def add_metadata_cli(runtime, kind, impetus, advisory): """Add metadata to an advisory. This is usually called by create immediately after creation. It is only useful to you if you are going back and adding metadata to older advisories. Note: Requires you provide a --group Example to add standard metadata to a 3.10 images release \b $ elliott --group=openshift-3.10 add-metadata --impetus standard --kind image """ runtime.initialize() release = release_from_branch(runtime.group_config.branch) try: advisory = Erratum(errata_id=advisory) except GSSError: exit_unauthenticated() result = elliottlib.errata.add_comment( advisory.errata_id, {'release': release, 'kind': kind, 'impetus': impetus}) if result.status_code == 201: green_prefix("Added metadata successfully") click.echo() elif result.status_code == 403: exit_unauthorized() else: red_print("Something weird may have happened") raise ElliottFatalError( "Unexpected response from ET API: {code}".format(code=result.status_code))
def create_textonly(runtime, errata_type, date, assigned_to, manager, package_owner, topic, synopsis, description, solution, bug_title, bug_description, yes, bug_tracker: BugTracker): et_data = runtime.gitdata.load_data(key='erratatool').data try: erratum = Erratum( product=et_data['product'], release=et_data['release'], qe_group=et_data['quality_responsibility_name'], synopsis=synopsis, topic=topic, description=description, solution=solution, qe_email=assigned_to, errata_type=errata_type, owner_email=package_owner, manager_email=manager, date=date, text_only=1, ) except elliottlib.exceptions.ErrataToolUnauthorizedException: exit_unauthorized() except elliottlib.exceptions.ErrataToolError as ex: raise repr(ex) cdn_repos = et_data.get('cdn_repos') if cdn_repos: click.echo(f"Configuring CDN repos {', '.join(cdn_repos)}...") erratum.textOnlyRepos(enable=cdn_repos) if yes: erratum.commit() green_prefix("Created new text only advisory: ") click.echo(str(erratum)) bug = bug_tracker.create_textonly(bug_title, bug_description) click.echo(f"Created placeholder bug: {bug.id} {bug.webur}") click.echo("Attaching placeholder bug...") bug_tracker.attach_bugs(erratum.errata_id, [bug.id]) else: green_prefix("Would have created advisory: ") click.echo("") click.echo(erratum)
def create_cli(ctx, runtime, errata_type, kind, impetus, date, assigned_to, manager, package_owner, with_placeholder, with_liveid, yes, bugs): """Create a new advisory. The kind of advisory must be specified with '--kind'. Valid choices are 'rpm' and 'image'. You MUST specify a group (ex: "openshift-3.9") manually using the --group option. See examples below. You must set a Release Date by providing a YYYY-Mon-DD formatted string to the --date option. The default behavior for this command is to show what the generated advisory would look like. The raw JSON used to create the advisory will be printed to the screen instead of posted to the Errata Tool API. The impetus option only affects the metadata added to the new advisory and its synopsis. The --assigned-to, --manager and --package-owner options are required. They are the email addresses of the parties responsible for managing and approving the advisory. Adding a list of bug ids with one or more --bugs arguments attaches those bugs to the advisory on creation. Provide the '--yes' or '-y' option to confirm creation of the advisory. PREVIEW an RPM Advisory 21 days from now (the default release date) for OSE 3.9: $ elliott --group openshift-3.9 create CREATE Image Advisory for the 3.5 series on the first Monday in March: \b $ elliott --group openshift-3.5 create --yes -k image --date 2018-Mar-05 """ runtime.initialize() et_data = runtime.gitdata.load_data(key='erratatool').data # User entered a valid value for --date, set the release date release_date = datetime.datetime.strptime(date, YMD) ###################################################################### unique_bugs = set(bugs) if bugs: bug_tracker = BugzillaBugTracker( BugzillaBugTracker.get_config(runtime)) LOGGER.info("Fetching bugs {} from Bugzilla...".format(" ".join( map(str, bugs)))) bug_objects = bug_tracker.get_bugs(bugs) # assert bugs are viable for a new