aboutsummaryrefslogtreecommitdiffstats
path: root/bin/srt
AgeCommit message (Collapse)AuthorFilesLines
2018-12-29srtool: generalize the master app (yp, acme, ...) managementDavid Reyna1-11/+30
The SRTool allows users to substitute an alternate master application instead of the default "yp" in order to customize their instance to their organization. This is done by: (a) Creating a datasource directory under bin (b) Defining a "datasource.json" file (c) Defining 'export SRT_MAIN_APP="<app>"' in "srtool_env.sh" This environment files are scanned by 'bin/srt', and if such an alternate master app is found it pre-empts the default 'yp'. This value is set via the environment because "lib/srtmain/settings.py" is the file that sets the app (and this the URL) ordering, and it is processed before any database is attached. To disable the alternate main app, simply rename its "datasource.json" file and it will be ignored for the next start. The sample alternate app "acme" is provided to demonstrate this facility. Additionally, a development tool 'bin/dev_tools/master_app.sh' has been added to help switch between master apps, to aid testing. $ ./stop.sh $ ./master_app.sh acme $ ./start.sh ... test ... $ ./stop.sh $ ./master_app.sh yp $ ./start.sh Other included fixes: * Fix the ACME JSON files formating * Remove ACME "_sample" from all but "datasource.json_sample" * Fix tabs to spaces in "srt" * Add global contect values to views::managedcontextprocessor so that other app templates can share them Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-12-29srtool: add quick test for python3 and sqlite3David Reyna1-2/+9
Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-12-21srtool: cummulative fixes 12/21/2018David Reyna1-1/+2
Fixes: * Support Django development head in version check (e.g. '2.2.dev20181217100344') * Remove the single quotes around the comments content * Include Documentation/Export links for Guest users * Allow 'ip:port/acme' to link to 'acme_hello' Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-12-13srtool: cummulative update 12/13/2018David Reyna1-4/+18
Changes: Repartition the data sources Reconfigure the data sources into self-contained directories under the "bin" directory. Implement dynamic data source discovery and import Remove all hard coded data source data (e.g. fixtures, data, CVE lookups) Add license files to all data sources Django User model Add "users" Django application dir Login page Self create user account page Password change page User access and delete management CVE Name sorting by hidden 'name_sort' field (CVE-nnnn-0nnnnnn) CVE Triage Auto import reserved CVEs Add MITRE CVE records where NIST missing Add data source count to triage page Easy checkbox toggle by clicking any field Triage any CVE status category (not just new) Assign to any CVE status category Object create/delete Create/Delete Vulnerablities Create/Delete Investigations from Vulnerablity page Add "Historical" CVE status When bootstraping system, all CVEs older than 60 days preset to "Historical" Add CVEs withint 60 days preset to "New" Can be overridden by defect and systaining status imports Preadd Debian data for "New" CVEs Abstraction Add generic Product mappings to defect system ("defect_tag": defect prefix) Add generic Product mappings to product system ("product_tag": product reference, related) Manage functions via "srt" script For example add superuser Normalize Vulnerability to Investigation mapping Replace orm_vulnerabilityproduct with orm_vulnerabilitytoinvestigation General Enable the 'srtool-requirements.txt' Django test Speed the CVE scoring by pre-fetching the datasources Progress display cleanup Move and update srtool_defect prototype to 'bin/yp' Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-08-10Cummulative development update August 2018David Reyna1-0/+10
* Add incremental NIST scans and import to CVE database * Add modified NIST scans and import to CVE database * Moved CVE details out of SRTool database to reduce size * Add CVE details lookup in cached CVE upstream files * Added edit support for Vulnerabilies and Investigations * Comments * Attachments and downloads * Product list * History audit trail * Add Vulnerability and Investigation creation from CVE triage * Add user id to session variables * Add defect import placeholder script * Modularize the fixture files for common versus site-specific setup Signed-off-by: Moayer, Puya <Puya.Moayer@windriver.com> Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-05-15remove WR-isms from template files, update 'toaster' executable to 'srt' ↵David Reyna1-139/+52
executable Signed-off-by: David Reyna <David.Reyna@windriver.com>
2018-05-14Add SRTool updated files version 0.03David Reyna1-0/+314
Signed-off-by: David Reyna <David.Reyna@windriver.com>