Skip to content

Add initial support for vulnerablecode #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TG1999 merged 22 commits into from
Mar 12, 2024
Merged

Add initial support for vulnerablecode #2

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
242b47c
Move vulnerablecode #1209 to this repo
ziadhany Dec 12, 2023
8f178ba
Fix Makefile src path
ziadhany Dec 12, 2023
0b3084a
Fix importer sync
ziadhany Dec 15, 2023
df415a1
Fix a Deleting objects bug in the importer
ziadhany Dec 19, 2023
d230e76
Update pip
ziadhany Dec 19, 2023
769b9ea
Fix CI test
ziadhany Dec 19, 2023
828ea2b
Fix CI test again
ziadhany Dec 19, 2023
b2f51f8
Stop all and run a fix for CI test again.
ziadhany Dec 23, 2023
7c42c93
Fix configure error and test the CI again
ziadhany Dec 23, 2023
7ec1683
Add envfile to MakeFile
ziadhany Dec 24, 2023
7a207e9
Remove envfile from CI
ziadhany Dec 24, 2023
4ba4f4c
Fix CI and add installation docs
ziadhany Jan 2, 2024
1097075
Fix CI again and Remove Execute a Command from installation.rst
ziadhany Jan 2, 2024
104ccd6
Fix CI again by remove all package versions
ziadhany Jan 2, 2024
ce2a0d0
Add a tasks to the model SyncRequest,FederateRequest
ziadhany Jan 26, 2024
833a91f
Try to Fix importer
ziadhany Jan 30, 2024
4fe2bb8
Add migration file
ziadhany Jan 30, 2024
00f5739
Change the Vulnerability model
ziadhany Feb 18, 2024
e119ed2
Add a task command
ziadhany Mar 4, 2024
a4b9c25
Try to refactor activitypub follow activity.
ziadhany Mar 9, 2024
e37d14c
Add alpine image
ziadhany Mar 10, 2024
eb78770
Add import service step to docs
ziadhany Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add a tasks to the model SyncRequest,FederateRequest 
Add a test for vocabulary_toap
Fix a bug in the ui
Change the review process to relay on vulnerability and package files
Add a message template

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
  • Loading branch information
@ziadhany
ziadhany committed Jan 26, 2024
commit ce2a0d07532794b770918897fd91c0fa2e15bc50
2 changes: 1 addition & 1 deletion docker.env
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ POSTGRES_DB=purl-sync
POSTGRES_USER=purl-sync
POSTGRES_PASSWORD=purl-sync

FEDERATED_CODE_GIT_PATH=""
FEDERATED_CODE_GIT_PATH=/
FEDERATED_CODE_CLIENT_ID=""
FEDERATED_CODE_CLIENT_SECRET=""
NGINX_PORT=8080
54 changes: 31 additions & 23 deletions fedcode/activitypub.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
from federatedcode.settings import FEDERATED_CODE_DOMAIN
from federatedcode.settings import FEDERATED_CODE_GIT_PATH

from .models import Follow
from .models import Follow, FederateRequest
from .models import Note
from .models import Person
from .models import Purl
Expand All @@ -32,7 +32,7 @@
from .models import Review
from .models import Service
from .models import Vulnerability
from .signatures import PURL_SYNC_PRIVATE_KEY
from .signatures import FEDERATED_CODE_PRIVATE_KEY
from .signatures import HttpSignature
from .utils import fetch_actor
from .utils import full_resolve
Expand Down Expand Up @@ -64,7 +64,7 @@

AP_TARGET = {"cc": "https://www.w3.org/ns/activitystreams#Public"}

OBJ_Page = {
OBJ_PAGE = {
"Note": "note-page",
"Review": "review-page",
"Repository": "repository-page",
Expand Down Expand Up @@ -138,12 +138,15 @@ def handler(self):
return ACTIVITY_MAPPER[self.type](actor=ap_actor, object=ap_object, to=self.to).save()

@classmethod
def federated(cls, to, body, key_id):
for target in to:
def federate(cls, targets, body, key_id):
"""
Send the signed request body and key_id to the targets list of domains
"""
for target in targets:
target_domain = urlparse(target).netloc
if target_domain != FEDERATED_CODE_DOMAIN: # TODO Add a server whitelist if necessary
try:
HttpSignature.signed_request(target, body, PURL_SYNC_PRIVATE_KEY, key_id)
FederateRequest.objects.create(target=target, body=body, key_id=key_id)
except Exception as e:
logger.error(f"{e}")

Expand Down Expand Up @@ -205,6 +208,8 @@ class ApObject:
url: str = None
vulnerability: str = None
published: str = None
commit: str = None
filepath: str = None

def get_object(self):
if self.id:
Expand Down Expand Up @@ -234,7 +239,7 @@ def save(self):
username=actor_details["name"], url=actor_details["id"]
)
actor, created = Person.objects.get_or_create(remote_actor=remote_actor)
Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
# --------------------------------------------
parser = urlparse(self.object.id)
resolver = resolve(parser.path)
Expand All @@ -256,7 +261,7 @@ def save(self):
purl, created = Purl.objects.get_or_create(
remote_actor=remote_actor, string=purl_details["string"]
)
Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
if purl and actor:
Follow.objects.get_or_create(person=actor, purl=purl)
return self.succeeded_ap_rs()
Expand Down Expand Up @@ -308,17 +313,20 @@ def save(self):
content=self.object.content,
reply_to=reply_to,
)
elif self.object.type == "Review" and self.object.vulnerability:
obj_id, page_name = full_resolve(self.object.vulnerability)
vulnerability = Vulnerability.objects.get(id=obj_id["vulnerability_id"])
elif self.object.type == "Review" and self.object.repository:
obj_id, page_name = full_resolve(self.object.repository)
repo = Repository.objects.get(id=obj_id["repository_id"])

new_obj, created = Review.objects.get_or_create(
headline=self.object.headline,
author=actor,
vulnerability=vulnerability,
filepath=self.object.filepath,
repository=repo,
data=self.object.content,
commit=self.object.commit,
status=0, # OPEN
)
Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
elif isinstance(actor, Purl):
if self.object.type == "Note":
reply_to = None
Expand All @@ -331,7 +339,7 @@ def save(self):
content=self.object.content,
reply_to=reply_to,
)
Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
elif isinstance(actor, Service):
if self.object.type == "Repository":
new_obj, created = Repository.objects.get_or_create(
Expand All @@ -346,7 +354,7 @@ def save(self):
def succeeded_ap_rs(self, new_obj):
"""Response for successfully deleting the object"""
return JsonResponse(
{"Location": full_reverse(OBJ_Page[self.object.type], new_obj.id)},
{"Location": full_reverse(OBJ_PAGE[self.object.type], new_obj.id)},
status=201,
)

Expand Down Expand Up @@ -387,16 +395,16 @@ def save(self):
}

if (
(isinstance(actor, Person) and self.object.type in ["Note", "Review"])
or (isinstance(actor, Service) and self.object.type == "Repository")
or (isinstance(actor, Purl) and self.object.type == "Note")
(isinstance(actor, Person) and self.object.type in ["Note", "Review"])
or (isinstance(actor, Service) and self.object.type == "Repository")
or (isinstance(actor, Purl) and self.object.type == "Note")
):
for key, value in updated_param[self.object.type].items():
if value:
setattr(old_obj, key, value)
old_obj.save()

Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
return self.succeeded_ap_rs(old_obj.to_ap)

def succeeded_ap_rs(self, update_obj):
Expand Down Expand Up @@ -432,13 +440,13 @@ def save(self):
return self.failed_ap_rs()

if (
(type(actor) is Person and self.object.type in ["Note", "Review"])
or (type(actor) is Purl and self.object.type in ["Note"])
or (type(actor) is Service and self.object.type == ["Repository", "Purl"])
(type(actor) is Person and self.object.type in ["Note", "Review"])
or (type(actor) is Purl and self.object.type in ["Note"])
or (type(actor) is Service and self.object.type == ["Repository", "Purl"])
):
instance = self.object.get_object()
instance.delete()
Activity.federated(to=self.to, body=self.to_ap(), key_id=actor.key_id)
Activity.federate(targets=self.to, body=self.to_ap(), key_id=actor.key_id)
return self.succeeded_ap_rs()
else:
return self.failed_ap_rs()
Expand Down
7 changes: 7 additions & 0 deletions fedcode/forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,10 @@ class CreateGitRepoForm(forms.ModelForm):
class Meta:
model = Repository
fields = ["name", "url"]
help_texts = {
'name': None,
'url': None,
}

def __init__(self, *args, **kwargs):
super(CreateGitRepoForm, self).__init__(*args, **kwargs)
Expand All @@ -44,6 +48,9 @@ class ReviewStatusForm(forms.ModelForm):
class Meta:
model = Review
fields = ["status"]
help_texts = {
'status': None,
}

def __init__(self, *args, **kwargs):
super(ReviewStatusForm, self).__init__(*args, **kwargs)
Expand Down
18 changes: 9 additions & 9 deletions fedcode/importer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ def pkg_handler(change_type, default_service, yaml_data_a_blob, yaml_data_b_blob
if change_type == "A":
package = yaml_data_b_blob.get("package")

purl = Purl.objects.create(string=package, service=default_service)
purl, _ = Purl.objects.get_or_create(string=package, service=default_service)

for version in yaml_data_b_blob.get("versions", []):
create_note(purl, version)
Expand All @@ -122,7 +122,7 @@ def pkg_handler(change_type, default_service, yaml_data_a_blob, yaml_data_b_blob
purl.save()

for version_a, version_b in zip_longest(
yaml_data_a_blob.get("versions", []), yaml_data_b_blob.get("versions", [])
yaml_data_a_blob.get("versions", []), yaml_data_b_blob.get("versions", [])
):
if version_b and not version_a:
create_note(purl, version_b)
Expand All @@ -139,8 +139,8 @@ def pkg_handler(change_type, default_service, yaml_data_a_blob, yaml_data_b_blob
note.save()

update_activity = UpdateActivity(actor=purl.to_ap, object=note.to_ap)
Activity.federated(
to=purl.followers_inboxes,
Activity.federate(
targets=purl.followers_inboxes,
body=update_activity.to_ap(),
key_id=purl.key_id,
)
Expand All @@ -155,11 +155,11 @@ def pkg_handler(change_type, default_service, yaml_data_a_blob, yaml_data_b_blob


def create_note(purl, version):
note = Note.objects.create(acct=purl.acct, content=saneyaml.dump(version))
note, _ = Note.objects.get_or_create(acct=purl.acct, content=saneyaml.dump(version))
purl.notes.add(note)
create_activity = CreateActivity(actor=purl.to_ap, object=note.to_ap)
Activity.federated(
to=purl.followers_inboxes,
Activity.federate(
targets=purl.followers_inboxes,
body=create_activity.to_ap(),
key_id=purl.key_id,
)
Expand All @@ -172,8 +172,8 @@ def delete_note(purl, version):
purl.notes.remove(note)

deleted_activity = DeleteActivity(actor=purl.to_ap, object=note_ap)
Activity.federated(
to=purl.followers_inboxes,
Activity.federate(
targets=purl.followers_inboxes,
body=deleted_activity.to_ap,
key_id=purl.key_id,
)
Loading