[GSoC23] - A - Implement OVAL parser #7227
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR change?
Overview
This PR implements the OVAL parser component as stated in the CVE Auditing with OVAL RFC. The parser is responsible for transforming an OVAL file to an
OVALRootType
Java object from which we can access all OVAL constructs from Java. The OVAL types are defined under theovaltypes
package. The types don't always have the same name as stated in the OVAL specs to have more compact names (.e.g. CheckEnum instead of CheckEnumeration) but they can be easily inferred by eye or by looking at the@XmlType
annotation above the type definition.Another important addition of the PR is an implementation of the Test evaluation algorithm stated in the OVAL specification. The implementation is capable of the evaluation of
rpminfo_test
anddpkginfo_test
types, which are basically tests for checking the existence of certain RPM or DPKG packages (with specific versions sometimes) on systems. It is a very limited implementation but with it, we can evaluate all the tests that exist in the OVAL files we're aiming at consuming.This also implements the evaluation of criteria trees by the delegation of test evaluations to
TestEvaluator
. SeeCriteriaType#evaluate
andCriterionType#evaluate
.Usage
Given that the parser is currently detached from the rest of the codebase and can't be accessed from UI, this is a small guide on how to play around with the parser:
Parse an OVAL file
Get TestType by id
Evaluate criteria tree
Note
Please note that this is not the final parser to be used in production. As stated in #7108, JAXB-based parsers, which is what the current parser is based on, are memory hangry and can cause performance problems in production environments with limited memory constraints. However, to keep this pull request small and concise I decided to implement the StAX-based OVAL parser at a later stage. In the meantime, I haven't encountered any performance degradation while using the current parser.
TODO
OvalRootType#getObjects
returnList<ObjectType>
GUI diff
No difference.
Documentation
No documentation needed
Test coverage
Unit tests were added
Links
openSUSE/mentoring#197
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test
(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run: