aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Reyna <David.Reyna@windriver.com>2019-01-14 23:07:27 -0800
committerDavid Reyna <David.Reyna@windriver.com>2019-01-14 23:07:27 -0800
commit29d00cb3de83d42c0d349c659c42bb0bc3f240a1 (patch)
tree4f615cd6d8db603242f9943d33d2183b74419e88
parent2a8d61b1cf728e38da59d990af45eea8b9b5e0de (diff)
downloadsrtool-29d00cb3de83d42c0d349c659c42bb0bc3f240a1.tar.gz
srtool-29d00cb3de83d42c0d349c659c42bb0bc3f240a1.tar.bz2
srtool-29d00cb3de83d42c0d349c659c42bb0bc3f240a1.zip
srtool: updates cleanup #2
Clean up after pull from RBurton pylint updates * Protect against missing CVE lookup call * Protect against disabled defect tool when creating defects * Repair CVE 'score_date' data field default * Update tool typos for formatting Signed-off-by: David Reyna <David.Reyna@windriver.com>
-rwxr-xr-xbin/common/srtool_update.py7
-rw-r--r--bin/nist/datasource.json2
-rw-r--r--lib/orm/models.py2
-rw-r--r--lib/srtgui/api.py3
-rw-r--r--lib/srtgui/views.py5
5 files changed, 13 insertions, 6 deletions
diff --git a/bin/common/srtool_update.py b/bin/common/srtool_update.py
index ebd19aef..64501f69 100755
--- a/bin/common/srtool_update.py
+++ b/bin/common/srtool_update.py
@@ -85,6 +85,7 @@ def get_tag_key(tag,key,default=''):
# WEEKLY = 3 "{\"weekday\":\"6\",\"hour\":\"2\"}" # day of week, hour
# MONTHLY = 4 "{\"day\":\"1\"\"hour\":\"2\"}" # day of month
# ONDEMAND = 5 "{}" # only on demand
+# ONSTARTUP = 6 "{}" # on every SRTool start up
def run_updates(force_all,name_filter,is_trial):
@@ -228,8 +229,8 @@ def list():
format_str = "%16s %7s %14s %10s %28s %s"
print("SRTool Update List:")
- status_str = "====================\n"
print(format_str % ('Data','Source','Name','Frequency','Offset','Description'))
+ print("================ ======= ============== ========== ============================ ===========================================")
#get sources that have update command
sources = cur.execute("SELECT * FROM orm_datasource").fetchall()
for source in sources:
@@ -290,8 +291,8 @@ def main(argv):
# setup
parser = argparse.ArgumentParser(description='srtool.py: manage the SRTool database')
- parser.add_argument('--cron-start', action='store_const', const='cron_start', dest='command', help='Start the SRTool backgroud updater')
- parser.add_argument('--cron-stop', action='store_const', const='cron_stop', dest='command', help='Stop the SRTool backgroud updater')
+ parser.add_argument('--cron-start', action='store_const', const='cron_start', dest='command', help='Start the SRTool background updater')
+ parser.add_argument('--cron-stop', action='store_const', const='cron_stop', dest='command', help='Stop the SRTool background updater')
parser.add_argument('--list', '-l', action='store_const', const='list', dest='command', help='List data sources')
parser.add_argument('--run-updates', '-u', action='store_const', const='run-updates', dest='command', help='Update scheduled data sources')
diff --git a/bin/nist/datasource.json b/bin/nist/datasource.json
index 8bdd5196..45210e40 100644
--- a/bin/nist/datasource.json
+++ b/bin/nist/datasource.json
@@ -23,7 +23,7 @@
"cve_filter" : "",
"init" : "",
"update" : "bin/nist/srtool_nist.py -i --source='NIST Modified Data' --file=data/nvdcve-1.0-modified.json --url-file=nvdcve-1.0-modified.json.gz --url-meta=nvdcve-1.0-modified.meta",
- "lookup" : "",
+ "lookup" : "bin/nist/srtool_nist.py --file=data/nvdcve-1.0-modified.json %command%",
"update_frequency" : "2",
"_comment_" : "Update at 7:00 am",
"update_time" : "{\"hour\":\"7\"}"
diff --git a/lib/orm/models.py b/lib/orm/models.py
index bca7d427..ed6cee31 100644
--- a/lib/orm/models.py
+++ b/lib/orm/models.py
@@ -267,7 +267,7 @@ class Cve(models.Model):
packages = models.TextField(blank=True)
- score_date = models.DateField(default=0)
+ score_date = models.DateField(null=True, blank=True)
srt_updated = models.DateTimeField(auto_now=True)
@property
diff --git a/lib/srtgui/api.py b/lib/srtgui/api.py
index 7fbfc1e3..c16b30cc 100644
--- a/lib/srtgui/api.py
+++ b/lib/srtgui/api.py
@@ -82,6 +82,9 @@ def readCveDetails_Upstream(cve, cve_datasource):
# Get the object
lookup_command = cve_datasource.lookup
+ if not lookup_command:
+ v.description = "ERROR(%s):missing lookup command" % (cve_datasource.description)
+ return v
lookup_command = lookup_command.replace('%command%','--cve-detail=%s' % cve.name)
result_returncode,result_stdout,result_stderr = execute_process(lookup_command.split(' '))
#_log("SRT_%s=%s|%s|%s" % (cve_datasource.key,result_returncode,result_stdout,result_stderr))
diff --git a/lib/srtgui/views.py b/lib/srtgui/views.py
index 122d9133..6532dbe1 100644
--- a/lib/srtgui/views.py
+++ b/lib/srtgui/views.py
@@ -990,6 +990,7 @@ def _create_defect(investigation,defect_reason,components):
'--link', links,
)
_log("SRT_DEFECT=%s|%s|%s" % (result_returncode,result_stdout,result_stderr))
+ d_name = ''
if 0 == result_returncode:
_log("SRT_DEFECT3a")
for line in result_stdout.decode("utf-8").splitlines():
@@ -999,7 +1000,9 @@ def _create_defect(investigation,defect_reason,components):
d_name = params[0]
d_url = params[1]
_log("SRT_DEFECT3c|%s|%s|" % (d_name,d_url))
- else:
+ ### TO-DO: Trigger dialog in a production system if not defect created at this point
+ ### For now provide a defect number simulation
+ if not d_name:
# Simulate a unique defect index
current_defect_simulation_index,create = SrtSetting.objects.get_or_create(name='current_defect_simulation_index')
if create: