Ubuntu CVE Tracker

Merge ~litios/ubuntu-cve-tracker:customers/support-other-distributions into ubuntu-cve-tracker:master

  1. Git
  2. lp:~litios/ubuntu-cve-tracker
  3. customers/support-other-distributions
  4. Merge into master
Proposed by David Fernandez Gonzalez
Status: Merged
Approved by: David Fernandez Gonzalez
Approved revision: 8d0e769b96a3a858e82ed12a76b5cba398f28e00
Merge reported by: David Fernandez Gonzalez
Merged at revision: 8d0e769b96a3a858e82ed12a76b5cba398f28e00
Proposed branch: ~litios/ubuntu-cve-tracker:customers/support-other-distributions
Merge into: ubuntu-cve-tracker:master
Diff against target: 97 lines (+28/-7)
2 files modified
scripts/cve_lib.py (+12/-1)
scripts/generate_pkg_cache.py (+16/-6)
Reviewer Review Type Date Requested Status
Eduardo Barretto Approve
Review via email: mp+459908@code.launchpad.net

Description of the change

Certain subprojects use a different distribution and this information is not recorded anywhere.

This PR adds support for external (and potentially internal) releases to provide an alternative distribution. The default one is 'ubuntu'.

----

Also, add support for specifying a release when generating the package cache for OVAL.

To post a comment you must log in.
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

just some small comments to make code easier to read, but overall looks good

review: Needs Fixing
~litios/ubuntu-cve-tracker:customers/support-other-distributions updated
8cc44b3... by David Fernandez Gonzalez

[OVAL+CVE_LIB] Rename distribution variables to mention LP-related use

Signed-off-by: David Fernandez Gonzalez <email address hidden>

8d0e769... by David Fernandez Gonzalez

[CVE_LIB] Rename external subproject key from distribution to lp_distribution

Signed-off-by: David Fernandez Gonzalez <email address hidden>

Revision history for this message
Eduardo Barretto (ebarretto) wrote :

