def greatest_references(references: typing.Iterable[DependencyBase]):
'''
yields the component references from the specified iterable of ComponentReference that
have the greates version (grouped by component name).
Id est: if the sequence contains exactly one version of each contained component name,
the sequence is returned unchanged.
'''
not_none(references)
references = list(references)
for ref in references:
check_type(ref, DependencyBase)
names = [
ref.name() for ref
in references
]
for name in names:
matching_refs = [r for r in references if r.name() == name]
if len(matching_refs) == 1:
# in case reference name was unique, do not bother sorting
# (this also works around issues from non-semver versions)
yield matching_refs[0]
continue
# there might be multiple component versions of the same name
# --> use the greatest version in that case
matching_refs = sorted(
matching_refs,
key=lambda r: semver.parse_version_info(r.version()),
)
# greates version comes last
yield matching_refs[-1]
def image_ref_matches(
self,
image_reference: str,
privileges: oa.Privileges = None,
):
'''
returns a boolean indicating whether a given container image reference matches any
configured image reference prefixes (thus indicating this cfg might be adequate for
retrieving or deploying the given container image using this cfg).
If no image reference prefixes are configured, `False` is returned.
'''
check_type(image_reference, str)
prefixes = self.image_reference_prefixes()
if not prefixes:
return False
if privileges:
# if privileges were specified, ours must be "great enough" (greater means more privs)
if self.privileges() < privileges:
return False
for prefix in prefixes:
if image_reference.startswith(prefix):
return True
return False
def reference_type(name: str):
check_type(name, str)
if name == 'component':
return ComponentReference
if name == 'container_image':
return ContainerImageReference
if name == 'generic':
return GenericDependencyReference
if name == 'web':
return WebDependencyReference
raise ValueError('unknown dependency type name: ' + str(name))
def __init__(
self,
component_resources: Sequence[cnudie.util.ComponentResource],
protecode_api: ProtecodeApi,
processing_mode: ProcessingMode=ProcessingMode.RESCAN,
group_id: int=None,
reference_group_ids: Sequence[int]=(),
cvss_threshold: float=7.0,
effective_severity_threshold: Severity=Severity.SEVERITY_UNSPECIFIED,
):
protecode_api.login()
self._processing_mode = check_type(processing_mode, ProcessingMode)
self._api: ProtecodeApi = not_none(protecode_api)
self._group_id = group_id
self._reference_group_ids = reference_group_ids
self.cvss_threshold = cvss_threshold
self.effective_severity_threshold = Severity(effective_severity_threshold)
self.product_id_to_resource: dict[int, cnudie.util.ComponentResource] = dict()
self.protecode_products_to_consider = list() # consider to rescan; return results
self.protecode_products_to_remove = set()
self.component_resources_to_upload = list()
self.existing_protecode_products = list()
self.component_resources = component_resources
# HACK since the component and resource name are the same for all elements
# (only the component and resource version differ) we can use the names for all elements
self.component_name = self.component_resources[0].component.name
self.resource_name = self.component_resources[0].resource.name
self.component_resource_to_product_id: dict[str, str] = {}
def __comparables(self, other):
check_type(other, Version) # must only compare to other Version instances
# to find out which version representations to compare for sorting, we need to
# handle different cases:
if self._version_semver and other._version_semver:
# both versions are semver versions -> use semver arithmethics
return (self._version_semver, other._version_semver)
elif self.is_valid_semver() and not other.is_valid_semver():
# excactly other version is semver -> normalise (strip leading v..) and str-compare
return (str(self._version_semver), other._version_str)
elif not self.is_valid_semver() and other.is_valid_semver():
# exactly our version is semver -> normalise (strip leading v..) and str-compare
return (self._version_str, str(other._version_semver))
else:
# fallback to str-compare only
return (self._version_str, other._version_str)
def validate(self):
img_ref = check_type(self.image_reference(), str)
# XXX this is an incomplete validation that will only detect some obvious errors,
# such as missing image tag
if not ':' in img_ref:
raise ModelValidationError(f'img ref does not contain tag separator (:): {img_ref}')
name, tag = img_ref.rsplit(':', 1)
if not name:
raise ModelValidationError(f'img ref name must not be empty: {img_ref}')
if not tag:
raise ModelValidationError(f'img ref tag must not be empty: {img_ref}')
def __init__(
self,
protecode_api: ProtecodeApi,
processing_mode: ProcessingMode = ProcessingMode.RESCAN,
group_id: int = None,
reference_group_ids=(),
):
protecode_api.login()
self._processing_mode = check_type(processing_mode, ProcessingMode)
self._api = not_none(protecode_api)
self._group_id = group_id
self._reference_group_ids = reference_group_ids
def __init__(
self,
category_id: str,
target_group_id: str,
text: str,
reference_type: ReferenceType,
reference_id: str,
user_login: str,
source_repo: str,
cn_current_repo: ComponentName,
):
if reference_id:
check_type(reference_id, str)
reference = Reference(type=reference_type, identifier=reference_id)
cn_source_repo = ComponentName(name=source_repo)
is_current_repo = cn_current_repo == cn_source_repo
from_same_github_instance = cn_current_repo.github_host(
) == cn_source_repo.github_host()
super().__init__(category_id, target_group_id, text, reference,
user_login, is_current_repo,
from_same_github_instance, cn_source_repo)
def __init__(
self,
protecode_api: ProtecodeApi,
processing_mode: ProcessingMode=ProcessingMode.RESCAN,
group_id: int=None,
reference_group_ids=(),
cvss_threshold: int=7,
effective_severity_threshold: Severity=Severity.SEVERITY_UNSPECIFIED,
):
protecode_api.login()
self._processing_mode = check_type(processing_mode, ProcessingMode)
self._api = not_none(protecode_api)
self._group_id = group_id
self._reference_group_ids = reference_group_ids
self.cvss_threshold = cvss_threshold
self.effective_severity_threshold = Severity(effective_severity_threshold)
