Skip to content

Commit

Permalink
feat: remove oval evaluation
Browse files Browse the repository at this point in the history
RHINENG-7872
  • Loading branch information
psegedy committed Aug 12, 2024
1 parent f6d3a80 commit cbb38a0
Show file tree
Hide file tree
Showing 6 changed files with 8 additions and 674 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-${{ matrix.go-version }}-
# run tests
- uses: actions/setup-go@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
- uses: actions/checkout@v4
Expand Down
21 changes: 3 additions & 18 deletions vmaas/cache.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,24 +53,9 @@ type Cache struct {
SrcPkgID2PkgID map[PkgID][]PkgID
String map[int]string

// OVAL
PackagenameID2definitionIDs map[NameID][]DefinitionID
RepoID2CpeIDs map[RepoID][]CpeID
ContentSetID2CpeIDs map[ContentSetID][]CpeID

OvaldefinitionDetail map[DefinitionID]DefinitionDetail
OvaldefinitionID2Cves map[DefinitionID][]string
CpeID2OvalDefinitionIDs map[CpeID][]DefinitionID
OvalCriteriaID2DepModuleTestIDs map[CriteriaID][]ModuleTestID
OvalCriteriaID2DepTestIDs map[CriteriaID][]TestID
OvalCriteriaID2DepCriteriaIDs map[CriteriaID][]CriteriaID
OvalCriteriaID2Type map[CriteriaID]int
OvalStateID2Arches map[OvalStateID][]ArchID
OvalModuleTestDetail map[ModuleTestID]OvalModuleTestDetail
OvalTestDetail map[TestID]OvalTestDetail
OvalTestID2States map[TestID][]OvalState
OvalDefinitionID2ErrataIDs map[DefinitionID][]ErratumID
CpeID2Label map[CpeID]CpeLabel
ContentSetID2CpeIDs map[ContentSetID][]CpeID
RepoID2CpeIDs map[RepoID][]CpeID
CpeID2Label map[CpeID]CpeLabel

// CSAF
CSAFProductStatus map[int]string
Expand Down
284 changes: 1 addition & 283 deletions vmaas/load.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,8 @@ var loadFuncs = []func(c *Cache){
loadPkgNames, loadUpdates, loadUpdatesIndex, loadEvrMaps, loadArchs, loadArchCompat, loadPkgDetails,
loadRepoDetails, loadLabel2ContentSetID, loadPkgRepos, loadErrata, loadPkgErratum, loadErrataRepoIDs,
loadCves, loadPkgErratumModule, loadModule2IDs, loadModuleRequires, loadDBChanges, loadString,
// OVAL
loadOvalDefinitionDetail, loadOvalDefinitionCves, loadPackagenameID2DefinitionIDs, loadRepoCpes,
loadContentSet2Cpes, loadCpeID2DefinitionIDs, loadOvalCriteriaDependency, loadOvalCriteriaID2Type,
loadOvalStateID2Arches, loadOvalModuleTestDetail, loadOvalTestDetail, loadOvalTestID2States,
loadOvalDefinitionErrata, loadCpeID2Label,
// CSAF
loadCSAFCVE,
loadRepoCpes, loadContentSet2Cpes, loadCpeID2Label, loadCSAFCVE,
}

func openDB(path string) error {
Expand Down Expand Up @@ -760,67 +755,6 @@ func loadErrataModules() map[int][]Module {
return erID2modules
}

func loadOvalDefinitionDetail(c *Cache) {
defer utils.TimeTrack(time.Now(), "oval_definition_detail")

row := DefinitionDetail{}
cnt := getCount("oval_definition_detail", "*")
defDetail := make(map[DefinitionID]DefinitionDetail, cnt)
rows := getAllRows("oval_definition_detail", "id,definition_type_id,criteria_id")

for rows.Next() {
if err := rows.Scan(&row.ID, &row.DefinitionTypeID, &row.CriteriaID); err != nil {
panic(err)
}
defDetail[row.ID] = row
}
c.OvaldefinitionDetail = defDetail
}

func loadOvalDefinitionCves(c *Cache) {
defer utils.TimeTrack(time.Now(), "oval_definition_cve")

type OvalDefinitionCve struct {
DefinitionID DefinitionID
Cve string
}
r := OvalDefinitionCve{}
cnt := getCount("oval_definition_cve", "distinct definition_id")
ret := make(map[DefinitionID][]string, cnt)
cols := "definition_id,cve"
rows := getAllRows("oval_definition_cve", cols)

for rows.Next() {
if err := rows.Scan(&r.DefinitionID, &r.Cve); err != nil {
panic(err)
}
ret[r.DefinitionID] = append(ret[r.DefinitionID], r.Cve)
}
c.OvaldefinitionID2Cves = ret
}

func loadPackagenameID2DefinitionIDs(c *Cache) {
defer utils.TimeTrack(time.Now(), "PackagenameID2definitionIDs")

type NameDefinition struct {
NameID NameID
DefinitionID DefinitionID
}
r := NameDefinition{}
cnt := getCount("packagename_oval_definition", "distinct name_id")
ret := make(map[NameID][]DefinitionID, cnt)
cols := "name_id,definition_id"
rows := getAllRowsWithOrder("packagename_oval_definition", cols, cols)

for rows.Next() {
if err := rows.Scan(&r.NameID, &r.DefinitionID); err != nil {
panic(err)
}
ret[r.NameID] = append(ret[r.NameID], r.DefinitionID)
}
c.PackagenameID2definitionIDs = ret
}

func loadRepoCpes(c *Cache) {
defer utils.TimeTrack(time.Now(), "RepoID2CpeIDs")

