aboutsummaryrefslogtreecommitdiffstats
path: root/bin/common/srtool_update.py
AgeCommit message (Collapse)Author
2023-10-13srtool: bulk update to SRTool version 2.01David Reyna
Enhancements include: * Django 4 support * Transition to dict for backend SQL recordsi * Update CVE sources to 2023 * Progress bars * User triggered datasource execution * Enhanced backgroup task management * User timezones * Support and migration for Postgres * Support for HTTPS front end Signed-off-by: David Reyna <David.Reyna@windriver.com>
2020-01-12Bug 13734 - cumulative deployment features and fixesDavid Reyna
srtool: cumulative deployment features and fixes High level new features: * Publishing support to external/public databases * Ability to label products as "active", "inactive", "under development" Inactive (EOL) products appear but * Do not affect status propagation * Do not auto-create defects Development product status is not exported to pubic database * Extend NIST download range to 2002..2019 * Added MITRE downloads to provide RESERVED tracking * Extended audit history tracking and meta-data * Delete CVE records * Ability to do "OR" searches (default is "AND") Example: "CVE-2019-20095 OR CVE-2019-20096 OR CVE-2019-19977" * Automated defect creation (Jira) If selected, creates customer defect for selected and active products Reuse existing defect if present for given product * Many small sorting, readability, edge case fixes Backups: * Add meta-data stamp file for each backup * Save daily backups with day name instead of day number * Preserve file dates when making copies to backup * Add list command Automated Updates: * Fix report format * Add trial run test Utilities: * Add 13 new database fix up procedures Some are one-shot historical fixes, some are learned validation checks Database Schema: * Add "SRTool" class to wrap shared enumerations (e.g. Priority) * Add "Update" class to tag and track audit trail objects * Change Priority naming to match CVE model instead of JIRA * Add srt_created/srt_updated to CVE/Vul/Inv/Notify for improved updating and auditing * Add to Defect the SRT versions of Status, Priority, Outcome To distinguish these from the customer's defect system's values Common Tools: * Fix new CVE auto-scoring to skip CVE's already scored (though still NEW) * Add automated propagation of Defects/Investigations status to parent Vulnerabilities See "srtool_common.py" for rule details CVEs: * Add MITRE as an automatic upstream source This is to specifically capture all of the "RESERVED" CVE enumerations which will not appear in the MIST databases, and have the CVE records in place for internal investigations and transitions to "public" status. * Spell out the command arguments in the NIST data source files for greater legibility * Change Priority naming to match CVE instead of JIRA * Add parallel status states for "inactive" products This specifically blocks state propagation from inactive objects to active objects NIST management script: * Refactor file for greater clarity * Reorder methods to reflect workflow order * Fully spell out names of objects * Remove temporary holding class "CVE" in favor of dictionary objects * Debugging enhancements * Incremental update commands for stepped debugging For example, ability to fetch/update specific CVE(s) * Additional debugging flags [YOCTO #13734] Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-02-20srtool_update: improve update reporting and schedulingDavid Reyna
Track the current running update task in ".srtupdate.task" to help track background update activity and overhead. Make calls to the update start/stop absolute paths to help track active SRTool tasks, especially between multiple servers. Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-31srtool-updates: improve update reportingDavid Reyna
Add time till next update in update verbose output. Indicate in table display when a datasource has an update policy but no update script. Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-16srtool: pylint for the bin toolsDavid Reyna
Fix the pylint errors in the bin directory tools. The pylint command was: $ PYTHONPATH=./lib:./bin pylint3 --load-plugins pylint_django bin --disable=C,R,unused-variable,unused-wildcard-import,redefined-outer-name,unused-argument,fixme,bare-except,broad-except,redefined-builtin,unnecessary-pass,logging-not-lazy,wildcard-import | tee srt_bin_pylint.txt The currently allowed exceptions are: W0603: Using the global statement (global-statement) W0611: Unused ORM imported from srt_schema (unused-import) Also, remove the obsolete 'bin/common/srtool_defect.py' and skip the need to pylint it altogether. Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-15srtool: separate lastUpdatedDate, enforce date formatDavid Reyna
* Add lastUpdatedDate to track when data source was updated * Leave lastModifedDate to track upstream dates * Introduce DataSource.DATETIME_FORMAT and ORM.DATASOURCE_DATETIME_FORMAT to enforce date formatting in the lib and bin code * Explicitly set 'nocache' for the data source page, so the refresh will always show the latest [YOCTO #13131] Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-14srtool: updates cleanup #2David Reyna
Clean up after pull from RBurton pylint updates * Protect against missing CVE lookup call * Protect against disabled defect tool when creating defects * Repair CVE 'score_date' data field default * Update tool typos for formatting Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-14srtool: auto-update support cleanupDavid Reyna
Add backgroup data source updates cleanup * Add robust method for scanning ORM string lists * Fix DATASOURCE_FREQUENCY_STR ORM string list * Adjust '--list' columns [YOCTO #13131] Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-14srtool: complete auto-update supportDavid Reyna
Complete the support for backgroup data source updates: * Add cron-start,cron-stop to srtool_update * Have cron update run as a user space script to avoid sudo * Hook cron-start,cron-stop into srt start,stop * Add list command to show update sources * Have force command propagate to update script calls, and add force option to all source scripts * Add 'srt manage update ...' for access to the update functions * Add flag SRT_SKIP_AUTOUPDATE and srt option noautoupdate to disable the automatic update app for development assistance Related Fixes: * Set the schema generator to always update on startup (13138) * Fix CVE 'recommend' default to the integer zero (13139) with auto-fix at startup for existing databases [YOCTO #13131] [YOCTO #13138] [YOCTO #13139] Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-13srtool: fix core update implementationDavid Reyna
Fix the data source update mechanism: * Move the update functions to "bin/common/srtool_update.py" * Remove 'lastModifiedDate' from the data source JSON files (since every restart overwrites any updated values) * Change the 'update_time' field to a dictionary of offset values e.g. "{\"weekday\":\"6\",\"hour\":\"2\"}" = day of week, hour of day * Implement the update frequency calculations * Implement data source name filters for selected manual updates * Add a log status file [YOCTO #13131] Signed-off-by: David Reyna <David.Reyna@windriver.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-14 21:56:02 +0000