vuln-list-update/main.go

167 lines
4.4 KiB
Go
Raw Normal View History

2019-04-30 07:02:09 +03:00
package main
import (
"flag"
"fmt"
"log"
"os"
"strconv"
"strings"
"time"
"github.com/aquasecurity/vuln-list-update/amazon"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/alpine"
2019-04-30 07:02:09 +03:00
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/debian"
"github.com/aquasecurity/vuln-list-update/git"
"github.com/aquasecurity/vuln-list-update/nvd"
debianoval "github.com/aquasecurity/vuln-list-update/oval/debian"
oracleoval "github.com/aquasecurity/vuln-list-update/oval/oracle"
2019-11-03 21:28:28 +03:00
redhatoval "github.com/aquasecurity/vuln-list-update/oval/redhat"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/redhat"
"github.com/aquasecurity/vuln-list-update/ubuntu"
"github.com/aquasecurity/vuln-list-update/utils"
2019-04-30 07:02:09 +03:00
"golang.org/x/xerrors"
)
const (
repoURL = "https://%s@github.com/%s/%s.git"
defaultRepoOwner = "aquasecurity"
defaultRepoName = "vuln-list"
2019-04-30 07:02:09 +03:00
)
var (
target = flag.String("target", "", "update target (nvd, alpine, redhat, redhat-oval, debian, debian-oval, ubuntu, amazon, oracle-oval)")
2019-04-30 07:02:09 +03:00
years = flag.String("years", "", "update years (only redhat)")
)
func main() {
if err := run(); err != nil {
log.Fatal(err)
}
}
func run() error {
flag.Parse()
now := time.Now().UTC()
2019-10-10 18:45:17 +03:00
gc := &git.Config{}
vulnListDir := utils.VulnListDir()
2019-04-30 07:02:09 +03:00
repoOwner := utils.LookupEnv("VULNLIST_REPOSITORY_OWNER", defaultRepoOwner)
repoName := utils.LookupEnv("VULNLIST_REPOSITORY_NAME", defaultRepoName)
2019-04-30 07:02:09 +03:00
// Embed GitHub token to URL
githubToken := os.Getenv("GITHUB_TOKEN")
url := fmt.Sprintf(repoURL, githubToken, repoOwner, repoName)
2019-04-30 07:02:09 +03:00
log.Printf("target repository is %s/%s\n", repoOwner, repoName)
if _, err := gc.CloneOrPull(url, utils.VulnListDir()); err != nil {
2019-04-30 07:02:09 +03:00
return xerrors.Errorf("clone or pull error: %w", err)
}
var commitMsg string
switch *target {
case "nvd":
if err := nvd.Update(now.Year()); err != nil {
return xerrors.Errorf("error in NVD update: %w", err)
}
commitMsg = "NVD"
case "redhat":
var yearList []int
for _, y := range strings.Split(*years, ",") {
yearInt, err := strconv.Atoi(y)
if err != nil {
return xerrors.Errorf("invalid years: %w", err)
}
yearList = append(yearList, yearInt)
}
if len(yearList) == 0 {
return xerrors.New("years must be specified")
}
if err := redhat.Update(yearList); err != nil {
return err
}
commitMsg = "RedHat " + *years
2019-11-03 21:28:28 +03:00
case "redhat-oval":
rc := redhatoval.NewConfig()
if err := rc.Update(); err != nil {
return xerrors.Errorf("error in Red Hat OVAL update: %w", err)
}
commitMsg = "Red Hat OVAL"
2019-04-30 07:02:09 +03:00
case "debian":
dc := debian.NewClient()
if err := dc.Update(); err != nil {
2019-04-30 07:02:09 +03:00
return xerrors.Errorf("error in Debian update: %w", err)
}
commitMsg = "Debian Security Bug Tracker"
case "debian-oval":
if err := debianoval.Update(); err != nil {
return xerrors.Errorf("error in Debian OVAL update: %w", err)
}
commitMsg = "Debian OVAL"
case "ubuntu":
if err := ubuntu.Update(); err != nil {
return xerrors.Errorf("error in Debian update: %w", err)
}
commitMsg = "Ubuntu CVE Tracker"
case "alpine":
2019-10-10 18:45:17 +03:00
ac := alpine.Config{
GitClient: gc,
CacheDir: utils.CacheDir(),
VulnListDir: vulnListDir,
}
if err := ac.Update(); err != nil {
2019-04-30 07:02:09 +03:00
return xerrors.Errorf("error in Alpine update: %w", err)
}
commitMsg = "Alpine Issue Tracker"
case "amazon":
ac := amazon.Config{
LinuxMirrorListURI: amazon.LinuxMirrorListURI,
VulnListDir: utils.VulnListDir(),
}
if err := ac.Update(); err != nil {
return xerrors.Errorf("error in Amazon update: %w", err)
}
commitMsg = "Amazon Linux Security Center"
case "oracle-oval":
oc := oracleoval.NewConfig()
if err := oc.Update(); err != nil {
return xerrors.Errorf("error in Oracle Linux OVAL update: %w", err)
}
commitMsg = "Oracle Linux OVAL"
2019-04-30 07:02:09 +03:00
default:
return xerrors.New("unknown target")
}
if err := utils.SetLastUpdatedDate(*target, now); err != nil {
return err
}
log.Println("git status")
files, err := gc.Status(utils.VulnListDir())
2019-04-30 07:02:09 +03:00
if err != nil {
return xerrors.Errorf("failed to git status: %w", err)
}
// only last_updated.json
if len(files) < 2 {
log.Println("Skip commit and push")
return nil
}
log.Println("git commit")
if err = gc.Commit(utils.VulnListDir(), "./", commitMsg); err != nil {
2019-04-30 07:02:09 +03:00
return xerrors.Errorf("failed to git commit: %w", err)
}
log.Println("git push")
if err = gc.Push(utils.VulnListDir(), "master"); err != nil {
2019-04-30 07:02:09 +03:00
return xerrors.Errorf("failed to git push: %w", err)
}
return nil
}