Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IAVM Mapper interface: fixup error-handling #42

Closed
ryran opened this issue Nov 18, 2016 · 1 comment
Closed

IAVM Mapper interface: fixup error-handling #42

ryran opened this issue Nov 18, 2016 · 1 comment
Assignees
@ryran
Labels
bug

Comments

@ryran
Copy link
Collaborator

ryran commented Nov 18, 2016

A good one works:

$ rhsecapi --loglevel info --q-iava 2016-B-0158 
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0158' ...
[NOTICE ] rhsda: 5 CVEs found with search

CVE-2016-0762
CVE-2016-5018
CVE-2016-6794
CVE-2016-6796
CVE-2016-6797

A fake one isn't in the index so gets expected output:

$ rhsecapi --loglevel info --q-iava 2016-B-JANK
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[ERROR  ] rhsda: IAVM Mapper (https://access.redhat.com/labs/iavmmapper) has no knowledge of '2016-B-JANK'

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931

What about if an IAVA that is known by the global index but doesn't actually exist for some reason?

$ rhsecapi --loglevel info --q-iava 2016-B-0164
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164' ...
[ERROR  ] rhsda: Login error; unable to get IAVA info

IAVA→CVE mapping data is not provided by the public RH Security Data API.
Instead, this uses the IAVM Mapper App (access.redhat.com/labs/iavmmapper).

Access to this data requires RH Customer Portal credentials be provided.
Create a ~/.netrc with the following contents:

machine access.redhat.com
  login YOUR-CUSTOMER-PORTAL-LOGIN
  password YOUR_PASSWORD_HERE

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931
Traceback (most recent call last):
  File "/home/rsaw/bin/rhsecapi", line 417, in <module>
    main(opts)
  File "/home/rsaw/bin/rhsecapi", line 363, in main
    result = apiclient.get_iava(opts.q_iava)
  File "/g/dev-rhsecapi/rhsda.py", line 784, in get_iava
    logger.log(25, "{0} CVEs found with search".format(len(result['IAVM']['CVEs']['CVENumber'])))
TypeError: list indices must be integers, not str

Yeah so my error-handling didn't account for that. Will do.
@ryran ryran added the bug label Nov 18, 2016
@ryran ryran self-assigned this Nov 18, 2016
@ryran ryran closed this as completed in 3f41ce9 Nov 18, 2016
@ryran
Copy link
Collaborator Author

ryran commented Nov 18, 2016

Done.

$ rhsecapi --q-iava 2016-B-0164 -l debug
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[DEBUG  ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8'
[DEBUG  ] rhsda: IAVM Mapper app main index contains '2016-B-0164'
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164' ...
[INFO   ] rhsda: 500 Server Error: Internal Server Error for url: https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164
[ERROR  ] rhsda: IAVM Mapper app doesn't have entry for '2016-B-0164'

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ryran ryran

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ryran