Ubuntu CVE Tracker

Merge ~emitorino/ubuntu-cve-tracker:add_project_yml_when_loading_subproject into ubuntu-cve-tracker:master

  1. Git
  2. lp:~emitorino/ubuntu-cve-tracker
  3. add_project_yml_when_loading_subproject
  4. Merge into master
Proposed by Emilia Torino
Status: Merged
Merged at revision: eaf926f8d3b7d08850bebd5c8af90aaac2cfdea2
Proposed branch: ~emitorino/ubuntu-cve-tracker:add_project_yml_when_loading_subproject
Merge into: ubuntu-cve-tracker:master
Diff against target: 70 lines (+39/-5)
2 files modified
scripts/cve_lib.py (+18/-5)
scripts/test_cve_lib.py (+21/-0)
Reviewer Review Type Date Requested Status
Alex Murray Approve
Review via email: mp+440781@code.launchpad.net

Commit message

For the purpose of improving the management of subprojects, adding support to load the project.yml information into subprojects. Unless missed, it seems cve_lib is not yet doing this.

Also, checking configs before setting them into subprojects, otherwise if a given config is not available, the KeyError exception is catch for the first config not found, and the following ones are not loaded at all.

Description of the change

* cve_lib.py:
  - check config before trying to assign it to subprojects[rel]
  - load customer metadata from project.yml into subprojects[rel]
* test_cve_lib:
  - test for changes

To post a comment you must log in.
Revision history for this message
Alex Murray (alexmurray) wrote :

LGTM - thanks Emi (in particular thanks for the unit test - very nice!)

Revision history for this message
Alex Murray (alexmurray) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
index f118f93..79b4225 100755
--- a/scripts/cve_lib.py
+++ b/scripts/cve_lib.py
@@ -856,6 +856,17 @@ def read_external_subproject_config(subproject):
856 with open(config_yaml) as cfg:856 with open(config_yaml) as cfg:
857 return yaml.safe_load(cfg)857 return yaml.safe_load(cfg)
858858
859
860def read_external_subproject_details(subproject):
861 """Read and return the project details for the given subproject."""
862 sp_dir = get_external_subproject_dir(subproject)
863 # project.yml is located in the top level folder for the subproject
864 project_dir = sp_dir[:sp_dir.rfind("/")]
865 project_yaml = os.path.join(project_dir, "project.yml")
866 if os.path.isfile(project_yaml):
867 with open(project_yaml) as cfg:
868 return yaml.safe_load(cfg)
869
859def find_files_recursive(path, name):870def find_files_recursive(path, name):
860 """Return a list of all files under path with name."""871 """Return a list of all files under path with name."""
861 matches = []872 matches = []
@@ -920,11 +931,13 @@ def load_external_subprojects():
920 # use config to populate other parts of the931 # use config to populate other parts of the
921 # subproject settings932 # subproject settings
922 config = read_external_subproject_config(rel)933 config = read_external_subproject_config(rel)
923 subprojects[rel].setdefault("ppa", config["ppa"])934 config_data = ['ppa', 'oval', 'name', 'description', 'parent']
924 subprojects[rel].setdefault("oval", config["oval"])935 for data in config_data:
925 subprojects[rel].setdefault("name", config["name"])936 if data in config:
926 subprojects[rel].setdefault("description", config["description"])937 subprojects[rel].setdefault(data, config[data])
927 subprojects[rel].setdefault("parent", config["parent"])938 project = read_external_subproject_details(rel)
939 if project and "customer" in project:
940 subprojects[rel].setdefault("customer", project["customer"])
928 except:941 except:
929 pass942 pass
930943
diff --git a/scripts/test_cve_lib.py b/scripts/test_cve_lib.py
index c5130dc..f9bd1d2 100755
--- a/scripts/test_cve_lib.py
+++ b/scripts/test_cve_lib.py
@@ -184,3 +184,24 @@ class TestParseCVEFiles:
184 js = cve_lib.parse_cvss(cvss[0]['vector'])184 js = cve_lib.parse_cvss(cvss[0]['vector'])
185 assert cvss[0]['baseScore'] == str(js['baseMetricV3']['cvssV3']['baseScore'])185 assert cvss[0]['baseScore'] == str(js['baseMetricV3']['cvssV3']['baseScore'])
186 assert cvss[0]['baseSeverity'] == js['baseMetricV3']['cvssV3']['baseSeverity']186 assert cvss[0]['baseSeverity'] == js['baseMetricV3']['cvssV3']['baseSeverity']
187
188
189class TestSubprojects:
190
191 def test_load_subprojects_loads_every_config_available(self):
192 # mimic here how subprojects are loaded to then assert cve_lib.subprojects
193 # contains every config available
194 for supported_txt in cve_lib.find_files_recursive(cve_lib.subprojects_dir, "supported.txt"):
195 # rel name is the path component between subprojects/ and
196 # /supported.txt
197 rel = supported_txt[len(cve_lib.subprojects_dir) + 1:-len("supported.txt") - 1]
198 config = cve_lib.read_external_subproject_config(rel)
199 config_data = ['ppa', 'oval', 'name', 'description', 'parent']
200 for data in config_data:
201 if data in config:
202 assert cve_lib.subprojects[rel][data] == config[data]
203 project = cve_lib.read_external_subproject_details(rel)
204 if project and "customer" in project:
205 assert cve_lib.subprojects[rel]["customer"] == project["customer"]
206
207

Subscribers

People subscribed via source and target branches