feat: Config generator #2699
feat: Config generator #2699
Conversation
There was a problem hiding this comment.
Looks like a good start, but I think we need to be more careful about the options we provide as "default" and I'd like to see it actually generating config for all available options, probably done programmatically from going through the same list that argparse uses in cli.py.
cve_bin_tool/cli.py
Outdated
| LOGGER.error( | ||
| f"Argument --generate-config: invalid choice: {config_type} (choose from 'toml','yaml')" | ||
| ) | ||
| return -1 |
There was a problem hiding this comment.
We had trouble with negative error codes on windows where they're not allowed (and it can give seemingly random numbers as a result) so we shouldn't return -1. Take a look at our existing set of error codes and see if we have a syntax error-y one that suits for this purpose, or make a new one, but definitely don't use -1.
cve_bin_tool/cli.py
Outdated
| elif config_type == "yaml": | ||
| config_generator.config_generate_yaml() | ||
| if args["generate_config"] != "": | ||
| return -1 |
There was a problem hiding this comment.
Flagging this as another place where we need an error code other than -1.
cve_bin_tool/config_generator.py
Outdated
| input: | ||
| # Directory to scan | ||
| directory: test/assets |
There was a problem hiding this comment.
Probably don't actually want to set a scanning directory -- that could result in some pretty surprising behaviour. Maybe leave this line commented out?
| directory: test/assets | |
| # directory: test/assets |
cve_bin_tool/config_generator.py
Outdated
| checker: | ||
| # list of checkers you want to skip | ||
| skips: |
There was a problem hiding this comment.
Ditto for skips and runs values: these would be surprising defaults; we probably want to have it commented out to show the syntax without changing behaviour.
cve_bin_tool/config_generator.py
Outdated
| # update schedule for NVD database (default: daily) | ||
| update: daily | ||
| # set true if you want to autoextract archive files. (default: true) | ||
| extract: true |
There was a problem hiding this comment.
Can we also auto-generate config from the other defaults? e.g. show that the default update method is 'nvd' but give options for json and stuff?
There was a problem hiding this comment.
if config_type not in available_type:
LOGGER.info(config_type)
LOGGER.error(
f"Argument --generate-config: invalid choice: {config_type} (choose from 'toml','yaml')"
)
return 2
elif config_type == "toml":
config_generator.config_generate_toml()
elif config_type == "yaml":
config_generator.config_generate_yaml()Do you need the config_type not in available_type check ? You already have a set of options in the --generate-config option which only allows valid options to be specified.
|
We need some tests adding. |
|
ok I will add test cases. |
Codecov Report
@@ Coverage Diff @@
## main #2699 +/- ##
==========================================
+ Coverage 79.36% 81.90% +2.54%
==========================================
Files 646 649 +3
Lines 9909 10209 +300
Branches 1138 1377 +239
==========================================
+ Hits 7864 8362 +498
+ Misses 1681 1500 -181
+ Partials 364 347 -17
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 21 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
|
@anthonyharrison I have added the test cases can you review them. |
There was a problem hiding this comment.
I think the tests need to be a bit more extensive. The tests just prove that a file is created and checks for the NVD key is in the file. I think we need to check all of the other parameters to ensure that they match the specified values.
It might be useful to allow the config filename to be specified rather than assuming that the file is always called config.toml or config.yaml.
I was also assuming that the config file would store any config values specified on the command line so that cve-bin-tool --offline --generate-config .... would set the offline flag in the config file. This doesn't sem to be done - I think the args array just needs to be passed to the generate functions for this to be done.
|
@anthonyharrison I would add the feature where it parses args and adds it to the config file. Regarding testing, I created a check to ensure that the default file generated by the function config_generator works correctly. Additionally, the current implementation only checks for file names "config.toml" or "config.yaml" since those are the names of the default files generated. |
making config generator dynamic
updating test for config generator
calling function with parameters
|
@anthonyharrison @terriko I have updated the generate config function and test case. Can you review them? |
There was a problem hiding this comment.
@Rexbeast2 This is getting there. However, there is a lot of repeated information in the two file generators and I wonder if there could be a way of optimising it to create a single generator with two simple configuration routitnes -one for a heading and one for the parameters (the only difference for a parameter is whether ithe name is separated from the value by a : or =).. One of the issues we have is that as we add paramters to the tool, we will have to update both generators and it would be good if we only had one to update one as the parameters in the file are 'hard-coded' and it will be easy to miss an update.
There was a problem hiding this comment.
@Rexbeast2 The test probably needs to also test some of the default values as well as those specified on the command line.
|
@anthonyharrison thanks for the review, I will implement your suggestion and update the PR. |
|
@anthonyharrison I have updated the test cases and config generator as well. If there is more that could be improved let me know. |
There was a problem hiding this comment.
The code
if config_type == "toml":
config_generator.config_generator(args, config_type)
elif config_type == "yaml":
config_generator.config_generator(args, config_type)can be simplified to
config_generator.config_generator(args, config_type)In the config_generator, you may want to check that the config_type is only yaml or toml - the code will have undefined variables if the config type isn't valid.
I can't spot any ommisions, but it might be an interesting test to check that all of the elements in the args parameter are included. Maybe add a debug statement to the generator?
|
This is looking closer. It's probably not a perfect solution yet but it might be close enough to merge it and then iterate as needed. I'm going to update the branch and re-run the windows tests that were failing before doing a more careful code review. (it might not happen until next week) |
terriko
added
awaiting maintainer
fixes #2573