update rpm pkg audit stuff

security_tools/redhat_tools/rhel_rpm_to_cve.rb

@@ -1,13 +1,12 @@
 # frozen_string_literal: true
 
-# this is meant to parse and query data in redhat linux rpm-to-cve.xml file
-# that is posted on their security API.
-# Reference: https://www.redhat.com/security/data/metrics/
-
 require 'ox'
 require 'json'
 require 'rest-client'
 
+# This is meant to parse and query data in redhat linux rpm-to-cve.xml file
+# That is posted on their security API.
+# Documentation Reference: https://www.redhat.com/security/data/metrics/
 class RhelRpmToCve
   # filepath == /path/to/rpm-to-cve.xml
   attr_accessor :filepath, :file, :xml
@@ -49,8 +48,7 @@ class RhelRpmToCve
         cves: cves,
         cve_count: cves.count
       }
-    else
+    else 'Package not found.'
-      'Package not found.'
     end
   end
 

security_tools/redhat_tools/rhel_security_api_client.rb

@@ -1,12 +1,11 @@
-# Documentation link:
-# https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/overview
-
 # frozen_string_literal: true
 
 require 'rest-client'
 require 'json'
 require 'active_support/core_ext/array/grouping.rb'
 
+# Documentation link:
+# https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/overview
 class RhelSecurityApiClient
   attr_accessor :base_url
 
@@ -14,8 +13,7 @@ class RhelSecurityApiClient
     @base_url = 'https://access.redhat.com/hydra/rest/securitydata'
   end
 
-  # params is a hash that looks like
+  # params = {:params => {:key => value}}
-  # {:params => {:key => value}}
   def request(path, params)
     r = RestClient::Request.execute(
       method: :get,
@@ -48,7 +46,7 @@ class RhelSecurityApiClient
     request("/cve/#{cve_id}.json", params)
   end
 
-  def cves(cve_ids)
+  def cve_ids(cve_ids)
     params = {}
     responses = []
     cve_ids.in_groups_of(500, false) do |cve_id_batch|

security_tools/redhat_tools/rpm_pkg_audit.rb

@@ -19,59 +19,64 @@ def read_cves_file(filepath)
   CSV.read(filepath).flatten
 end
 
-parser = OptionParser.new do |parser|
+def json_pp(json)
+  puts JSON.pretty_generate(json)
+end
+
+parserr = OptionParser.new do |parser|
   parser.banner = 'Usage: rpm_pkg_audit.rb [options]'
-  parser.on('-p', '--pkg PKGNAME', 'Takes a base pkg name and returns cves from redhats security API.') do |pkg|
+  parser.on('-p', '--pkg PKGNAME',
+            'Takes a base pkg name and returns cves from redhats security API.') do |pkg|
     options[:pkg] = pkg
   end
-  parser.on('-l', '--list', 'List packages in the XML datafile.') do |list|
+  parser.on('-l', '--list',
+            'List packages in the XML datafile.') do |list|
     options[:list] = list
   end
-  parser.on('-x', '--xmlpkg PKGNAME', 'The pkg name you want to audit from xml file rpm-to-cve.xml') do |xmlpkg|
+  parser.on('-x', '--xmlpkg PKGNAME',
+            'The pkg name you want to audit from xml file rpm-to-cve.xml') do |xmlpkg|
     options[:xmlpkg] = xmlpkg
   end
-  parser.on('-r', '--refresh', 'Refresh rpm-to-cve.xml file with latest pkgs and cves') do |_refresh|
+  parser.on('-r', '--refresh',
+            'Refresh rpm-to-cve.xml file with latest pkgs and cves') do |_refresh|
     options[:refresh] = true
   end
-  parser.on('-c', '--cve CVE_ID', 'Takes a cve id and returns cve json from redhats security API.') do |cve|
+  parser.on('-c', '--cve CVE_ID',
+            'Takes a cve id and returns cve json from redhats security API.') do |cve|
     options[:cve] = cve
   end
-  parser.on('-f', '--cves-from-file CVE_FILE', 'Takes a file one cve id per line and sends a batch request to redhat security API') do |file|
+  parser.on('-f', '--cves-from-file CVE_FILE',
+            'Takes a file one cve id per line and sends a batch request to redhat security API') do |file|
     options[:file] = file
   end
 end
 
-parser.parse!
+parserr.parse!
-
-if options[:pkg]
-  pkg_name = options[:pkg]
-elsif options[:xmlpkg]
-  xmlpkg_name = options[:xmlpkg]
-end
 
 rpm_auditer = RhelRpmToCve.new(filepath: data_file)
 rhel_api_client = RhelSecurityApiClient.new
 
-# this is getting long and nasty probably change this to a case statment
+if options[:xmlpkg_name]
-if xmlpkg_name
+  pkg = option[:xmlpkg_name]
-  json = rpm_auditer.cves_per_pkg_name(xmlpkg_name).to_json
+  json = rpm_auditer.cves_per_pkg_name(pkg).to_json
-  puts JSON.pretty_generate(JSON.parse(json))
+  json_pp(JSON.parse(json))
-elsif pkg_name
+elsif options[:pkg]
-  params = { params: { package: pkg_name } }
+  pkg = options[:pkg]
-  json_response = rhel_api_client.request('/cve.json', params)
+  params = { params: { package: pkg } }
-  cve_pkgs_and_adv = rhel_api_client.cve_pkg_adv(json_response)
+  json = rhel_api_client.request('/cve.json', params)
-  puts JSON.pretty_generate(cve_pkgs_and_adv)
+  cve_pkgs_and_adv = rhel_api_client.cve_pkg_adv(json)
+  json_pp(cve_pkgs_and_adv)
 elsif options[:refresh]
   rpm_auditer.refresh_rpm_to_cve_file('./data/rpm-to-cve.xml')
 elsif options[:cve]
-  cve = options[:cve]
+  id = options[:cve]
-  r = rhel_api_client.cve_id(cve)
+  json = rhel_api_client.cve_id(id)
-  puts JSON.pretty_generate(r)
+  json_pp(json)
 elsif options[:file]
   filepath = options[:file]
   cve_ids = read_cves_file(filepath)
-  r = rhel_api_client.cves(cve_ids)
+  json = rhel_api_client.cve_ids(cve_ids)
-  puts JSON.pretty_generate(r)
+  json_pp(json)
-else options.key?(:list)
+elsif options[:list]
-     puts rpm_auditer.list_pkg_names.sort
+  puts rpm_auditer.list_pkg_names.sort
 end