Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(nvd): allow fetching of issues from 2021 to now #247 #250

Merged
merged 33 commits into from
Sep 25, 2024
Merged

feat(nvd): allow fetching of issues from 2021 to now #247 #250

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
299f5a1
chore: WIP for basic matching
drochow Sep 4, 2024
7ed5e72
chore: updated eventHandler initialization in tests
drochow Sep 4, 2024
5261e03
Change EventHandler signature and logic
dorneanu Sep 4, 2024
4052caa
Fix tests
dorneanu Sep 4, 2024
d4c547a
Add more tests regarding concurrent processing
dorneanu Sep 4, 2024
f6dc244
chore: refactored function for lower coginitive complexity & fixed logic
drochow Sep 5, 2024
f5516c9
Merge remote-tracking branch 'origin/basic_matching' into basic_matching
drochow Sep 5, 2024
2e30a5f
First implementation
dorneanu Sep 5, 2024
c50a1f5
Wip
dorneanu Sep 6, 2024
af12829
Fix tests
dorneanu Sep 6, 2024
7b379ea
Fixing tests part 2
dorneanu Sep 9, 2024
fc945bc
Implement tests for BuildIssueVariantMap
dorneanu Sep 11, 2024
a77f674
Fix tests
dorneanu Sep 11, 2024
3e1afdf
Wip
dorneanu Sep 16, 2024
a19088e
Merge branch 'main' into issue_188/Implement_Service_Issue_Repository…
drochow Sep 16, 2024
23df030
chore(deps): bump github.com/prometheus/client_golang (#210)
dependabot[bot] Sep 10, 2024
674ded8
chore(deps): bump golang from 1.23.0 to 1.23.1 (#211)
dependabot[bot] Sep 10, 2024
2593761
Add tests for handling issue repositories with different priorities
dorneanu Sep 17, 2024
67f946b
Merge branch 'main' into issue_188/Implement_Service_Issue_Repository…
drochow Sep 18, 2024
90c48b6
chore: removed changes unrelated to this feature
drochow Sep 18, 2024
b03d51e
fix: fixed imports
drochow Sep 18, 2024
402362a
Merge branch 'main' into issue_168/dorneanu
drochow Sep 18, 2024
9fc1278
fix: fixed imports
drochow Sep 18, 2024
ea93205
Improve tests
dorneanu Sep 18, 2024
15d7211
Merge branch 'refs/heads/issue_188/Implement_Service_Issue_Repository…
drochow Sep 19, 2024
9fa4b98
Merge remote-tracking branch 'origin/issue_168/dorneanu' into issue_1…
drochow Sep 19, 2024
7d87315
resolve issues
MR2011 Sep 24, 2024
92da5b4
Merge branch 'main' into issue_168/dorneanu
MR2011 Sep 24, 2024
3506cd7
Merge branch 'main' into issue_168/dorneanu
drochow Sep 25, 2024
659880a
Merge remote-tracking branch 'origin/issue_168/dorneanu' into issue_1…
drochow Sep 25, 2024
dc0b1e0
feat(scanner/nvd): Adding possibility to fetch NVD from 2001
drochow Sep 25, 2024
3d8be4d
Merge branch 'refs/heads/main' into drochow/issue-247/nvd-improvements
drochow Sep 25, 2024
5a35ee0
feat: made time window configurable
drochow Sep 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion internal/app/issue_repository/issue_repository_handler_events.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
package issue_repository

import (
"github.com/sirupsen/logrus"
"github.com/cloudoperators/heureka/internal/app/event"
"github.com/cloudoperators/heureka/internal/database"
"github.com/cloudoperators/heureka/internal/entity"
"github.com/sirupsen/logrus"
)

const (
Expand Down
1 change: 0 additions & 1 deletion internal/app/service/service_handler_events.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ import (
"github.com/cloudoperators/heureka/internal/app/event"
"github.com/cloudoperators/heureka/internal/database"
"github.com/cloudoperators/heureka/internal/entity"
"github.com/sirupsen/logrus"
)

const (
Expand Down
92 changes: 68 additions & 24 deletions scanner/nvd/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,13 @@ package main

import (
"fmt"
"os"
"time"

