rubocop and added batch option from file to commandline progrma

2020-10-30 19:44:29 -05:00 · 2020-10-30 19:44:29 -05:00 · 70403b23dd
commit 70403b23dd
parent 42decc7207
3 changed files with 28 additions and 2 deletions
--- a/security_tools/redhat_tools/rhel_rpm_to_cve.rb
+++ b/security_tools/redhat_tools/rhel_rpm_to_cve.rb
@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 # this is meant to parse and query data in redhat linux rpm-to-cve.xml file
 # that is posted on their security API.
 # Reference: https://www.redhat.com/security/data/metrics/
@ -24,7 +25,7 @@ class RhelRpmToCve
  def refresh_rpm_to_cve_file(path)
    r = RestClient::Request.execute(
      method: :get,
-      url: "https://www.redhat.com/security/data/metrics/rpm-to-cve.xml"
+      url: 'https://www.redhat.com/security/data/metrics/rpm-to-cve.xml'
    )
    if r.code == 200
      File.write(path, r.body)
--- a/security_tools/redhat_tools/rhel_security_api_client.rb
+++ b/security_tools/redhat_tools/rhel_security_api_client.rb
@ -5,6 +5,7 @@

 require 'rest-client'
 require 'json'
+require 'active_support/core_ext/array/grouping.rb'

 class RhelSecurityApiClient
  attr_accessor :base_url
@ -46,4 +47,14 @@ class RhelSecurityApiClient
    params = {}
    request("/cve/#{cve_id}.json", params)
  end
+
+  def cves(cve_ids)
+    params = {}
+    responses = []
+    cve_ids.in_groups_of(500, false) do |cve_id_batch|
+      csv_cve_url_str = cve_id_batch.join(',')
+      responses << request('/cve.json?ids=' + csv_cve_url_str, params)
+    end
+    responses.flatten
+  end
 end
--- a/security_tools/redhat_tools/rpm_pkg_audit.rb
+++ b/security_tools/redhat_tools/rpm_pkg_audit.rb
@ -3,6 +3,7 @@

 require 'optparse'
 require 'json'
+require 'csv'
 require './rhel_rpm_to_cve'
 require './rhel_security_api_client'
 require 'pry'
@ -13,6 +14,11 @@ data_file = './data/rpm-to-cve.xml'

 options = {}

+# for use with --cves-from-file arg
+def read_cves_file(filepath)
+  CSV.read(filepath).flatten
+end
+
 parser = OptionParser.new do |parser|
  parser.banner = 'Usage: rpm_pkg_audit.rb [options]'
  parser.on('-p', '--pkg PKGNAME', 'Takes a base pkg name and returns cves from redhats security API.') do |pkg|
@ -30,6 +36,9 @@ parser = OptionParser.new do |parser|
  parser.on('-c', '--cve CVE_ID', 'Takes a cve id and returns cve json from redhats security API.') do |cve|
    options[:cve] = cve
  end
+  parser.on('-f', '--cves-from-file CVE_FILE', 'Takes a file one cve id per line and sends a batch request to redhat security API') do |file|
+    options[:file] = file
+  end
 end

 parser.parse!
@ -58,6 +67,11 @@ elsif options[:cve]
  cve = options[:cve]
  r = rhel_api_client.cve_id(cve)
  puts JSON.pretty_generate(r)
+elsif options[:file]
+  filepath = options[:file]
+  cve_ids = read_cves_file(filepath)
+  r = rhel_api_client.cves(cve_ids)
+  puts JSON.pretty_generate(r)
 else options.key?(:list)
     puts rpm_auditer.list_pkg_names.sort
 end