Skip to content

Commit 99a32a0

Browse files
RTannRTann
authored
ROX-13435: fix RHELv2 updates (#1012)
1 parent 8217daa commit 99a32a0

File tree

3 files changed

+62
-20
lines changed

3 files changed

+62
-20
lines changed

cmd/updater/diffdumps/cmd.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -395,6 +395,7 @@ type config struct {
395395
KeepUnusedRHELv2CPEs bool `json:"keepUnusedRHELv2CPEs"`
396396
UseLegacyUbuntuCVEURLPrefix bool `json:"useLegacyUbuntuCVEURLPrefix"`
397397
UseLegacyAlpineCVEURLPrefix bool `json:"useLegacyAlpineCVEURLPrefix"`
398+
UseLegacyRHELv2PackageInfos bool `json:"useLegacyRHELv2PackageInfos"`
398399
}
399400

400401
// Command defines the diff-dumps command.

cmd/updater/diffdumps/rhelv2_diff.go

Lines changed: 21 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -20,19 +20,29 @@ import (
2020
)
2121

2222
//nolint:staticcheck
23-
func processRHELv2Vulnerability(v *database.RHELv2Vulnerability) {
23+
func processHeadRHELv2Vulnerability(cfg config, v *database.RHELv2Vulnerability) {
2424
// PackageInfos is deprecated, so it is no longer populated.
2525
// However, we need to ensure we diff correctly with older genesis dumps
26-
// which populate this field. We simply convert each RHELv2PackageInfo
27-
// into its respective RHELv2Package.
28-
for _, pkgInfo := range v.PackageInfos {
29-
for _, pkg := range pkgInfo.Packages {
30-
pkg.FixedInVersion = pkgInfo.FixedInVersion
31-
pkg.ArchOperation = pkgInfo.ArchOperation
32-
v.Packages = append(v.Packages, pkg)
26+
// which do populate this field.
27+
// We simply convert each RHELv2Package into its respective RHELv2PackageInfo.
28+
if cfg.UseLegacyRHELv2PackageInfos {
29+
for _, pkg := range v.Packages {
30+
pkgInfo := &database.RHELv2PackageInfo{
31+
FixedInVersion: pkg.FixedInVersion,
32+
ArchOperation: pkg.ArchOperation,
33+
}
34+
35+
// Set these fields to their defaults, to minimize space.
36+
pkg.FixedInVersion = ""
37+
pkg.ArchOperation = 0
38+
39+
pkgInfo.Packages = append(pkgInfo.Packages, pkg)
40+
41+
v.PackageInfos = append(v.PackageInfos, pkgInfo)
3342
}
43+
44+
v.Packages = nil
3445
}
35-
v.PackageInfos = nil
3646
}
3747

3848
func generateRHELv2Diff(cfg config, outputDir string, baseLastModifiedTime time.Time, baseF, headF *zip.File, rhelExists bool) error {
@@ -78,7 +88,6 @@ func generateRHELv2Diff(cfg config, outputDir string, baseLastModifiedTime time.
7888

7989
baseVulnsMap := make(map[string]*database.RHELv2Vulnerability, len(baseRHEL.Vulns))
8090
for _, vuln := range baseRHEL.Vulns {
81-
processRHELv2Vulnerability(vuln)
8291
if _, ok := baseVulnsMap[vuln.Name]; ok {
8392
// Should really never happen, but being defensive.
8493
return errors.Errorf("UNEXPECTED: got multiple vulns for key: %s", vuln.Name)
@@ -88,6 +97,8 @@ func generateRHELv2Diff(cfg config, outputDir string, baseLastModifiedTime time.
8897

8998
var filtered []*database.RHELv2Vulnerability
9099
for _, headVuln := range rhel.Vulns {
100+
processHeadRHELv2Vulnerability(cfg, headVuln)
101+
91102
matchingBaseVuln, found := baseVulnsMap[headVuln.Name]
92103
// If the vuln was not in the base, add it.
93104
if !found {

