-
Notifications
You must be signed in to change notification settings - Fork 180
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GSOC23 - A - Adapt the CVE auditing functionality to depend on OVAL data #7335
Closed
HoussemNasri
wants to merge
100
commits into
uyuni-project:master
from
HoussemNasri:oval-cve-audit-algorithm
Closed
GSOC23 - A - Adapt the CVE auditing functionality to depend on OVAL data #7335
HoussemNasri
wants to merge
100
commits into
uyuni-project:master
from
HoussemNasri:oval-cve-audit-algorithm
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Suggested tests to cover this Pull Request
|
- It's an optimization to enable faster lookups of OVAL resources
- This class is temporary and will be removed when the integration with Uyuni is complete.
- Also, implemented the composite design pattern to enable the evaluation of the criteria tree
- This is a temporary implementation based on JAXB API which consumes a lot of memory. I plan to rewrite it with StAX for better performance.
- Now, it's only used by CVEAuditManagerOVAL and CVEAuditManagerTest
- I miss Kotlin :(
- Test fails with exception 'could not initialize proxy - no Session' otherwise
- Since the hashmap used for caching was defined as a static field, it created collision between testcases
- Because they are irrelevant and their presence could lead to false evaluations
- Now we depend on the real APIs
HoussemNasri
force-pushed
the
oval-cve-audit-algorithm
branch
from
August 2, 2023 20:08
94cdd0d
to
e083e6b
Compare
15 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR change?
This is the first pull request of my GSoC project. The primary goal of the PR is to implement and test the OVAL-based CVE auditing algorithm as described in the associated RFC. It also includes a partial (but sufficient given the OVAL files we aim to consume) implementation of the OVAL definition schema specification.
This implementation only addresses OVALs produced by SUSE. Small changes in the database schema and implementation details are required in order to support other distributions OVALs.
TODO
log.error()
withlog.debug()
What is missing
These are known limitations that will be addressed in subsequent pull requests.
Useful links
GUI diff
No difference.
Documentation
Test coverage
I added unit tests for the TestEvaluator and CVEAuditManagerOVAL classes which contain
Unit tests were added
DONE
Links
Fixes #
Tracks # add downstream PR, if any
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test
(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run: