From 32f91efa9fd936d67f81a9a0b519fdae830ff0de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Dugovi=C4=8D?= Date: Fri, 15 Nov 2024 18:46:17 +0100 Subject: [PATCH] feat(webapp): add go controller for cves endpoint RHINENG-13545 --- deploy/clowdapp.yaml | 5 ++++ vmaas-go/base/utils/config.go | 2 ++ vmaas-go/webapp/controllers/cves.go | 44 ++++++++++++++++++++++++++++ vmaas-go/webapp/controllers/utils.go | 41 ++++++++++++++++++++------ vmaas-go/webapp/routes/routes.go | 6 ++++ 5 files changed, 89 insertions(+), 9 deletions(-) create mode 100644 vmaas-go/webapp/controllers/cves.go diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml index c18c7d679..ea82e1616 100644 --- a/deploy/clowdapp.yaml +++ b/deploy/clowdapp.yaml @@ -51,6 +51,8 @@ objects: value: ${NEWER_RELEASEVER_REPOS} - name: NEWER_RELEASEVER_CSAF value: ${NEWER_RELEASEVER_CSAF} + - name: ENABLE_GO_CVES + value: ${ENABLE_GO_CVES} resources: limits: cpu: ${CPU_LIMIT_WEBAPP_GO} @@ -494,3 +496,6 @@ parameters: value: "true" - name: DB_DUMP_BUCKET value: insights-vmaas-dump-storage +- name: ENABLE_GO_CVES + description: Enable go implementation of the cves endpoint + value: "false" diff --git a/vmaas-go/base/utils/config.go b/vmaas-go/base/utils/config.go index 3fda49ccb..cca8fd67a 100644 --- a/vmaas-go/base/utils/config.go +++ b/vmaas-go/base/utils/config.go @@ -45,6 +45,7 @@ type Config struct { LogStyle string CacheRefreshInterval time.Duration EnableProfiler bool + EnableGoCves bool // lib UnfixedEvalEnabled bool @@ -134,6 +135,7 @@ func initEnv() { Cfg.VmaasLibMaxGoroutines = GetIntEnvOrDefault("VMAAS_LIB_MAX_GOROUTINES", 20) Cfg.NewerReleaseverRepos = GetBoolEnvOrDefault("NEWER_RELEASEVER_REPOS", true) Cfg.NewerReleaseverCsaf = GetBoolEnvOrDefault("NEWER_RELEASEVER_CSAF", true) + Cfg.EnableGoCves = GetBoolEnvOrDefault("ENABLE_GO_CVES", false) } func (e *Endpoint) BuildURL(scheme string) string { diff --git a/vmaas-go/webapp/controllers/cves.go b/vmaas-go/webapp/controllers/cves.go new file mode 100644 index 000000000..a744489f7 --- /dev/null +++ b/vmaas-go/webapp/controllers/cves.go @@ -0,0 +1,44 @@ +package controllers + +import ( + "net/http" + + "github.com/gin-gonic/gin" + "github.com/redhatinsights/vmaas-lib/vmaas" + "github.com/redhatinsights/vmaas/base/core" + "github.com/redhatinsights/vmaas/base/utils" +) + +func CvesHandler(c *gin.Context) { + if !isCacheLoaded(c) { + return + } + cve := c.Param("cve") + req := vmaas.CvesRequest{Cves: []string{cve}} + + res, err := core.VmaasAPI.Cves(&req) + if err != nil { + utils.LogAndRespError(c, err) + return + } + c.JSON(http.StatusOK, res) +} + +func CvesPostHandler(c *gin.Context) { + if !isCacheLoaded(c) { + return + } + req := vmaas.CvesRequest{} + err := bindValidateJSON(c, &req) + if err != nil { + utils.LogAndRespBadRequest(c, err) + return + } + + cves, err := core.VmaasAPI.Cves(&req) + if err != nil { + utils.LogAndRespError(c, err) + return + } + c.JSON(http.StatusOK, cves) +} diff --git a/vmaas-go/webapp/controllers/utils.go b/vmaas-go/webapp/controllers/utils.go index 3264f3a8a..5ca57c660 100644 --- a/vmaas-go/webapp/controllers/utils.go +++ b/vmaas-go/webapp/controllers/utils.go @@ -3,6 +3,7 @@ package controllers import ( "errors" "fmt" + "strings" "github.com/gin-gonic/gin" "github.com/redhatinsights/vmaas-lib/vmaas" @@ -10,20 +11,42 @@ import ( "github.com/redhatinsights/vmaas/base/utils" ) -func bindValidateJSON(c *gin.Context, request *vmaas.Request) error { +func bindValidateJSON(c *gin.Context, request interface{}) error { if request == nil { - return fmt.Errorf("nil vmaas request") + return errors.New("nil vmaas request") } if err := c.BindJSON(request); err != nil { + errMessage := err.Error() + if strings.HasPrefix(errMessage, "parsing time") { + parts := strings.Split(errMessage, `"`) + var timestamp string + if len(parts) > 1 { + timestamp = parts[1] + } + return fmt.Errorf("wrong date format (not ISO format with timezone): '%s'", timestamp) + } + if strings.HasSuffix(errMessage, "looking for beginning of value") { + parts := strings.Split(errMessage, ` `) + var invalidChar string + if len(parts) > 2 { + invalidChar = parts[2] + } + return fmt.Errorf("malformed input: invalid character '%s'", invalidChar) + } + if errMessage == "EOF" { + return errors.New("request body must not be empty") + } return err } - // validate module name:stream - for i, m := range request.Modules { - if m.Module == nil { - return fmt.Errorf("'module_name' is a required property - 'modules_list.%d'", i) - } - if m.Stream == nil { - return fmt.Errorf("'module_stream' is a required property - 'modules_list.%d'", i) + + if reqest, ok := (request).(*vmaas.Request); ok { + for i, m := range reqest.Modules { + if m.Module == nil { + return fmt.Errorf("'module_name' is a required property - 'modules_list.%d'", i) + } + if m.Stream == nil { + return fmt.Errorf("'module_stream' is a required property - 'modules_list.%d'", i) + } } } return nil diff --git a/vmaas-go/webapp/routes/routes.go b/vmaas-go/webapp/routes/routes.go index 4b86ffb5b..f6a2461f5 100644 --- a/vmaas-go/webapp/routes/routes.go +++ b/vmaas-go/webapp/routes/routes.go @@ -3,6 +3,7 @@ package routes import ( "github.com/gin-contrib/gzip" "github.com/gin-gonic/gin" + "github.com/redhatinsights/vmaas/base/utils" "github.com/redhatinsights/vmaas/webapp/controllers" ) @@ -12,4 +13,9 @@ func InitAPI(api *gin.RouterGroup) { api.POST("/updates", controllers.UpdatesPostHandler) api.GET("/vulnerabilities/:package", controllers.VulnerabilitiesHandler) api.POST("/vulnerabilities", controllers.VulnerabilitiesPostHandler) + + if utils.Cfg.EnableGoCves { + api.GET("/cves/:cve", controllers.CvesHandler) + api.POST("/cves", controllers.CvesPostHandler) + } }