def greatest_references(references: typing.Iterable[DependencyBase]): ''' yields the component references from the specified iterable of ComponentReference that have the greates version (grouped by component name). Id est: if the sequence contains exactly one version of each contained component name, the sequence is returned unchanged. ''' not_none(references) references = list(references) for ref in references: check_type(ref, DependencyBase) names = [ ref.name() for ref in references ] for name in names: matching_refs = [r for r in references if r.name() == name] if len(matching_refs) == 1: # in case reference name was unique, do not bother sorting # (this also works around issues from non-semver versions) yield matching_refs[0] continue # there might be multiple component versions of the same name # --> use the greatest version in that case matching_refs = sorted( matching_refs, key=lambda r: semver.parse_version_info(r.version()), ) # greates version comes last yield matching_refs[-1]
def image_ref_matches( self, image_reference: str, privileges: oa.Privileges = None, ): ''' returns a boolean indicating whether a given container image reference matches any configured image reference prefixes (thus indicating this cfg might be adequate for retrieving or deploying the given container image using this cfg). If no image reference prefixes are configured, `False` is returned. ''' check_type(image_reference, str) prefixes = self.image_reference_prefixes() if not prefixes: return False if privileges: # if privileges were specified, ours must be "great enough" (greater means more privs) if self.privileges() < privileges: return False for prefix in prefixes: if image_reference.startswith(prefix): return True return False
def reference_type(name: str): check_type(name, str) if name == 'component': return ComponentReference if name == 'container_image': return ContainerImageReference if name == 'generic': return GenericDependencyReference if name == 'web': return WebDependencyReference raise ValueError('unknown dependency type name: ' + str(name))
def __init__( self, component_resources: Sequence[cnudie.util.ComponentResource], protecode_api: ProtecodeApi, processing_mode: ProcessingMode=ProcessingMode.RESCAN, group_id: int=None, reference_group_ids: Sequence[int]=(), cvss_threshold: float=7.0, effective_severity_threshold: Severity=Severity.SEVERITY_UNSPECIFIED, ): protecode_api.login() self._processing_mode = check_type(processing_mode, ProcessingMode) self._api: ProtecodeApi = not_none(protecode_api) self._group_id = group_id self._reference_group_ids = reference_group_ids self.cvss_threshold = cvss_threshold self.effective_severity_threshold = Severity(effective_severity_threshold) self.product_id_to_resource: dict[int, cnudie.util.ComponentResource] = dict() self.protecode_products_to_consider = list() # consider to rescan; return results self.protecode_products_to_remove = set() self.component_resources_to_upload = list() self.existing_protecode_products = list() self.component_resources = component_resources # HACK since the component and resource name are the same for all elements # (only the component and resource version differ) we can use the names for all elements self.component_name = self.component_resources[0].component.name self.resource_name = self.component_resources[0].resource.name self.component_resource_to_product_id: dict[str, str] = {}
def __comparables(self, other): check_type(other, Version) # must only compare to other Version instances # to find out which version representations to compare for sorting, we need to # handle different cases: if self._version_semver and other._version_semver: # both versions are semver versions -> use semver arithmethics return (self._version_semver, other._version_semver) elif self.is_valid_semver() and not other.is_valid_semver(): # excactly other version is semver -> normalise (strip leading v..) and str-compare return (str(self._version_semver), other._version_str) elif not self.is_valid_semver() and other.is_valid_semver(): # exactly our version is semver -> normalise (strip leading v..) and str-compare return (self._version_str, str(other._version_semver)) else: # fallback to str-compare only return (self._version_str, other._version_str)
def validate(self): img_ref = check_type(self.image_reference(), str) # XXX this is an incomplete validation that will only detect some obvious errors, # such as missing image tag if not ':' in img_ref: raise ModelValidationError(f'img ref does not contain tag separator (:): {img_ref}') name, tag = img_ref.rsplit(':', 1) if not name: raise ModelValidationError(f'img ref name must not be empty: {img_ref}') if not tag: raise ModelValidationError(f'img ref tag must not be empty: {img_ref}')
def __init__( self, protecode_api: ProtecodeApi, processing_mode: ProcessingMode = ProcessingMode.RESCAN, group_id: int = None, reference_group_ids=(), ): protecode_api.login() self._processing_mode = check_type(processing_mode, ProcessingMode) self._api = not_none(protecode_api) self._group_id = group_id self._reference_group_ids = reference_group_ids
def __init__( self, category_id: str, target_group_id: str, text: str, reference_type: ReferenceType, reference_id: str, user_login: str, source_repo: str, cn_current_repo: ComponentName, ): if reference_id: check_type(reference_id, str) reference = Reference(type=reference_type, identifier=reference_id) cn_source_repo = ComponentName(name=source_repo) is_current_repo = cn_current_repo == cn_source_repo from_same_github_instance = cn_current_repo.github_host( ) == cn_source_repo.github_host() super().__init__(category_id, target_group_id, text, reference, user_login, is_current_repo, from_same_github_instance, cn_source_repo)
def __init__( self, protecode_api: ProtecodeApi, processing_mode: ProcessingMode=ProcessingMode.RESCAN, group_id: int=None, reference_group_ids=(), cvss_threshold: int=7, effective_severity_threshold: Severity=Severity.SEVERITY_UNSPECIFIED, ): protecode_api.login() self._processing_mode = check_type(processing_mode, ProcessingMode) self._api = not_none(protecode_api) self._group_id = group_id self._reference_group_ids = reference_group_ids self.cvss_threshold = cvss_threshold self.effective_severity_threshold = Severity(effective_severity_threshold)