[GSOC23] - C - Implement a StAX parser for OVAL files#7510
[GSOC23] - C - Implement a StAX parser for OVAL files#7510HoussemNasri wants to merge 26 commits intouyuni-project:masterfrom
Conversation
Suggested tests to cover this Pull Request
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
HoussemNasri
force-pushed
the
oval-stax-parser
branch
from
8dc2d93 to
6d6dc0f
Compare
HoussemNasri
force-pushed
the
oval-stax-parser
branch
from
a279e94 to
7a5f2c7
Compare
|
👋 Hello! Thanks for contributing to our project. You can see the progress at the end of this page and at https://github.com/uyuni-project/uyuni/pull/7510/checks If you are unsure the failing tests are related to your code, you can check the "reference jobs". These are jobs that run on a scheduled time with code from master. If they fail for the same reason as your build, it means the tests or the infrastructure are broken. If they do not fail, but yours do, it means it is related to your code. Reference tests: KNOWN ISSUES Sometimes the build can fail when pulling new jar files from download.opensuse.org . This is a known limitation. Given this happens rarely, when it does, all you need to do is rerun the test. Sorry for the inconvenience. For more tips on troubleshooting, see the troubleshooting guide. Happy hacking! |
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
|
This PR was closed because it has been stalled for 10 days with no activity. |
|
@HoussemNasri @parlt91 i think this is still needed, right? |
Yes, the A and B pull requests need to be reviewed first before we can move to this one in case there was some changes that would affect this one (all PRs are kind of stacked on each other). Right now, pr A is under review. |
|
Than we better reopen this request |
…Product foreign key
parlt91
force-pushed
the
oval-stax-parser
branch
from
b14baa8 to
3cc429f
Compare
Signed-off-by: Pascal Arlt <parlt@suse.com>
Signed-off-by: Pascal Arlt <parlt@suse.com>
parlt91
force-pushed
the
oval-stax-parser
branch
from
3cc429f to
2d2c980
Compare
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
| @@ -0,0 +1,114 @@ | |||
| /* | |||
There was a problem hiding this comment.
Schema folder needs to be updated
| * The Oval Parser is responsible for parsing OVAL(Open Vulnerability and Assessment Language) documents | ||
| */ | ||
| public class OvalParser { | ||
| public static final int DEFINITIONS_BULK_SIZE = 500; |
There was a problem hiding this comment.
We should ready this from a configuration, where the default can be 500.
| * @param ovalFileURL the OVAL file to parse | ||
| * @return the parsed OVAL encapsulated in an {@link OvalRootType} object. | ||
| * */ | ||
| public OvalRootType parse(URL ovalFileURL) throws OvalParserException { |
There was a problem hiding this comment.
This parser is only used for testing. Should we move it to a test-only class? The method could be a utility that would receive a OvalParser instance and the File location. Since it keeps all in memory, I think it is risky to have in the main class when is used only for testing.
| * @param ovalFile an XML file containing OVAL definitions to be parsed. | ||
| * @return all OVAL definitions in {@code ovalFile} | ||
| * */ | ||
| public List<DefinitionType> parseAllDefinitions(File ovalFile) { |
There was a problem hiding this comment.
This is a dependency for the parser function that is used only for testing. We want people to use the bulk parser, and not the one that loads everything to memory.
| OvalParser ovalParser = new OvalParser(); | ||
| OVALResources ovalResources = ovalParser.parseResources(ovalFile); | ||
| ovalParser.parseDefinitionsInBulk(ovalFile, definitionsBulk -> { | ||
| OvalRootType ovalRoot = new OvalRootType(); |
There was a problem hiding this comment.
Looks to me that the product.getOsFamily() and product.getOsVersion() should also be use to set the OvalRootType.
In the method called savePlatformsVulnerablePackages the OS family and version are being loaded from the OvalRootType but looks to me that it's never set.
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
7 participants
What does this PR change?
Introduce a StAX parser (instead of the current JAXB parser) for OVAL files to increase memory efficiency when parsing large OVAL files.
Useful Links
GUI diff
No difference.
Before:
After:
Documentation
No documentation needed: add explanation. This can't be used if there is a GUI diff
No documentation needed: only internal and user invisible changes
Documentation issue was created: Link for SUSE Manager contributors, Link for community contributors.
API documentation added: please review the Wiki page Writing Documentation for the API if you have any changes to API documentation.
(OPTIONAL) Documentation PR
DONE
Test coverage
No tests: add explanation
No tests: already covered
Unit tests were added
Cucumber tests were added
DONE
Links
Fixes #
Tracks # add downstream PR, if any
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run: