2019-04-30 07:02:09 +03:00
package main
import (
"flag"
"fmt"
"log"
"os"
"strconv"
"strings"
"time"
2019-10-13 06:02:24 +03:00
"github.com/aquasecurity/vuln-list-update/amazon"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/alpine"
2019-04-30 07:02:09 +03:00
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/debian"
"github.com/aquasecurity/vuln-list-update/git"
"github.com/aquasecurity/vuln-list-update/nvd"
debianoval "github.com/aquasecurity/vuln-list-update/oval/debian"
"github.com/aquasecurity/vuln-list-update/redhat"
"github.com/aquasecurity/vuln-list-update/ubuntu"
"github.com/aquasecurity/vuln-list-update/utils"
2019-04-30 07:02:09 +03:00
"golang.org/x/xerrors"
)
const (
2019-10-02 11:05:57 +03:00
repoURL = "https://%s@github.com/%s/%s.git"
defaultRepoOwner = "aquasecurity"
defaultRepoName = "vuln-list"
2019-04-30 07:02:09 +03:00
)
var (
target = flag . String ( "target" , "" , "update target (nvd, alpine, redhat, debian, ubuntu)" )
years = flag . String ( "years" , "" , "update years (only redhat)" )
)
func main ( ) {
if err := run ( ) ; err != nil {
log . Fatal ( err )
}
}
func run ( ) error {
flag . Parse ( )
now := time . Now ( ) . UTC ( )
2019-10-10 18:45:17 +03:00
gc := & git . Config { }
vulnListDir := utils . VulnListDir ( )
2019-04-30 07:02:09 +03:00
2019-10-02 11:05:57 +03:00
repoOwner := utils . LookupEnv ( "VULNLIST_REPOSITORY_OWNER" , defaultRepoOwner )
repoName := utils . LookupEnv ( "VULNLIST_REPOSITORY_NAME" , defaultRepoName )
2019-04-30 07:02:09 +03:00
// Embed GitHub token to URL
githubToken := os . Getenv ( "GITHUB_TOKEN" )
2019-10-02 11:05:57 +03:00
url := fmt . Sprintf ( repoURL , githubToken , repoOwner , repoName )
2019-04-30 07:02:09 +03:00
2019-10-02 11:05:57 +03:00
log . Printf ( "target repository is %s/%s\n" , repoOwner , repoName )
2019-10-08 03:28:23 +03:00
if _ , err := gc . CloneOrPull ( url , utils . VulnListDir ( ) ) ; err != nil {
2019-04-30 07:02:09 +03:00
return xerrors . Errorf ( "clone or pull error: %w" , err )
}
var commitMsg string
switch * target {
case "nvd" :
if err := nvd . Update ( now . Year ( ) ) ; err != nil {
return xerrors . Errorf ( "error in NVD update: %w" , err )
}
commitMsg = "NVD"
case "redhat" :
var yearList [ ] int
for _ , y := range strings . Split ( * years , "," ) {
yearInt , err := strconv . Atoi ( y )
if err != nil {
return xerrors . Errorf ( "invalid years: %w" , err )
}
yearList = append ( yearList , yearInt )
}
if len ( yearList ) == 0 {
return xerrors . New ( "years must be specified" )
}
if err := redhat . Update ( yearList ) ; err != nil {
return err
}
commitMsg = "RedHat " + * years
case "debian" :
if err := debian . Update ( ) ; err != nil {
return xerrors . Errorf ( "error in Debian update: %w" , err )
}
commitMsg = "Debian Security Bug Tracker"
case "debian-oval" :
if err := debianoval . Update ( ) ; err != nil {
return xerrors . Errorf ( "error in Debian OVAL update: %w" , err )
}
commitMsg = "Debian OVAL"
case "ubuntu" :
if err := ubuntu . Update ( ) ; err != nil {
return xerrors . Errorf ( "error in Debian update: %w" , err )
}
commitMsg = "Ubuntu CVE Tracker"
case "alpine" :
2019-10-10 18:45:17 +03:00
ac := alpine . Config {
GitClient : gc ,
CacheDir : utils . CacheDir ( ) ,
VulnListDir : vulnListDir ,
}
if err := ac . Update ( ) ; err != nil {
2019-04-30 07:02:09 +03:00
return xerrors . Errorf ( "error in Alpine update: %w" , err )
}
commitMsg = "Alpine Issue Tracker"
2019-10-13 06:02:24 +03:00
case "amazon" :
ac := amazon . Config {
LinuxMirrorListURI : amazon . LinuxMirrorListURI ,
VulnListDir : utils . VulnListDir ( ) ,
}
if err := ac . Update ( ) ; err != nil {
return xerrors . Errorf ( "error in Amazon update: %w" , err )
}
commitMsg = "Amazon Linux Security Center"
2019-04-30 07:02:09 +03:00
default :
return xerrors . New ( "unknown target" )
}
if err := utils . SetLastUpdatedDate ( * target , now ) ; err != nil {
return err
}
log . Println ( "git status" )
2019-10-08 03:28:23 +03:00
files , err := gc . Status ( utils . VulnListDir ( ) )
2019-04-30 07:02:09 +03:00
if err != nil {
return xerrors . Errorf ( "failed to git status: %w" , err )
}
// only last_updated.json
if len ( files ) < 2 {
log . Println ( "Skip commit and push" )
return nil
}
log . Println ( "git commit" )
2019-10-08 03:28:23 +03:00
if err = gc . Commit ( utils . VulnListDir ( ) , "./" , commitMsg ) ; err != nil {
2019-04-30 07:02:09 +03:00
return xerrors . Errorf ( "failed to git commit: %w" , err )
}
log . Println ( "git push" )
2019-10-08 03:28:23 +03:00
if err = gc . Push ( utils . VulnListDir ( ) , "master" ) ; err != nil {
2019-04-30 07:02:09 +03:00
return xerrors . Errorf ( "failed to git push: %w" , err )
}
return nil
}