lgtm, thanks for addressing the comments!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
index a4690dd..051cdf8 100755
--- a/scripts/cve_lib.py
+++ b/scripts/cve_lib.py
@@ -800,6 +800,17 @@ def release_ppa_pocket(rel, ppa):
800 pass800 pass
801 return pocket801 return pocket
802802
803def lp_distribution(rel):
804 """
805 Get the Launchpad distribution for the given release.
806 Intended use is for Launchpad API.
807 """
808 _, _, _, details = get_subproject_details(rel)
809 if not 'lp_distribution' in details:
810 return 'ubuntu'
811
812 return details['lp_distribution']
813
803def release_name(rel):814def release_name(rel):
804 name = None815 name = None
805 _, _, _, details = get_subproject_details(rel)816 _, _, _, details = get_subproject_details(rel)
@@ -977,7 +988,7 @@ def find_external_subproject_cves(cve):
977# except for the extra 'product' and 'release' keys.988# except for the extra 'product' and 'release' keys.
978MANDATORY_EXTERNAL_SUBPROJECT_KEYS = ['cve_triage', 'cve_patching', 'cve_notification', 'security_updates_notification', 'binary_copies_only', 'seg_support', 'owners', 'subprojects']989MANDATORY_EXTERNAL_SUBPROJECT_KEYS = ['cve_triage', 'cve_patching', 'cve_notification', 'security_updates_notification', 'binary_copies_only', 'seg_support', 'owners', 'subprojects']
979MANDATORY_EXTERNAL_SUBPROJECT_PPA_KEYS = ['ppas', 'oval', 'product', 'release', 'supported_packages']990MANDATORY_EXTERNAL_SUBPROJECT_PPA_KEYS = ['ppas', 'oval', 'product', 'release', 'supported_packages']
980OPTIONAL_EXTERNAL_SUBPROJECT_PPA_KEYS = ['parent', 'name', 'codename', 'description', 'aliases', 'archs']991OPTIONAL_EXTERNAL_SUBPROJECT_PPA_KEYS = ['parent', 'name', 'codename', 'description', 'aliases', 'archs', 'lp_distribution']
981992
982def load_external_subprojects(strict=False):993def load_external_subprojects(strict=False):
983 """Search for and load subprojects into the global subprojects dict.994 """Search for and load subprojects into the global subprojects dict.
diff --git a/scripts/generate_pkg_cache.py b/scripts/generate_pkg_cache.py
index 672e614..a858100 100644
--- a/scripts/generate_pkg_cache.py
+++ b/scripts/generate_pkg_cache.py
@@ -11,7 +11,7 @@
11# for details.11# for details.
12#12#
1313
14from cve_lib import (all_releases, devel_release, eol_releases, needs_oval, product_series, release_parent, release_ppas, release_ppa_pocket)14from cve_lib import (all_releases, devel_release, eol_releases, needs_oval, product_series, release_parent, release_ppas, release_ppa_pocket, lp_distribution)
1515
16import argparse16import argparse
17import datetime17import datetime
@@ -103,8 +103,8 @@ def get_binaries_rel(release, archive, real_threshold, series, cache, latest_dat
103103
104def update_cache(release, cache, ppas=None, latest_date_created=None):104def update_cache(release, cache, ppas=None, latest_date_created=None):
105 lp = lpl_common.connect(version='devel')105 lp = lpl_common.connect(version='devel')
106 ubuntu = lp.distributions['ubuntu']106 rel_lp_distribution = lp.distributions[lp_distribution(release)]
107 series = ubuntu.getSeries(name_or_version=product_series(release)[1])107 series = rel_lp_distribution.getSeries(name_or_version=product_series(release)[1])
108108
109 real_threshold = None109 real_threshold = None
110 if latest_date_created:110 if latest_date_created:
@@ -119,12 +119,12 @@ def update_cache(release, cache, ppas=None, latest_date_created=None):
119 ppa.split('/ubuntu')[0],119 ppa.split('/ubuntu')[0],
120 lp,120 lp,
121 False,121 False,
122 distribution=ubuntu122 distribution=rel_lp_distribution
123 )123 )
124124
125 latest_date_created = get_binaries_rel(release, archive, real_threshold, series, cache, latest_date_created, ppa)125 latest_date_created = get_binaries_rel(release, archive, real_threshold, series, cache, latest_date_created, ppa)
126 else:126 else:
127 latest_date_created = get_binaries_rel(release, ubuntu.main_archive, real_threshold, series, cache, latest_date_created)127 latest_date_created = get_binaries_rel(release, rel_lp_distribution.main_archive, real_threshold, series, cache, latest_date_created)
128128
129 return latest_date_created129 return latest_date_created
130130
@@ -161,6 +161,7 @@ def get_supported_releases():
161161
162def parse_args():162def parse_args():
163 argparser = argparse.ArgumentParser()163 argparser = argparse.ArgumentParser()
164 argparser.add_argument('-r','--releases', nargs='+', help='Releases to generate the pkg cache for', required=False)
164 argparser.add_argument("--cache-dir", help="cache files directory")165 argparser.add_argument("--cache-dir", help="cache files directory")
165 argparser.add_argument("-d", "--debug", action="store_true",166 argparser.add_argument("-d", "--debug", action="store_true",
166 help="make execution verbose")167 help="make execution verbose")
@@ -181,8 +182,17 @@ def main():
181182
182 supported_releases = get_supported_releases()183 supported_releases = get_supported_releases()
183184
185 if args.releases:
186 for release in args.releases:
187 if release not in supported_releases:
188 print(f"Release {release} not in supported releases.")
189 sys.exit(1)
190 target_releases = args.releases
191 else:
192 target_releases = supported_releases
193
184 try:194 try:
185 for release in supported_releases:195 for release in target_releases:
186 cache = load_cache_file(cache_dir, release)196 cache = load_cache_file(cache_dir, release)
187197
188 latest_date_created = None198 latest_date_created = None

Subscribers

People subscribed via source and target branches