advisory. _assert_bugs_are_viable(bugs, bug_objects) ###################################################################### try: erratum = elliottlib.errata.new_erratum( et_data, errata_type=errata_type, kind=kind, boilerplate_name=(impetus if impetus != "standard" else kind), release_date=release_date.strftime(YMD), assigned_to=assigned_to, manager=manager, package_owner=package_owner) except elliottlib.exceptions.ErrataToolUnauthorizedException: exit_unauthorized() except elliottlib.exceptions.ErrataToolError as ex: raise ElliottFatalError(getattr(ex, 'message', repr(ex))) erratum.addBugs(unique_bugs) if yes: erratum.commit() green_prefix("Created new advisory: ") click.echo(str(erratum)) # This is a little strange, I grant you that. For reference you # may wish to review the click docs # # http://click.pocoo.org/5/advanced/#invoking-other-commands # # You may be thinking, "But, add_metadata doesn't take keyword # arguments!" and that would be correct. However, we're not # calling that function directly. We actually use the context # 'invoke' method to call the _command_ (remember, it's wrapped # with click to create a 'command'). 'invoke' ensures the correct # options/arguments are mapped to the right parameters. ctx.invoke(add_metadata_cli, kind=kind, impetus=impetus, advisory=erratum.errata_id) click.echo(str(erratum)) if with_placeholder: click.echo("Creating and attaching placeholder bug...") ctx.invoke(create_placeholder_cli, kind=kind, advisory=erratum.errata_id) if with_liveid: click.echo("Requesting Live ID...") base_url = "https://errata.devel.redhat.com/errata/set_live_advisory_name" cmd_assert( f"curl -X POST --fail --negotiate -u : {base_url}/{erratum.errata_id}", retries=3, pollrate=10, ) else: green_prefix("Would have created advisory: ") click.echo("") click.echo(erratum)
def create_textonly_cli(ctx, runtime, errata_type, date, assigned_to, manager, package_owner, topic, synopsis, description, solution, bugtitle, bugdescription, yes): """ Create a text only advisory with all required input passed from args, need to manually decide the statement for each release. Also will create the notification bug along with the text only advisory, the bug also need some special comment and title. These args need to be designated manually for text only advisory: - topic - synopsis - description - solution - assigned These args need to be designated manually for text only bug: - bugtitle - bugdescription """ runtime.initialize() # create textonly bug bz_data = runtime.gitdata.load_data(key='bugzilla').data newbug = elliottlib.bzutil.create_textonly(bz_data, bugtitle, bugdescription) click.echo("Created BZ: {} {}".format(newbug.id, newbug.weburl)) # create textonly advisory et_data = runtime.gitdata.load_data(key='erratatool').data try: erratum = Erratum( product=et_data['product'], release=et_data['release'], qe_group=et_data['quality_responsibility_name'], synopsis=synopsis, topic=topic, description=description, solution=solution, qe_email=assigned_to, errata_type=errata_type, owner_email=package_owner, manager_email=manager, date=date, text_only=1, ) except elliottlib.exceptions.ErrataToolUnauthorizedException: exit_unauthorized() except elliottlib.exceptions.ErrataToolError as ex: raise repr(ex) erratum.addBugs(newbug.id) cdn_repos = et_data.get('cdn_repos') if cdn_repos: click.echo(f"Configuring CDN repos {', '.join(cdn_repos)}...") erratum.textOnlyRepos(enable=cdn_repos) if yes: erratum.commit() green_prefix("Created new text only advisory: ") click.echo(str(erratum)) else: green_prefix("Would have created advisory: ") click.echo("") click.echo(erratum)