Expand Down Expand Up @@ -865,222 +799,6 @@ func loadContentSet2Cpes(c *Cache) {
c.ContentSetID2CpeIDs = ret
}

func loadCpeID2DefinitionIDs(c *Cache) {
defer utils.TimeTrack(time.Now(), "CpeID2OvalDefinitionIDs")

type DefinitionCpe struct {
CpeID CpeID
DefinitionID DefinitionID
}
r := DefinitionCpe{}
cnt := getCount("oval_definition_cpe", "distinct cpe_id")
ret := make(map[CpeID][]DefinitionID, cnt)
cols := "cpe_id,definition_id"
rows := getAllRowsWithOrder("oval_definition_cpe", cols, cols)

for rows.Next() {
if err := rows.Scan(&r.CpeID, &r.DefinitionID); err != nil {
panic(err)
}
ret[r.CpeID] = append(ret[r.CpeID], r.DefinitionID)
}
c.CpeID2OvalDefinitionIDs = ret
}

func loadOvalCriteriaDependency(c *Cache) {
defer utils.TimeTrack(
time.Now(),
"OvalCriteriaID2DepCriteriaIDs, OvalCriteriaID2DepTestIDs, OvalCriteriaID2DepModuleTestIDs",
)

type OvalCriteriaDep struct {
ParentCriteriaID CriteriaID
DepCriteriaID CriteriaID
DepTestID TestID
DepModuleTestID ModuleTestID
}

r := OvalCriteriaDep{}

cnt := getCount("oval_criteria_dependency", "distinct parent_criteria_id")
criteriaID2DepCriteriaIDs := make(map[CriteriaID][]CriteriaID, cnt)
criteriaID2DepTestIDs := make(map[CriteriaID][]TestID, cnt)
criteriaID2DepModuleTestIDs := make(map[CriteriaID][]ModuleTestID, cnt)

cols := "parent_criteria_id,COALESCE(dep_criteria_id, 0),COALESCE(dep_test_id, 0),COALESCE(dep_module_test_id, 0)"
rows := getAllRows("oval_criteria_dependency", cols)

for rows.Next() {
if err := rows.Scan(&r.ParentCriteriaID, &r.DepCriteriaID, &r.DepTestID, &r.DepModuleTestID); err != nil {
panic(err)
}
if r.DepCriteriaID != 0 {
criteriaID2DepCriteriaIDs[r.ParentCriteriaID] = append(criteriaID2DepCriteriaIDs[r.ParentCriteriaID],
r.DepCriteriaID)
}
if r.DepTestID != 0 {
criteriaID2DepTestIDs[r.ParentCriteriaID] = append(criteriaID2DepTestIDs[r.ParentCriteriaID], r.DepTestID)
}
if r.DepModuleTestID != 0 {
criteriaID2DepModuleTestIDs[r.ParentCriteriaID] = append(criteriaID2DepModuleTestIDs[r.ParentCriteriaID],
r.DepModuleTestID)
}
}
c.OvalCriteriaID2DepCriteriaIDs = criteriaID2DepCriteriaIDs
c.OvalCriteriaID2DepTestIDs = criteriaID2DepTestIDs
c.OvalCriteriaID2DepModuleTestIDs = criteriaID2DepModuleTestIDs
}

func loadOvalCriteriaID2Type(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalCriteriaID2Type")

type OvalCriteriaType struct {
CriteriaID CriteriaID
TypeID int
}

r := OvalCriteriaType{}
cnt := getCount("oval_criteria_type", "*")
criteriaID2Type := make(map[CriteriaID]int, cnt)
cols := "criteria_id,type_id"
rows := getAllRows("oval_criteria_type", cols)

for rows.Next() {
if err := rows.Scan(&r.CriteriaID, &r.TypeID); err != nil {
panic(err)
}
criteriaID2Type[r.CriteriaID] = r.TypeID
}
c.OvalCriteriaID2Type = criteriaID2Type
}

func loadOvalStateID2Arches(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalModuleTestDetail")

type StateArch struct {
StateID OvalStateID
ArchID ArchID
}
r := StateArch{}
cnt := getCount("oval_state_arch", "distinct state_id")
ret := make(map[OvalStateID][]ArchID, cnt)
cols := "state_id,arch_id"
rows := getAllRows("oval_state_arch", cols)

