All respective contributors to the Peridot Project. All rights reserved. -// Copyright (c) 2021-2022 Rocky Enterprise Software Foundation, Inc. All rights reserved. -// Copyright (c) 2021-2022 Ctrl IQ, Inc. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, -// this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// 3. Neither the name of the copyright holder nor the names of its contributors -// may be used to endorse or promote products derived from this software without -// specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE -// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -// POSSIBILITY OF SUCH DAMAGE. - -package workflow - -import ( - "database/sql" - "encoding/json" - "go.temporal.io/sdk/testsuite" - "os" - apollodb "peridot.resf.org/apollo/db" - apollomock "peridot.resf.org/apollo/db/mock" - apollopb "peridot.resf.org/apollo/pb" - "peridot.resf.org/apollo/rherrata" - "peridot.resf.org/apollo/rhsecuritymock" - "peridot.resf.org/koji" - "testing" - "time" -) - -var ( - mockDb *apollomock.Access - securityMock *rhsecuritymock.Client - errataMock *rherrata.MockInstance - kojiMock *koji.Mock - testWfSuite *testsuite.WorkflowTestSuite - controller *Controller -) - -func resetDb() { - *mockDb = *apollomock.New() - now := time.Now() - - mirrorFromDate, _ := time.Parse("2006-01-02", "2021-06-01") - mockDb.ShortCodes = append(mockDb.ShortCodes, &apollodb.ShortCode{ - Code: "RL", - Mode: int8(apollopb.ShortCode_MODE_MIRROR), - CreatedAt: &now, - ArchivedAt: sql.NullTime{}, - }) - mockDb.Products = append(mockDb.Products, &apollodb.Product{ - ID: 1, - Name: "Rocky Linux 8", - CurrentFullVersion: "8.4", - RedHatMajorVersion: sql.NullInt32{Valid: true, Int32: 8}, - ShortCode: "RL", - Archs: []string{"x86_64", "aarch64"}, - MirrorFromDate: sql.NullTime{Valid: true, Time: mirrorFromDate}, - RedHatProductPrefix: sql.NullString{Valid: true, String: "Rocky Linux"}, - BuildSystem: "koji", // we're testing koji only for now - BuildSystemEndpoint: "local", - KojiCompose: sql.NullString{Valid: true, String: "Rocky-8.4"}, - KojiModuleCompose: sql.NullString{Valid: true, String: "Rocky-8.4-module"}, - }) -} - -func readTestDataJson(file string, target interface{}) error { - data, err := os.ReadFile(file) - if err != nil { - return err - } - - return json.Unmarshal(data, target) -} - -func TestMain(m *testing.M) { - mockDb = apollomock.New() - securityMock = rhsecuritymock.New() - errataMock = rherrata.NewMock() - kojiMock = koji.NewMock() - forceKoji = kojiMock - - testWfSuite = &testsuite.WorkflowTestSuite{} - - input := &NewControllerInput{ - Database: mockDb, - } - instance, err := NewController( - input, - WithSecurityAPI(securityMock), - WithErrataAPI(errataMock.API), - ) - if err != nil { - panic(err.(any)) - } - - controller = instance - - resetDb() - - os.Exit(m.Run()) -}