"github.com/cloudoperators/heureka/scanner/nvd/models"
p "github.com/cloudoperators/heureka/scanner/nvd/processor"
s "github.com/cloudoperators/heureka/scanner/nvd/scanner"
"github.com/kelseyhightower/envconfig"
log "github.com/sirupsen/logrus"
"github.com/cloudoperators/heureka/scanner/nvd/models"
"github.com/cloudoperators/heureka/scanner/nvd/processor"
"github.com/cloudoperators/heureka/scanner/nvd/scanner"
"os"
"time"
)

func init() {
Expand All @@ -30,22 +29,36 @@ func init() {
log.SetReportCaller(true)
}

func main() {
var scannerCfg scanner.Config
err := envconfig.Process("heureka", &scannerCfg)
func startTimeWindow(scanner *s.Scanner, processor *p.Processor, config s.Config) error {

startTime, err := time.Parse("2006-01-02", config.StartDate)

absoluteEnd := time.Now()
if config.EndDate != "" {
absoluteEnd, err = time.Parse("2006-01-02", config.EndDate)
}

if err != nil {
log.WithFields(log.Fields{
"errror": err,
}).Warn("Couldn't initialize scanner config")
return err
}
scanner := scanner.NewScanner(scannerCfg)

t := time.Now()
yearToday, monthToday, dayToday := time.Now().Date()
today := fmt.Sprintf("%d-%02d-%02dT23:59:59.000", yearToday, monthToday, dayToday)
yearYesterday, monthYesterday, dayYesterday := t.AddDate(0, 0, -1).Date()
yesterday := fmt.Sprintf("%d-%02d-%02dT00:00:00.000", yearYesterday, monthYesterday, dayYesterday)
endTime := startTime.AddDate(0, 2, 0)

for endTime.Before(absoluteEnd) {
startYear, startMonth, startDay := startTime.Date()
endYear, endMonth, endDay := endTime.Date()
start := fmt.Sprintf("%d-%02d-%02dT23:59:59.000", startYear, startMonth, startDay)
end := fmt.Sprintf("%d-%02d-%02dT23:59:59.000", endYear, endMonth, endDay)

scanAndProcess(scanner, processor, start, end)

startTime = startTime.AddDate(0, 2, 0)
endTime = endTime.AddDate(0, 2, 0)
}
return nil
}

func scanAndProcess(scanner *s.Scanner, processor *p.Processor, yesterday string, today string) {
filter := models.CveFilter{
PubStartDate: yesterday,
PubEndDate: today,
Expand All @@ -58,29 +71,60 @@ func main() {
}).Error("Couldn't get CVEs")
}

var processorCfg processor.Config
for _, cve := range cves {
err = processor.Process(&cve.Cve)
if err != nil {
log.WithFields(log.Fields{
"error": err,
"CVEID": &cve.Cve.Id,
}).Warn("Couldn't process CVE")
}
}
}

func main() {
var err error
var scannerCfg s.Config
err = envconfig.Process("heureka", &scannerCfg)
if err != nil {
log.WithFields(log.Fields{
"error": err,
}).Warn("Couldn't initialize scanner config")
}
scanner := s.NewScanner(scannerCfg)

var processorCfg p.Config
err = envconfig.Process("heureka", &processorCfg)
if err != nil {
log.WithFields(log.Fields{
"error": err,
}).Error("Couldn't configure new processor")
}

processor := processor.NewProcessor(processorCfg)
processor := p.NewProcessor(processorCfg)
err = processor.Setup()
if err != nil {
log.WithFields(log.Fields{
"error": err,
}).Error("Couldn't setup new processor")
}

for _, cve := range cves {
err = processor.Process(&cve.Cve)
if scannerCfg.StartDate != "" {
err = startTimeWindow(scanner, processor, scannerCfg)
if err != nil {
log.WithFields(log.Fields{
"error": err,
"CVEID": &cve.Cve.Id,
}).Warn("Couldn't process CVE")
}).Error("Couldn't fetch CVEs for time window")
}
} else {
t := time.Now()
yearToday, monthToday, dayToday := time.Now().Date()
today := fmt.Sprintf("%d-%02d-%02dT23:59:59.000", yearToday, monthToday, dayToday)

yearYesterday, monthYesterday, dayYesterday := t.AddDate(0, 0, -2).Date()
yesterday := fmt.Sprintf("%d-%02d-%02dT00:00:00.000", yearYesterday, monthYesterday, dayYesterday)

scanAndProcess(scanner, processor, yesterday, today)
}

}
1 change: 0 additions & 1 deletion scanner/nvd/processor/processor.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,6 @@ func (p *Processor) Setup() error {
"issueRepositoryId": p.IssueRepositoryId,
}).Info("Created new IssueRepository")
} else {

// Extract IssueRepositoryId
for _, ir := range listRepositoriesResp.IssueRepositories.Edges {
log.Debugf("nodeId: %s", ir.Node.Id)
Expand Down
2 changes: 2 additions & 0 deletions scanner/nvd/scanner/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
package scanner

type Config struct {
StartDate string `envconfig:"NVD_START_DATE" default:"" json:"-"`
EndDate string `envconfig:"NVD_END_DATE" default:"" json:"-"`
NvdApiUrl string `envconfig:"NVD_API_URL" required:"true" json:"-"`
NvdApiKey string `envconfig:"NVD_API_KEY" required:"true" json:"-"`
// default value and maximum allowable limit is 2,000
Expand Down
Loading