image/scanner/dump/genesis_manifests.json

Lines changed: 40 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,8 @@
1919
"useDPKGParserForAlpine": true,
2020
"keepUnusedRHELv2CPEs": true,
2121
"useLegacyUbuntuCVEURLPrefix": true,
22-
"useLegacyAlpineCVEURLPrefix": true
22+
"useLegacyAlpineCVEURLPrefix": true,
23+
"useLegacyRHELv2PackageInfos": true
2324
}
2425
},
2526
{
@@ -36,7 +37,8 @@
3637
"useDPKGParserForAlpine": true,
3738
"keepUnusedRHELv2CPEs": true,
3839
"useLegacyUbuntuCVEURLPrefix": true,
39-
"useLegacyAlpineCVEURLPrefix": true
40+
"useLegacyAlpineCVEURLPrefix": true,
41+
"useLegacyRHELv2PackageInfos": true
4042
}
4143
},
4244
{
@@ -52,7 +54,8 @@
5254
"useDPKGParserForAlpine": true,
5355
"keepUnusedRHELv2CPEs": true,
5456
"useLegacyUbuntuCVEURLPrefix": true,
55-
"useLegacyAlpineCVEURLPrefix": true
57+
"useLegacyAlpineCVEURLPrefix": true,
58+
"useLegacyRHELv2PackageInfos": true
5659
}
5760
},
5861
{
@@ -68,7 +71,8 @@
6871
"useDPKGParserForAlpine": true,
6972
"keepUnusedRHELv2CPEs": true,
7073
"useLegacyUbuntuCVEURLPrefix": true,
71-
"useLegacyAlpineCVEURLPrefix": true
74+
"useLegacyAlpineCVEURLPrefix": true,
75+
"useLegacyRHELv2PackageInfos": true
7276
}
7377
},
7478
{
@@ -84,7 +88,8 @@
8488
"useDPKGParserForAlpine": true,
8589
"keepUnusedRHELv2CPEs": true,
8690
"useLegacyUbuntuCVEURLPrefix": true,
87-
"useLegacyAlpineCVEURLPrefix": true
91+
"useLegacyAlpineCVEURLPrefix": true,
92+
"useLegacyRHELv2PackageInfos": true
8893
}
8994
},
9095
{
@@ -100,7 +105,8 @@
100105
"useDPKGParserForAlpine": true,
101106
"keepUnusedRHELv2CPEs": true,
102107
"useLegacyUbuntuCVEURLPrefix": true,
103-
"useLegacyAlpineCVEURLPrefix": true
108+
"useLegacyAlpineCVEURLPrefix": true,
109+
"useLegacyRHELv2PackageInfos": true
104110
}
105111
},
106112
{
@@ -116,7 +122,8 @@
116122
"useDPKGParserForAlpine": true,
117123
"keepUnusedRHELv2CPEs": true,
118124
"useLegacyUbuntuCVEURLPrefix": true,
119-
"useLegacyAlpineCVEURLPrefix": true
125+
"useLegacyAlpineCVEURLPrefix": true,
126+
"useLegacyRHELv2PackageInfos": true
120127
}
121128
},
122129
{
@@ -132,7 +139,8 @@
132139
"useDPKGParserForAlpine": true,
133140
"keepUnusedRHELv2CPEs": true,
134141
"useLegacyUbuntuCVEURLPrefix": true,
135-
"useLegacyAlpineCVEURLPrefix": true
142+
"useLegacyAlpineCVEURLPrefix": true,
143+
"useLegacyRHELv2PackageInfos": true
136144
}
137145
},
138146
{
@@ -148,7 +156,8 @@
148156
"useDPKGParserForAlpine": true,
149157
"keepUnusedRHELv2CPEs": true,
150158
"useLegacyUbuntuCVEURLPrefix": true,
151-
"useLegacyAlpineCVEURLPrefix": true
159+
"useLegacyAlpineCVEURLPrefix": true,
160+
"useLegacyRHELv2PackageInfos": true
152161
}
153162
},
154163
{
@@ -164,7 +173,8 @@
164173
"useDPKGParserForAlpine": true,
165174
"keepUnusedRHELv2CPEs": true,
166175
"useLegacyUbuntuCVEURLPrefix": true,
167-
"useLegacyAlpineCVEURLPrefix": true
176+
"useLegacyAlpineCVEURLPrefix": true,
177+
"useLegacyRHELv2PackageInfos": true
168178
}
169179
},
170180
{
@@ -179,6 +189,7 @@
179189
"keepUnusedRHELv2CPEs": true,
180190
"useLegacyUbuntuCVEURLPrefix": true,
181191
"useLegacyAlpineCVEURLPrefix": true,
192+
"useLegacyRHELv2PackageInfos": true,
182193
"ignoreIstioVulns": true
183194
}
184195
},
@@ -193,6 +204,7 @@
193204
"keepUnusedRHELv2CPEs": true,
194205
"useLegacyUbuntuCVEURLPrefix": true,
195206
"useLegacyAlpineCVEURLPrefix": true,
207+
"useLegacyRHELv2PackageInfos": true,
196208
"ignoreIstioVulns": true
197209
}
198210
},
@@ -207,6 +219,7 @@
207219
"keepUnusedRHELv2CPEs": true,
208220
"useLegacyUbuntuCVEURLPrefix": true,
209221
"useLegacyAlpineCVEURLPrefix": true,
222+
"useLegacyRHELv2PackageInfos": true,
210223
"ignoreIstioVulns": true
211224
}
212225
},
@@ -221,6 +234,7 @@
221234
"keepUnusedRHELv2CPEs": true,
222235
"useLegacyUbuntuCVEURLPrefix": true,
223236
"useLegacyAlpineCVEURLPrefix": true,
237+
