Skip to content
This repository has been archived by the owner on Feb 15, 2024. It is now read-only.

Commit

Permalink
Merge pull request #74 from RedHatProductSecurity/minor-tweaks
Browse files Browse the repository at this point in the history
Minor tweaks
  • Loading branch information
JimFuller-RedHat authored Mar 10, 2023
2 parents df1f521 + 9b965ce commit dfd2c7a
Show file tree
Hide file tree
Showing 7 changed files with 146 additions and 114 deletions.
50 changes: 45 additions & 5 deletions docs/tutorial.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
## Tutorial (UNDER DEVELOPMENT)

Find products a (latest) Component is in
Find Products that contain latest root Component(s)
> griffon service products-contain-component webkitgtk
One may use the -s flag for strict search
Use -s flag for stricter search
> griffon service products-contain-component -s webkitgtk
And regex expressions
Expand All @@ -16,18 +16,58 @@ Use of -v (up to -vvvv) to get more information
> griffon -vvv service products-contain-component "^webkitgtk(\d)"
> griffon -vvvv service products-contain-component "^webkitgtk(\d)"
Retrieve a product summary
Find Products that contain latest root Component(s) searching both root and dependencies
> griffon service products-contain-component webkitgtk --search-all
Find Products that contain latest root Component searching both root and related_url
> griffon service products-contain-component webkitgtk --search-related-url
Retrieve a Product summary
> griffon service product-summary -s rhel-7.6.z
> griffon --format json service product-summary -s rhel-7.6.z
Retrieve a product manifest
Retrieve a Product manifest containing both latest root Component and dependencies
> griffon service product-components rhel-9.0.0.z
Retrieve a spdx json formatted product manifest
> griffon service product-manifest ansible_automation_platform-2.3 --spdx-json
Retrieve component flaws
> griffon service component-flaws is-svg
> griffon service component-flaws
Retrieve product flaws
> griffon service product-flaws ansible_automation_platform-2 --affectedness AFFECTED --affect-resolution FIX
## Common questions

Given a CVE ID, what products are affected?
> griffon service products-affected-by-flaw CVE-2023-25166
Given a CVE ID, what components are affected?
> griffon service components-affected-by-flaw CVE-2023-25166
What products + version + stream contain a given component (e.g. full
text search)?
> griffon service products-contain-component --purl "pkg:rpm/[email protected]"
> griffon service products-contain-component is-svg --search-all
Which unfixed CVE are affecting a component ?
> griffon service component-flaws --affectedness AFFECTED webkitgtk
Which unfixed CVE are affecting a product + version + stream ?
> griffon service product-flaws ansible_platform_2
What are the fixed CVE of this a product + version + stream?
> griffon service product-flaws rhel-9 --flaw-state DONE
What are the fixed CVEs for a component?
> griffon service component-flaws webkitgtk --flaw-state DONE
What are the won’t fix CVEs for a component?
> griffon service component-flaws webkitgtk --flaw-resolution WONTFIX
What are the won’t fix CVEs for a product?
> griffon service product-flaws rhel-9 --flaw-resolution WONTFIX
How many CVE’s are filed against a product + version
> griffon service product-flaws rhel-9 | wc -l
28 changes: 0 additions & 28 deletions griffon/commands/plugins/exploits.py

This file was deleted.

72 changes: 0 additions & 72 deletions griffon/commands/plugins/mfsa.py

This file was deleted.

37 changes: 32 additions & 5 deletions griffon/commands/queries.py
Original file line number Diff line number Diff line change
Expand Up @@ -103,18 +103,25 @@ def get_product_summary(ctx, product_stream_name, strict_name_search):
help="Generate Affects.",
)
@click.option(
"--search-all",
"search_all",
"--search-latest",
"search_latest",
is_flag=True,
default=False,
help="Search root Components and dependencies.",
help="Search root Components (enabled by default).",
)
@click.option(
"--search-related-url",
"search_related_url",
is_flag=True,
default=False,
help="Search related url.",
help="Search related url (enabled by default).",
)
@click.option(
"--search-all",
"search_all",
is_flag=True,
default=False,
help="Search root Components and dependencies.",
)
@click.option(
"--search-community",
Expand All @@ -123,6 +130,13 @@ def get_product_summary(ctx, product_stream_name, strict_name_search):
default=False,
help="(Not Implemented) Search community Components.",
)
@click.option(
"--search-upstreams",
"search_upstreams",
is_flag=True,
default=False,
help="Search for Components by upstream.",
)
@click.pass_context
@progress_bar
def get_product_contain_component(
Expand All @@ -134,16 +148,29 @@ def get_product_contain_component(
component_type,
strict_name_search,
affect_mode,
search_all,
search_latest,
search_related_url,
search_all,
search_community,
search_upstreams,
):
"""List products of a latest component."""
if not purl and not component_name:
click.echo(ctx.get_help())
click.echo("")
click.echo("Must supply Component name or --purl.")
exit(0)

if (
not search_latest
and not search_all
and not search_related_url
and not search_community
and not search_upstreams
):
ctx.params["search_latest"] = True
ctx.params["search_related_url"] = True

if component_name:
q = query_service.invoke(core_queries.products_containing_component_query, ctx.params)
cprint(q, ctx=ctx)
Expand Down
7 changes: 7 additions & 0 deletions griffon/output.py
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,7 @@ def text_output_products_contain_component(ctx, output, format):
if sources:
source_purl = PackageURL.from_string(sources[0]["purl"])
root_component = f"{source_purl.name}-{source_purl.version}"

dep_name = name.replace(component_name, f"[b]{component_name}[/b]")
dep = f"[white]({dep_name})[/white]"
console.print(
Expand Down Expand Up @@ -229,6 +230,7 @@ def text_output_products_contain_component(ctx, output, format):
root_component = f"{source_purl.name}-{source_purl.version}"
dep_name = name.replace(component_name, f"[b]{component_name}[/b]")
dep = f"[white]({dep_name})[/white]"
related_url = related_url.replace(component_name, f"[b]{component_name}[/b]")
console.print(
Text(ps, style="magenta b u"),
root_component,
Expand Down Expand Up @@ -259,14 +261,19 @@ def text_output_products_contain_component(ctx, output, format):
if sources:
source_purl = PackageURL.from_string(sources[0]["purl"])
root_component = f"{source_purl.name}-{source_purl.version}"
upstream = ""
if item["upstream_purl"]:
upstream = f"[cyan]{item['upstream_purl']}[/cyan]"
dep_name = name.replace(component_name, f"[b]{component_name}[/b]")
dep = f"[white]({dep_name})[/white]"
related_url = related_url.replace(component_name, f"[b]{component_name}[/b]")
console.print(
Text(ps, style="magenta b u"),
root_component,
dep,
related_url,
build_source_url,
upstream,
no_wrap=False,
)

Expand Down
Loading

0 comments on commit dfd2c7a

Please sign in to comment.