for rows.Next() {
if err := rows.Scan(&r.StateID, &r.ArchID); err != nil {
panic(err)
}
ret[r.StateID] = append(ret[r.StateID], r.ArchID)
}
c.OvalStateID2Arches = ret
}

func loadOvalModuleTestDetail(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalModuleTestDetail")

type ModuleTestDetail struct {
ID ModuleTestID
ModuleStream string
}

r := ModuleTestDetail{}
cnt := getCount("oval_module_test_detail", "*")
details := make(map[ModuleTestID]OvalModuleTestDetail, cnt)
cols := "id,module_stream"
rows := getAllRows("oval_module_test_detail", cols)

for rows.Next() {
if err := rows.Scan(&r.ID, &r.ModuleStream); err != nil {
panic(err)
}
splitted := strings.Split(r.ModuleStream, ":")
details[r.ID] = OvalModuleTestDetail{
ModuleStream: ModuleStream{Module: splitted[0], Stream: splitted[1]},
}
}
c.OvalModuleTestDetail = details
}

func loadOvalTestDetail(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalTestDetail")

type TestDetail struct {
ID TestID
PackageNameID NameID
CheckExistenceID int
}

r := TestDetail{}
cnt := getCount("oval_test_detail", "*")
testDetail := make(map[TestID]OvalTestDetail, cnt)
cols := "id,package_name_id,check_existence_id"
rows := getAllRows("oval_test_detail", cols)

for rows.Next() {
if err := rows.Scan(&r.ID, &r.PackageNameID, &r.CheckExistenceID); err != nil {
panic(err)
}
testDetail[r.ID] = OvalTestDetail{PkgNameID: r.PackageNameID, CheckExistence: r.CheckExistenceID}
}
c.OvalTestDetail = testDetail
}

func loadOvalTestID2States(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalTestID2States")

type TestState struct {
TestID TestID
StateID OvalStateID
EvrID EvrID
EvrOperationID int
}

r := TestState{}
cnt := getCount("oval_test_state", "*")
test2State := make(map[TestID][]OvalState, cnt)
cols := "test_id,state_id,evr_id,evr_operation_id"
rows := getAllRows("oval_test_state", cols)

for rows.Next() {
if err := rows.Scan(&r.TestID, &r.StateID, &r.EvrID, &r.EvrOperationID); err != nil {
panic(err)
}
test2State[r.TestID] = append(test2State[r.TestID], OvalState{
ID: r.StateID,
EvrID: r.EvrID,
OperationEvr: r.EvrOperationID,
})
}
c.OvalTestID2States = test2State
}

func loadOvalDefinitionErrata(c *Cache) {
defer utils.TimeTrack(time.Now(), "OvalDefinitionID2ErrataIDs")

type OvalDefinitionErrataSelect struct {
DefinitionID DefinitionID
ErratumID ErratumID
}

cols := "definition_id,errata_id"
rows := getAllRows("oval_definition_errata", cols)
cnt := getCount("oval_definition_errata", "distinct definition_id")
row := OvalDefinitionErrataSelect{}
// TODO: investigate - it looks like 1 definitionID is always mapped to 1 erratum
// and 1 erratum can be associated with multiple definitions
// we might not need `map[DefinitionID][]ErratumID` but `map[DefinitionID]ErratumID`
definitionErrata := make(map[DefinitionID][]ErratumID, cnt)

for rows.Next() {
if err := rows.Scan(&row.DefinitionID, &row.ErratumID); err != nil {
panic(err)
}
definitionErrata[row.DefinitionID] = append(definitionErrata[row.DefinitionID], row.ErratumID)
}
c.OvalDefinitionID2ErrataIDs = definitionErrata
}

func loadCpeID2Label(c *Cache) {
defer utils.TimeTrack(time.Now(), "CpeID2Label")

Expand Down
2 changes: 1 addition & 1 deletion vmaas/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func (u unfixedOption) apply(opts *options) {
opts.evalUnfixed = bool(u)
}

// Option to evaluate unfixed CVEs by OVAL
// Option to evaluate unfixed CVEs by CSAF
func WithUnfixed(u bool) Option {
return unfixedOption(u)
}
Expand Down
26 changes: 0 additions & 26 deletions vmaas/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,8 @@ type (
ArchID int
ErratumID int
ContentSetID int
DefinitionID int
CpeID int
CpeLabel string
CriteriaID int
TestID int
ModuleTestID int
OvalStateID int
CSAFProductID int
CSAFCVEID int
CVEID int
Expand Down Expand Up @@ -243,27 +238,6 @@ type ErratumDetail struct {
RequiresReboot bool
}

type DefinitionDetail struct {
ID DefinitionID
DefinitionTypeID int
CriteriaID CriteriaID
}

type OvalTestDetail struct {
PkgNameID NameID
CheckExistence int
}

type OvalModuleTestDetail struct {
ModuleStream ModuleStream
}

type OvalState struct {
ID OvalStateID
EvrID EvrID
OperationEvr int
}

type NameArch struct {
Name string
Arch string
Expand Down
Loading

0 comments on commit cbb38a0

Please sign in to comment.