diff --git a/conf/reposcan.env b/conf/reposcan.env index 4cdfdae0c..1fe9a8afa 100644 --- a/conf/reposcan.env +++ b/conf/reposcan.env @@ -34,3 +34,4 @@ SYNC_REPOS=yes SYNC_CVE_MAP=yes SYNC_CPE=yes SYNC_OVAL=yes +SYNC_CSAF=yes diff --git a/vmaas/reposcan/mnm.py b/vmaas/reposcan/mnm.py index 5f7dec4dd..038c92b7d 100644 --- a/vmaas/reposcan/mnm.py +++ b/vmaas/reposcan/mnm.py @@ -42,5 +42,6 @@ CSAF_FAILED_DOWNLOAD = Counter('vmaas_reposcan_failed_csaf_download', '# of failed csaf-download attempts') CSAF_FAILED_DELETE = Counter('vmaas_reposcan_failed_csaf_delete', '# of failed csaf-delete attempts') +CSAF_FAILED_IMPORT = Counter('vmaas_reposcan_failed_csaf_import', '# of failed csaf-import attempts') REPOS_TO_CLEANUP = Gauge('vmaas_reposcan_repos_cleanup', '# of repos to cleanup from DB') diff --git a/vmaas/reposcan/reposcan.py b/vmaas/reposcan/reposcan.py index 9d2899488..6691a4486 100755 --- a/vmaas/reposcan/reposcan.py +++ b/vmaas/reposcan/reposcan.py @@ -29,9 +29,10 @@ from vmaas.reposcan.dbchange import DbChangeAPI from vmaas.reposcan.exporter import main as export_data, fetch_latest_dump from vmaas.reposcan.mnm import ADMIN_REQUESTS, FAILED_AUTH, FAILED_IMPORT_CVE, FAILED_IMPORT_CPE, OVAL_FAILED_IMPORT, \ - FAILED_IMPORT_REPO, REPOS_TO_CLEANUP, REGISTRY + CSAF_FAILED_IMPORT, FAILED_IMPORT_REPO, REPOS_TO_CLEANUP, REGISTRY from vmaas.reposcan.pkgtree import main as export_pkgtree, PKGTREE_FILE from vmaas.reposcan.redhatcpe.cpe_controller import CpeController +from vmaas.reposcan.redhatcsaf.csaf_controller import CsafController from vmaas.reposcan.redhatcve.cvemap_controller import CvemapController from vmaas.reposcan.redhatoval.oval_controller import OvalController from vmaas.reposcan.repodata.repository_controller import RepositoryController @@ -67,6 +68,7 @@ SYNC_CVE_MAP = strtobool(os.getenv("SYNC_CVE_MAP", "yes")) SYNC_CPE = strtobool(os.getenv("SYNC_CPE", "yes")) SYNC_OVAL = strtobool(os.getenv("SYNC_OVAL", "yes")) +SYNC_CSAF = strtobool(os.getenv("SYNC_CSAF", "yes")) class TaskStatusResponse(dict): @@ -740,6 +742,39 @@ def metrics(): return generate_latest(REGISTRY), 200, {'Content-Type': 'text/plain; charset=utf-8'} +class CsafSyncHandler(SyncHandler): + """Handler for CSAF sync API.""" + + task_type = "Sync CSAF metadata" + + @classmethod + def put(cls, **kwargs): + """Sync CSAF metadata.""" + + status_code, status_msg = cls.start_task() + return status_msg, status_code + + @staticmethod + def run_task(*args, **kwargs): + """Function to start syncing CSAFs.""" + try: + init_logging() + init_db() + controller = CsafController() + controller.store() + except Exception as err: # pylint: disable=broad-except + msg = "Internal server error <%s>" % hash(err) + LOGGER.exception(msg) + CSAF_FAILED_IMPORT.inc() + DatabaseHandler.rollback() + if isinstance(err, DatabaseError): + return "DB_ERROR" + return "ERROR" + finally: + DatabaseHandler.close_connection() + return "OK" + + def all_sync_handlers() -> list: """Return all sync-handlers selected using env vars.""" handlers = [] @@ -748,6 +783,7 @@ def all_sync_handlers() -> list: handlers.extend([CvemapSyncHandler] if SYNC_CVE_MAP else []) handlers.extend([CpeSyncHandler] if SYNC_CPE else []) handlers.extend([OvalSyncHandler] if SYNC_OVAL else []) + handlers.extend([CsafSyncHandler] if SYNC_CSAF else []) return handlers diff --git a/vmaas/reposcan/reposcan.spec.yaml b/vmaas/reposcan/reposcan.spec.yaml index b79ac8f48..a1582e065 100644 --- a/vmaas/reposcan/reposcan.spec.yaml +++ b/vmaas/reposcan/reposcan.spec.yaml @@ -197,6 +197,16 @@ paths: tags: - Sync + /sync/csaf: + put: + summary: Sync CSAF metadata + operationId: vmaas.reposcan.reposcan.CsafSyncHandler.put + <<: *secured + responses: + <<: *sync_responses + tags: + - Sync + /export/pkgtree: put: summary: Export package tree