Ubuntu CVE Tracker

Merge ~litios/ubuntu-cve-tracker:customers/support-other-distributions into ubuntu-cve-tracker:master

  1. Git
  2. lp:~litios/ubuntu-cve-tracker
  3. customers/support-other-distributions
  4. Merge into master
Proposed by David Fernandez Gonzalez
Status: Merged
Approved by: David Fernandez Gonzalez
Approved revision: 8d0e769b96a3a858e82ed12a76b5cba398f28e00
Merge reported by: David Fernandez Gonzalez
Merged at revision: 8d0e769b96a3a858e82ed12a76b5cba398f28e00
Proposed branch: ~litios/ubuntu-cve-tracker:customers/support-other-distributions
Merge into: ubuntu-cve-tracker:master
Diff against target: 97 lines (+28/-7)
2 files modified
scripts/cve_lib.py (+12/-1)
scripts/generate_pkg_cache.py (+16/-6)
Reviewer Review Type Date Requested Status
Eduardo Barretto Approve
Review via email: mp+459908@code.launchpad.net

Description of the change

Certain subprojects use a different distribution and this information is not recorded anywhere.

This PR adds support for external (and potentially internal) releases to provide an alternative distribution. The default one is 'ubuntu'.

----

Also, add support for specifying a release when generating the package cache for OVAL.

To post a comment you must log in.
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

just some small comments to make code easier to read, but overall looks good

review: Needs Fixing
~litios/ubuntu-cve-tracker:customers/support-other-distributions updated
8cc44b3... by David Fernandez Gonzalez

[OVAL+CVE_LIB] Rename distribution variables to mention LP-related use

Signed-off-by: David Fernandez Gonzalez <email address hidden>

8d0e769... by David Fernandez Gonzalez

[CVE_LIB] Rename external subproject key from distribution to lp_distribution

Signed-off-by: David Fernandez Gonzalez <email address hidden>

Revision history for this message
Eduardo Barretto (ebarretto) wrote :

lgtm, thanks for addressing the comments!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
2index a4690dd..051cdf8 100755
3--- a/scripts/cve_lib.py
4+++ b/scripts/cve_lib.py
5@@ -800,6 +800,17 @@ def release_ppa_pocket(rel, ppa):
6 pass
7 return pocket
8
9+def lp_distribution(rel):
10+ """
11+ Get the Launchpad distribution for the given release.
12+ Intended use is for Launchpad API.
13+ """
14+ _, _, _, details = get_subproject_details(rel)
15+ if not 'lp_distribution' in details:
16+ return 'ubuntu'
17+
18+ return details['lp_distribution']
19+
20 def release_name(rel):
21 name = None
22 _, _, _, details = get_subproject_details(rel)
23@@ -977,7 +988,7 @@ def find_external_subproject_cves(cve):
24 # except for the extra 'product' and 'release' keys.
25 MANDATORY_EXTERNAL_SUBPROJECT_KEYS = ['cve_triage', 'cve_patching', 'cve_notification', 'security_updates_notification', 'binary_copies_only', 'seg_support', 'owners', 'subprojects']
26 MANDATORY_EXTERNAL_SUBPROJECT_PPA_KEYS = ['ppas', 'oval', 'product', 'release', 'supported_packages']
27-OPTIONAL_EXTERNAL_SUBPROJECT_PPA_KEYS = ['parent', 'name', 'codename', 'description', 'aliases', 'archs']
28+OPTIONAL_EXTERNAL_SUBPROJECT_PPA_KEYS = ['parent', 'name', 'codename', 'description', 'aliases', 'archs', 'lp_distribution']
29
30 def load_external_subprojects(strict=False):
31 """Search for and load subprojects into the global subprojects dict.
32diff --git a/scripts/generate_pkg_cache.py b/scripts/generate_pkg_cache.py
33index 672e614..a858100 100644
34--- a/scripts/generate_pkg_cache.py
35+++ b/scripts/generate_pkg_cache.py
36@@ -11,7 +11,7 @@
37 # for details.
38 #
39
40-from cve_lib import (all_releases, devel_release, eol_releases, needs_oval, product_series, release_parent, release_ppas, release_ppa_pocket)
41+from cve_lib import (all_releases, devel_release, eol_releases, needs_oval, product_series, release_parent, release_ppas, release_ppa_pocket, lp_distribution)
42
43 import argparse
44 import datetime
45@@ -103,8 +103,8 @@ def get_binaries_rel(release, archive, real_threshold, series, cache, latest_dat
46
47 def update_cache(release, cache, ppas=None, latest_date_created=None):
48 lp = lpl_common.connect(version='devel')
49- ubuntu = lp.distributions['ubuntu']
50- series = ubuntu.getSeries(name_or_version=product_series(release)[1])
51+ rel_lp_distribution = lp.distributions[lp_distribution(release)]
52+ series = rel_lp_distribution.getSeries(name_or_version=product_series(release)[1])
53
54 real_threshold = None
55 if latest_date_created:
56@@ -119,12 +119,12 @@ def update_cache(release, cache, ppas=None, latest_date_created=None):
57 ppa.split('/ubuntu')[0],
58 lp,
59 False,
60- distribution=ubuntu
61+ distribution=rel_lp_distribution
62 )
63
64 latest_date_created = get_binaries_rel(release, archive, real_threshold, series, cache, latest_date_created, ppa)
65 else:
66- latest_date_created = get_binaries_rel(release, ubuntu.main_archive, real_threshold, series, cache, latest_date_created)
67+ latest_date_created = get_binaries_rel(release, rel_lp_distribution.main_archive, real_threshold, series, cache, latest_date_created)
68
69 return latest_date_created
70
71@@ -161,6 +161,7 @@ def get_supported_releases():
72
73 def parse_args():
74 argparser = argparse.ArgumentParser()
75+ argparser.add_argument('-r','--releases', nargs='+', help='Releases to generate the pkg cache for', required=False)
76 argparser.add_argument("--cache-dir", help="cache files directory")
77 argparser.add_argument("-d", "--debug", action="store_true",
78 help="make execution verbose")
79@@ -181,8 +182,17 @@ def main():
80
81 supported_releases = get_supported_releases()
82
83+ if args.releases:
84+ for release in args.releases:
85+ if release not in supported_releases:
86+ print(f"Release {release} not in supported releases.")
87+ sys.exit(1)
88+ target_releases = args.releases
89+ else:
90+ target_releases = supported_releases
91+
92 try:
93- for release in supported_releases:
94+ for release in target_releases:
95 cache = load_cache_file(cache_dir, release)
96
97 latest_date_created = None

Subscribers

People subscribed via source and target branches