Ubuntu CVE Tracker

Merge ~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker:fix_publish_usn_removal_operations into ubuntu-cve-tracker:master

  1. Git
  2. lp:~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker
  3. fix_publish_usn_removal_operations
  4. Merge into master
Proposed by Steve Beattie
Status: Merged
Merged at revision: a7f6c06d36cd636eb5da502569503235760684f3
Proposed branch: ~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker:fix_publish_usn_removal_operations
Merge into: ubuntu-cve-tracker:master
Diff against target: 78 lines (+28/-13)
2 files modified
scripts/publish-usn-to-website (+22/-11)
scripts/publish-usn-to-website-api.py (+6/-2)
Reviewer Review Type Date Requested Status
Rodrigo Figueiredo Zaiden Approve
Review via email: mp+466626@code.launchpad.net

Description of the change

publish-usn-to-website (+ api script): fix removal of usns from the website

As Rodrigo recently experienced, the script and process for removing a USN from the website had not been exercised very well. Wehn removing a USN from the API, the api script was not honoring a prefix if it was passed to it, so fix that, and also report more of the response message from the web api endpoint.

The wrapper publish-usn-to-website script assumed and checked that the USN db would have information that it could export and publish to the website via the api script, which is a mistaken assumption when we are removing a USN, as it should be purged from the USN db first, and indeed, the api script does not use anything beyond the USN ID for deletion, so fix the script to correctly invoke the api script in the removal case, and also adjust the consistency checks to handle both the removal and non-removal cases.kj

To post a comment you must log in.
Revision history for this message
Rodrigo Figueiredo Zaiden (rodrigo-zaiden) wrote :

LGTM. Thanks!
As I've exercised this lately, I did a few debugging
tests with what I had in mind and it all worked fine.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/publish-usn-to-website b/scripts/publish-usn-to-website
2index 5c57a64..ba660fe 100755
3--- a/scripts/publish-usn-to-website
4+++ b/scripts/publish-usn-to-website
5@@ -69,18 +69,25 @@ push_to_website_api() {
6
7 FILES_TO_CLEANUP+=($TMP_JSON)
8
9- # export the single USN from the pickle to a yaml file
10- if ! "$usn_tool"/usn.py --db "$database" --export-json "$usn" >"$TMP_JSON" ; then
11- perr "Failed to export $usn from pickle to yaml"
12- exit 1
13- fi
14+ if [ "$action" == remove ] ; then
15+ # remove the single USN via the website API
16+ if ! "$UCT"/scripts/publish-usn-to-website-api.py --action "$action" --usn "$usn" --prefix "USN-" --stop --no-upsert; then
17+ perr "Failed to publish $usn pickle to website API"
18+ exit 1
19+ fi
20+ else
21+ # export the single USN from the pickle to a yaml file
22+ if ! "$usn_tool"/usn.py --db "$database" --export-json "$usn" >"$TMP_JSON" ; then
23+ perr "Failed to export $usn from pickle to yaml"
24+ exit 1
25+ fi
26
27- # post the single USN json file to the website API
28- if ! "$UCT"/scripts/publish-usn-to-website-api.py --action "$action" --json "$TMP_JSON" --prefix "USN-" --stop --no-upsert; then
29- perr "Failed to publish $usn pickle to website API"
30- exit 1
31+ # post the single USN json file to the website API
32+ if ! "$UCT"/scripts/publish-usn-to-website-api.py --action "$action" --json "$TMP_JSON" --prefix "USN-" --stop --no-upsert; then
33+ perr "Failed to publish $usn pickle to website API"
34+ exit 1
35+ fi
36 fi
37-
38 }
39
40
41@@ -134,9 +141,13 @@ fi
42
43
44 for usn in $usns; do
45- if ! is_usn_in_db "$database" "$usn"; then
46+ if ! [ "$action" == "remove" ] && ! is_usn_in_db "$database" "$usn"; then
47 perr "Ensure that USN-$usn is in $database and try again"
48 exit 1
49+ elif [ "$action" == "remove" ] && is_usn_in_db "$database" "$usn"; then
50+ perr "Found USN-$usn in ${database}"
51+ perr "When removing USNs, ensure that USN-$usn is not in $database and try again"
52+ exit 1
53 fi
54
55 push_to_website_api "$action" "$database" "$usn"
56diff --git a/scripts/publish-usn-to-website-api.py b/scripts/publish-usn-to-website-api.py
57index 082a671..e947a54 100755
58--- a/scripts/publish-usn-to-website-api.py
59+++ b/scripts/publish-usn-to-website-api.py
60@@ -195,12 +195,16 @@ if args.startwith and not re.match(r"\d{1,5}-\d{1,2}", args.startwith):
61 if args.action == "remove" and args.usns:
62 http_method = "DELETE"
63 for usn in args.usns:
64- endpoint = f"{args.endpoint}/{usn}.json"
65+ if args.prefix:
66+ prefix = args.prefix
67+ else:
68+ prefix = ""
69+ endpoint = f"{args.endpoint}/{prefix}{usn}.json"
70 if args.debug:
71 print(f"DEBUG: would send delete http request for: {endpoint}")
72 else:
73 response = authentication(method=http_method, url=endpoint, payload=None)
74- print(response, response.text[0:60])
75+ print(response, response.text[0:256])
76 if args.stop and not re.match(r"^<Response \[2..\]>$", str(response)):
77 sys.exit(1)
78 sys.exit(0)

Subscribers

People subscribed via source and target branches