Add support to vuln report for pulp_python plugin #1273
Conversation
2cdad88 to
a720b1e
Compare
| NEEDS_PLUGINS = [PluginRequirement("python", specifier=">=3.1.0")] | ||
|
|
||
| def scan(self) -> t.Any: | ||
| return self.call("scan", parameters={self.HREF: self.pulp_href}) | ||
|
|
There was a problem hiding this comment.
| NEEDS_PLUGINS = [PluginRequirement("python", specifier=">=3.1.0")] | |
| def scan(self) -> t.Any: | |
| return self.call("scan", parameters={self.HREF: self.pulp_href}) | |
| NEEDS_PLUGINS = [PluginRequirement("python", specifier=">=3.1.0")] | |
| CAPABILITIES = {"scan": [PluginRequirement("python", specifier=">=3.21.0")]} | |
| def scan(self) -> t.Any: | |
| self.needs_capability("scan") | |
| return self.call("scan", parameters={self.HREF: self.pulp_href}) |
This feature of the CLI is very useful for implementing new endpoints that are shared, but unevenly supported across the plugins.
There was a problem hiding this comment.
If scan is going to have the same signature on every repository that supports it, you can move the function up in the hierarchy that way.
There was a problem hiding this comment.
I didn't mean all the way up to the base EntityContext.
| needs_plugins: t.List[PluginRequirement] = [PluginRequirement("python", specifier=">=3.21.0")], | ||
| ) -> None: | ||
|
|
||
| # for now, vuln report is implemented for pulp_python only | ||
| if not isinstance(repository, PulpPythonRepositoryContext): | ||
| return |
There was a problem hiding this comment.
With the CAPABILITIES feature you won't need to check the context type. Just check the capable/needs_capability on the final repository version context to see if you can call scan.
876b7cc to
609049f
Compare
| help=_("Version of the repository to scan. Leave blank for latest version."), | ||
| ) | ||
| @pass_pulp_context | ||
| def create( |
There was a problem hiding this comment.
I think, here we should follow the design of the api.
The repository version command group can have a scan subcommand whose sideeffect would be to create a report.
There was a problem hiding this comment.
So this command should go away.
9672fae to
1154c06
Compare
| help=_("Version of the repository to scan. Leave blank for latest version."), | ||
| ) | ||
| @pass_pulp_context | ||
| def create( |
There was a problem hiding this comment.
So this command should go away.
75a552e to
3d9625a
Compare
| def scan(self) -> t.Any: | ||
| return self.call("scan", parameters={self.HREF: self.pulp_href}) | ||
|
|
There was a problem hiding this comment.
What are the objects you can scan? And where did the capability check go?
| @@ -0,0 +1,30 @@ | |||
| #!/bin/bash | |||
There was a problem hiding this comment.
This should move to pulp_python.
| pulp python repository sync --name python --remote python | ||
|
|
||
| expect_succ pulp python repository version scan --repository python | ||
| expect_succ pulp vulnerability-report list |
There was a problem hiding this comment.
Shouldn't we be able to request the very report we just created here?
| expect_succ pulp python repository version scan --repository python | ||
| expect_succ pulp vulnerability-report list | ||
|
|
||
| VULN_REPORT=$(pulp vulnerability-report list --field pulp_href --limit 1|jq .[0].pulp_href -r) |
There was a problem hiding this comment.
Please use the result variable from the previously tested command.
| NEEDS_PLUGINS = [PluginRequirement("python", specifier=">=3.1.0")] | ||
|
|
||
| def scan(self) -> t.Any: | ||
| return self.call("scan", parameters={self.HREF: self.pulp_href}) | ||
|
|
There was a problem hiding this comment.
I didn't mean all the way up to the base EntityContext.
pulp_cli/generic.py
Outdated
| """ | ||
| Scan a {entity}. | ||
| """ | ||
| entity_ctx.needs_capability("scan") |
There was a problem hiding this comment.
This should be inside the ctx.scan function.
pulp_cli/generic.py
Outdated
| Scan a {entity}. | ||
| """ | ||
| entity_ctx.needs_capability("scan") | ||
| entity_ctx.scan() |
There was a problem hiding this comment.
Isn't there some thing to tell the user about here?
3d9625a to
c22a91e
Compare
closes: #1272