def create_cli(ctx, runtime, errata_type, kind, impetus, date, assigned_to, manager, package_owner, with_placeholder, yes, bugs): """Create a new advisory. The kind of advisory must be specified with '--kind'. Valid choices are 'rpm' and 'image'. You MUST specify a group (ex: "openshift-3.9") manually using the --group option. See examples below. You must set a Release Date by providing a YYYY-Mon-DD formatted string to the --date option. The default behavior for this command is to show what the generated advisory would look like. The raw JSON used to create the advisory will be printed to the screen instead of posted to the Errata Tool API. The impetus option only effects the metadata added to the new advisory and its synopsis. The --assigned-to, --manager and --package-owner options are required. They are the email addresses of the parties responsible for managing and approving the advisory. Adding a list of bug ids with one or more --bugs arguments attaches those bugs to the advisory on creation. When creating a security advisory, the list of bugs will also be checked for any CVE flaw bugs which they are blocking, and those will be added as well. Any CVE flaw bugs being added will also calculate the Impact for the release if it's type is RHSA. Provide the '--yes' or '-y' option to confirm creation of the advisory. PREVIEW an RPM Advisory 21 days from now (the default release date) for OSE 3.9: $ elliott --group openshift-3.9 create CREATE Image Advisory for the 3.5 series on the first Monday in March: \b $ elliott --group openshift-3.5 create --yes -k image --date 2018-Mar-05 """ # perform sanity checks and provide default values if errata_type == 'RHSA': if not bugs: raise ElliottFatalError( "When creating an RHSA, you must provide a list of bug id(s) using one or more `--bug` options.") if not impetus: impetus = 'cve' elif impetus != 'cve': raise ElliottFatalError("Invalid impetus") elif not impetus: impetus = 'standard' runtime.initialize() et_data = runtime.gitdata.load_data(key='erratatool').data bz_data = runtime.gitdata.load_data(key='bugzilla').data impact = None # User entered a valid value for --date, set the release date release_date = datetime.datetime.strptime(date, YMD) ###################################################################### flaw_cve_map = {} impact = None unique_bugs = set(bugs) if bugs: bzapi = elliottlib.bzutil.get_bzapi(bz_data) LOGGER.info("Fetching bugs {} from Bugzilla...".format( " ".join(map(str, bugs)))) bug_objects = bzapi.getbugs(bugs) # assert bugs are viable for a new advisory. _assert_bugs_are_viable(errata_type, bugs, bug_objects) if errata_type == 'RHSA': LOGGER.info("Fetching flaw bugs for trackers {}...".format(" ".join(map(str, bugs)))) tracker_flaws_map = elliottlib.bzutil.get_tracker_flaws_map(bzapi, bug_objects) impact = elliottlib.bzutil.get_highest_impact(bug_objects, tracker_flaws_map) flaw_bugs = [flaw for tracker, flaws in tracker_flaws_map.items() for flaw in flaws] flaw_cve_map = elliottlib.bzutil.get_flaw_aliases(flaw_bugs) unique_bugs |= set(flaw_cve_map.keys()) ###################################################################### try: erratum = elliottlib.errata.new_erratum( et_data, errata_type=errata_type, kind=kind, boilerplate_name=(impetus if impetus != "standard" else kind), release_date=release_date.strftime(YMD), assigned_to=assigned_to, manager=manager, package_owner=package_owner, impact=impact, cves=' '.join((alias) for alias in flaw_cve_map.values()) ) except elliottlib.exceptions.ErrataToolUnauthorizedException: exit_unauthorized() except elliottlib.exceptions.ErrataToolError as ex: raise ElliottFatalError(getattr(ex, 'message', repr(ex))) erratum.addBugs(unique_bugs) if yes: erratum.commit() green_prefix("Created new advisory: ") click.echo(str(erratum)) if errata_type == 'RHSA': yellow_print("Remember to manually set the Security Reviewer in the Errata Tool Web UI") # This is a little strange, I grant you that. For reference you # may wish to review the click docs # # http://click.pocoo.org/5/advanced/#invoking-other-commands # # You may be thinking, "But, add_metadata doesn't take keyword # arguments!" and that would be correct. However, we're not # calling that function directly. We actually use the context # 'invoke' method to call the _command_ (remember, it's wrapped # with click to create a 'command'). 'invoke' ensures the correct # options/arguments are mapped to the right parameters. ctx.invoke(add_metadata_cli, kind=kind, impetus=impetus, advisory=erratum.errata_id) click.echo(str(erratum)) if with_placeholder: click.echo("Creating and attaching placeholder bug...") ctx.invoke(create_placeholder_cli, kind=kind, advisory=erratum.errata_id) else: green_prefix("Would have created advisory: ") click.echo("") click.echo(erratum)