[GSOC23] - D - Add support for SLE & Leap Micro OVAL-based CVE auditing #7511
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- It's an optimization to enable faster lookups of OVAL resources
- This class is temporary and will be removed when the integration with Uyuni is complete.
- Also, implemented the composite design pattern to enable the evaluation of the criteria tree
- This is a temporary implementation based on JAXB API which consumes a lot of memory. I plan to rewrite it with StAX for better performance.
- Add OVALPackageTest entity - Add OVALPackageState entity - Add OVALPackageVersionStateEntity entity - Add OVALPackageEvrStateEntity entity - Add OVALPackageObject entity - Add OVALDefinition entity - Add OVALPlatform entity - Add OVALReference entity - Add OVALPackageArchStateEntity entity - Add OVALVulnerablePackage entity - Add OVALPlatformVulnerablePackage entity
- Without implementation
- Right now we're only processing vulnerability definitions which reference one cve per definition, so it's redundant to have a list of cves when it's going to always have one element.
- This column represents the source from which we fetched the definition
…eap are not supported by Uyuni
- Now, we only need to save vulnerable packages to the database
This way users could plug their own sources.
Suggested tests to cover this Pull Request
|
HoussemNasri
force-pushed
the
support-suse-micro
branch
from
90720bb
to
103535f
Compare
|
This pull request is so tiny, so to not have to maintain another pull request, I merged its changes into PR B |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
NOTE: Please start the review from commit e1ddb22, the other commits are reviewed in #7509.
What does this PR change?
Adds support for openSUSE Leap Micro and SLE Micro OVAL-based CVE auditing.
GUI diff
No difference.
Before:
After:
Documentation
No documentation needed: add explanation. This can't be used if there is a GUI diff
No documentation needed: only internal and user invisible changes
Documentation issue was created: Link for SUSE Manager contributors, Link for community contributors.
API documentation added: please review the Wiki page Writing Documentation for the API if you have any changes to API documentation.
(OPTIONAL) Documentation PR
DONE
Test coverage
No tests: add explanation
No tests: already covered
Unit tests were added
Cucumber tests were added
DONE
Links
Fixes #
Tracks # add downstream PR, if any
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run: