Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ingestion fixes, auto-create vulnerabilities using upsert #532

Merged
merged 6 commits into from
Jul 16, 2024
Merged

Ingestion fixes, auto-create vulnerabilities using upsert #532

merged 6 commits into from
Jul 16, 2024

Conversation

ctron
Copy link
Contributor

@ctron ctron commented Jul 11, 2024
edited
Loading

This PR adds a few tests for re-ingesting documents. It also fixes issues alongside those. Most notably, it auto-creates vulnerabilities and switches the creation of those to an upsert model.

@ctron ctron mentioned this pull request Jul 11, 2024
Closed
@ctron ctron force-pushed the feature/reingest_osv_1 branch 2 times, most recently from d052c8d to 07dd1ef Compare July 12, 2024 12:31
@ctron ctron marked this pull request as ready for review July 12, 2024 12:32
@ctron ctron changed the title test: add a test for re-ingesting OSV files Ingestion fixes, auto-create vulnerabilities using upsert Jul 15, 2024
bobmcwhirter
bobmcwhirter approved these changes Jul 15, 2024
View reviewed changes
Copy link
Contributor

@bobmcwhirter bobmcwhirter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We also need some changes in the fundamental VulnerabilityService to avoid the stupid-ass workaround I put there for synthesizing vulnerabilities from the advisory_vuln table when no row existed in the vuln table.

modules/ingestor/src/graph/organization.rs
impl super::Graph {
impl Graph {
#[instrument(skip(self, tx), err)]
pub async fn get_organizations(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

related: I'd still argue we should be deleting get_plurals() and defer that ish to the appropriate fundamental Service.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Created a tracking issue: #547

@ctron
Copy link
Contributor Author

ctron commented Jul 15, 2024

We also need some changes in the fundamental VulnerabilityService to avoid the stupid-ass workaround I put there for synthesizing vulnerabilities from the advisory_vuln table when no row existed in the vuln table.

Ah yes. I'll fix this as part of this PR.

@ctron
refactor: only retrieve actual vulnerabilities
8faa1c5 
Align the code with the ingestion module, only returning actual
vulnerabilities.
@ctron
Copy link
Contributor Author

ctron commented Jul 15, 2024

@bobmcwhirter I updated the PR and dropped the special handling for the advisory_vulns.

@ctron ctron mentioned this pull request Jul 15, 2024
Open
@ctron ctron added this pull request to the merge queue Jul 16, 2024
Merged via the queue into trustification:main with commit 4e4d514 Jul 16, 2024
1 check passed
@ctron ctron deleted the feature/reingest_osv_1 branch July 16, 2024 07:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bobmcwhirter bobmcwhirter bobmcwhirter approved these changes

@dejanb dejanb dejanb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ctron @bobmcwhirter @dejanb