"useLegacyRHELv2PackageInfos": true,
224238
"ignoreIstioVulns": true
225239
}
226240
},
@@ -235,6 +249,7 @@
235249
"keepUnusedRHELv2CPEs": true,
236250
"useLegacyUbuntuCVEURLPrefix": true,
237251
"useLegacyAlpineCVEURLPrefix": true,
252+
"useLegacyRHELv2PackageInfos": true,
238253
"ignoreIstioVulns": true
239254
}
240255
},
@@ -248,6 +263,7 @@
248263
"keepUnusedRHELv2CPEs": true,
249264
"useLegacyUbuntuCVEURLPrefix": true,
250265
"useLegacyAlpineCVEURLPrefix": true,
266+
"useLegacyRHELv2PackageInfos": true,
251267
"ignoreIstioVulns": true
252268
}
253269
},
@@ -259,6 +275,7 @@
259275
"keepUnusedRHELv2CPEs": true,
260276
"useLegacyUbuntuCVEURLPrefix": true,
261277
"useLegacyAlpineCVEURLPrefix": true,
278+
"useLegacyRHELv2PackageInfos": true,
262279
"ignoreIstioVulns": true
263280
}
264281
},
@@ -270,6 +287,7 @@
270287
"keepUnusedRHELv2CPEs": true,
271288
"useLegacyUbuntuCVEURLPrefix": true,
272289
"useLegacyAlpineCVEURLPrefix": true,
290+
"useLegacyRHELv2PackageInfos": true,
273291
"ignoreIstioVulns": true
274292
}
275293
},
@@ -281,6 +299,7 @@
281299
"keepUnusedRHELv2CPEs": true,
282300
"useLegacyUbuntuCVEURLPrefix": true,
283301
"useLegacyAlpineCVEURLPrefix": true,
302+
"useLegacyRHELv2PackageInfos": true,
284303
"ignoreIstioVulns": true
285304
}
286305
},
@@ -292,6 +311,7 @@
292311
"keepUnusedRHELv2CPEs": true,
293312
"useLegacyUbuntuCVEURLPrefix": true,
294313
"useLegacyAlpineCVEURLPrefix": true,
314+
"useLegacyRHELv2PackageInfos": true,
295315
"ignoreIstioVulns": true
296316
}
297317
},
@@ -302,6 +322,7 @@
302322
"config": {
303323
"useLegacyUbuntuCVEURLPrefix": true,
304324
"useLegacyAlpineCVEURLPrefix": true,
325+
"useLegacyRHELv2PackageInfos": true,
305326
"ignoreIstioVulns": true
306327
}
307328
},
@@ -312,6 +333,7 @@
312333
"config": {
313334
"useLegacyUbuntuCVEURLPrefix": true,
314335
"useLegacyAlpineCVEURLPrefix": true,
336+
"useLegacyRHELv2PackageInfos": true,
315337
"ignoreIstioVulns": true
316338
}
317339
},
@@ -322,6 +344,7 @@
322344
"config": {
323345
"useLegacyUbuntuCVEURLPrefix": true,
324346
"useLegacyAlpineCVEURLPrefix": true,
347+
"useLegacyRHELv2PackageInfos": true,
325348
"ignoreIstioVulns": true
326349
}
327350
},
@@ -332,6 +355,7 @@
332355
"config": {
333356
"useLegacyUbuntuCVEURLPrefix": true,
334357
"useLegacyAlpineCVEURLPrefix": true,
358+
"useLegacyRHELv2PackageInfos": true,
335359
"ignoreIstioVulns": true
336360
}
337361
},
@@ -341,6 +365,7 @@
341365
"uuid": "76920bf9-d0d2-47cd-9d53-ae4943edc02a",
342366
"config": {
343367
"useLegacyAlpineCVEURLPrefix": true,
368+
"useLegacyRHELv2PackageInfos": true,
344369
"ignoreIstioVulns": true
345370
}
346371
},
@@ -350,6 +375,7 @@
350375
"uuid": "4d2f8c67-af86-443e-9c21-58261672f262",
351376
"config": {
352377
"useLegacyAlpineCVEURLPrefix": true,
378+
"useLegacyRHELv2PackageInfos": true,
353379
"ignoreIstioVulns": true
354380
}
355381
},
@@ -359,6 +385,7 @@
359385
"uuid": "90ed7d2d-7839-4f65-93fb-e56f37a62224",
360386
"config": {
361387
"useLegacyAlpineCVEURLPrefix": true,
388+
"useLegacyRHELv2PackageInfos": true,
362389
"ignoreIstioVulns": true
363390
}
364391
},
@@ -368,6 +395,7 @@
368395
"uuid": "56f8939b-653c-468c-8114-ff8a009d67cd",
369396
"config": {
370397
"useLegacyAlpineCVEURLPrefix": true,
398+
"useLegacyRHELv2PackageInfos": true,
371399
"ignoreIstioVulns": true
372400
}
373401
},
@@ -376,6 +404,7 @@
376404
"timestamp": "2022-07-07T00:19:50.023423474Z",
377405
"uuid": "b36af074-8f40-4221-a4f6-b96d05d177dd",
378406
"config": {
407+
"useLegacyRHELv2PackageInfos": true,
379408
"ignoreIstioVulns": true
380409
}
381410
},
@@ -384,6 +413,7 @@
384413
"timestamp": "2022-09-08T18:34:29.343211144Z",
385414
"uuid": "f81dbc6b-5899-433b-bc86-9127219a9d89",
386415
"config": {
416+
"useLegacyRHELv2PackageInfos": true,
387417
"ignoreIstioVulns": true
388418
}
389419
}

0 commit comments

Comments
 (0)