Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rhel: deprecate RHCC updater in favor of VEX updater #1385

Merged
merged 1 commit into from
Dec 16, 2024
Merged

rhel: deprecate RHCC updater in favor of VEX updater #1385

merged 1 commit into from
Dec 16, 2024

Conversation

crozzy
Copy link
Contributor

@crozzy crozzy commented Aug 19, 2024

We can extract vulnerability information about containers from the VEX data. This negates the need to look for it in the cvemap.xml file. This change modifies the VEX updater to allow for ingesting vulnerabilities in a way that can be matched my the RHCC matcher.

@crozzy crozzy force-pushed the rhcc-updater-deprication branch from 9e580e6 to 920e2f9 Compare August 19, 2024 18:09
@crozzy crozzy force-pushed the rhcc-updater-deprication branch 7 times, most recently from 30cf3ba to 50b3135 Compare September 11, 2024 22:38
@codecov Codecov
Copy link

codecov bot commented Sep 11, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 66.29213% with 60 lines in your changes missing coverage. Please review.

Project coverage is 55.20%. Comparing base (7088f7b) to head (b4e7c0e).

Files with missing lines Patch % Lines
rhel/vex/parser.go 67.64% 33 Missing and 11 partials ⚠️
rhel/vex/test_common.go 65.00% 7 Missing and 7 partials ⚠️
rhel/rhcc/matcher.go 0.00% 1 Missing ⚠️
rhel/rhcc/scanner.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1385      +/-   ##
==========================================
- Coverage   55.41%   55.20%   -0.21%     
==========================================
  Files         282      281       -1     
  Lines       17890    17834      -56     
==========================================
- Hits         9914     9846      -68     
- Misses       6934     6946      +12     
  Partials     1042     1042

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@crozzy crozzy force-pushed the rhcc-updater-deprication branch from 50b3135 to 407a742 Compare September 12, 2024 15:45
RTann
RTann reviewed Sep 19, 2024
View reviewed changes
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/updater.go Outdated Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch 2 times, most recently from db52f7a to 286c7c3 Compare September 23, 2024 21:38
@crozzy crozzy requested a review from RTann September 23, 2024 21:41
RTann
RTann reviewed Sep 23, 2024
View reviewed changes
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from 286c7c3 to b4e7c0e Compare September 24, 2024 17:57
@crozzy crozzy requested a review from RTann September 25, 2024 17:04
RTann
RTann reviewed Oct 1, 2024
View reviewed changes
rhel/rhcc/rhcc.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Outdated Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from b4e7c0e to 275c77c Compare October 8, 2024 18:45
@crozzy crozzy requested a review from RTann October 8, 2024 18:45
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from 275c77c to a14ba64 Compare October 8, 2024 18:46
@crozzy crozzy marked this pull request as ready for review October 10, 2024 22:06
@crozzy crozzy requested a review from a team as a code owner October 10, 2024 22:06
RTann
RTann reviewed Oct 10, 2024
View reviewed changes
rhel/vex/test_common.go Show resolved Hide resolved
test/rhel/rhcc_matcher_integration_test.go Outdated Show resolved Hide resolved
test/rhel/rhcc_matcher_integration_test.go Outdated Show resolved Hide resolved
test/rhel/rhcc_matcher_integration_test.go Outdated Show resolved Hide resolved
test/rhel/testdata/server.txt Outdated Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser.go Show resolved Hide resolved
rhel/vex/parser_test.go Outdated Show resolved Hide resolved
rhel/vex/parser_test.go Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch 5 times, most recently from e861ad8 to b43377a Compare October 11, 2024 21:33
@crozzy crozzy requested a review from RTann October 11, 2024 22:08
RTann
RTann previously approved these changes Oct 11, 2024
View reviewed changes
rhel/vex/test_common.go Show resolved Hide resolved
rhel/vex/parser_test.go Show resolved Hide resolved
rhel/vex/parser_test.go Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch 2 times, most recently from 2d919d7 to 4214b21 Compare October 14, 2024 18:33
@crozzy crozzy requested a review from RTann October 14, 2024 18:33
RTann
RTann previously approved these changes Oct 14, 2024
View reviewed changes
@crozzy crozzy force-pushed the rhcc-updater-deprication branch 2 times, most recently from e3ccb2f to c3150ed Compare November 11, 2024 19:45
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from c3150ed to 4e56761 Compare December 5, 2024 23:13
@crozzy crozzy requested a review from RTann December 5, 2024 23:36
@crozzy
Copy link
Contributor Author

crozzy commented Dec 5, 2024

@RTann realized I should iterate the updater version

@crozzy crozzy force-pushed the rhcc-updater-deprication branch 3 times, most recently from b7d99c1 to 95fb883 Compare December 9, 2024 21:45
RTann
RTann previously approved these changes Dec 11, 2024
View reviewed changes
rhel/vex/parser.go Outdated Show resolved Hide resolved
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from 95fb883 to c0adc90 Compare December 12, 2024 23:21
@crozzy crozzy requested a review from RTann December 12, 2024 23:22
RTann
RTann approved these changes Dec 14, 2024
View reviewed changes
Copy link
Contributor

@RTann RTann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From what I can tell, the only change is the fixed spelling

@crozzy
rhel: deprecate updater in favor of VEX updater
4701605 
We can extract vulnerability information about containers from the
VEX data. This negates the need to look for it in the cvemap.xml file.
This change modifies the VEX updater to allow for ingesting
vulnerabilities in a way that can be matched my the RHCC matcher.

Signed-off-by: crozzy <[email protected]>
@crozzy crozzy force-pushed the rhcc-updater-deprication branch from c0adc90 to 4701605 Compare December 16, 2024 19:50
@crozzy
Copy link
Contributor Author

crozzy commented Dec 16, 2024

/fast-forward

@github-actions github-actions bot merged commit 4701605 into quay:main Dec 16, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RTann RTann RTann approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@crozzy @RTann