feat(webapp): add go controller for cves endpoint

RHINENG-13545
RedHatInsights · Nov 20, 2024 · 77637b3 · 77637b3
1 parent 7d70fb1
commit 77637b3
Show file tree

Hide file tree

Showing 7 changed files with 70 additions and 11 deletions.
diff --git a/deploy/clowdapp.yaml b/deploy/clowdapp.yaml
@@ -51,6 +51,8 @@ objects:
           value: ${NEWER_RELEASEVER_REPOS}
         - name: NEWER_RELEASEVER_CSAF
           value: ${NEWER_RELEASEVER_CSAF}
+        - name: ENABLE_GO_CVES
+          value: ${ENABLE_GO_CVES}
         resources:
           limits:
             cpu: ${CPU_LIMIT_WEBAPP_GO}
@@ -494,3 +496,6 @@ parameters:
   value: "true"
 - name: DB_DUMP_BUCKET
   value: insights-vmaas-dump-storage
+- name: ENABLE_GO_CVES
+  description: Enable go implementation of the cves endpoint
+  value: "false"
diff --git a/vmaas-go/base/utils/config.go b/vmaas-go/base/utils/config.go
@@ -45,6 +45,7 @@ type Config struct {
 	LogStyle             string
 	CacheRefreshInterval time.Duration
 	EnableProfiler       bool
+	EnableGoCves         bool
 
 	// lib
 	UnfixedEvalEnabled    bool
@@ -134,6 +135,7 @@ func initEnv() {
 	Cfg.VmaasLibMaxGoroutines = GetIntEnvOrDefault("VMAAS_LIB_MAX_GOROUTINES", 20)
 	Cfg.NewerReleaseverRepos = GetBoolEnvOrDefault("NEWER_RELEASEVER_REPOS", true)
 	Cfg.NewerReleaseverCsaf = GetBoolEnvOrDefault("NEWER_RELEASEVER_CSAF", true)
+	Cfg.EnableGoCves = GetBoolEnvOrDefault("ENABLE_GO_CVES", false)
 }
 
 func (e *Endpoint) BuildURL(scheme string) string {

diff --git a/vmaas-go/go.mod b/vmaas-go/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/prometheus/client_golang v1.19.1
 	github.com/redhatinsights/app-common-go v1.6.7
 	github.com/redhatinsights/platform-go-middlewares v1.0.0
-	github.com/redhatinsights/vmaas-lib v1.12.0
+	github.com/redhatinsights/vmaas-lib v1.14.1
 	github.com/sirupsen/logrus v1.9.3
 	github.com/stretchr/testify v1.9.0
 	github.com/zsais/go-gin-prometheus v0.1.0

diff --git a/vmaas-go/go.sum b/vmaas-go/go.sum
@@ -109,8 +109,8 @@ github.com/redhatinsights/app-common-go v1.6.7 h1:cXWW0F6ZW53RLRr54gn7Azo9CLTysY
 github.com/redhatinsights/app-common-go v1.6.7/go.mod h1:6gzRyg8ZyejwMCksukeAhh2ZXOB3uHSmBsbP06fG2PQ=
 github.com/redhatinsights/platform-go-middlewares v1.0.0 h1:OxyiYt+VmNo+UucK/ey0b6UDFnpCni6JoGPeisGmmNI=
 github.com/redhatinsights/platform-go-middlewares v1.0.0/go.mod h1:dRH6XOjiZDbw8STvk6NNC7mMwqhTaV7X+1tn1oXOs24=
-github.com/redhatinsights/vmaas-lib v1.12.0 h1:hPuzmHRJ5KWpMjvYNrBsZSRSZb5RIHy00rzSLgn5n4k=
-github.com/redhatinsights/vmaas-lib v1.12.0/go.mod h1:fCpKKAkaxgxSSLTgJYPgA4xi3qizDiUiboeDWst1j2Q=
+github.com/redhatinsights/vmaas-lib v1.14.1 h1:klJcmgyhXHj2Cn91jhrilL0u8oX+U2I0dxipFjFiV3U=
+github.com/redhatinsights/vmaas-lib v1.14.1/go.mod h1:fCpKKAkaxgxSSLTgJYPgA4xi3qizDiUiboeDWst1j2Q=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=

diff --git a/vmaas-go/webapp/controllers/cves.go b/vmaas-go/webapp/controllers/cves.go
@@ -0,0 +1,44 @@
+package controllers
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/redhatinsights/vmaas-lib/vmaas"
+	"github.com/redhatinsights/vmaas/base/core"
+	"github.com/redhatinsights/vmaas/base/utils"
+)
+
+func CvesHandler(c *gin.Context) {
+	if !isCacheLoaded(c) {
+		return
+	}
+	cve := c.Param("cve")
+	req := vmaas.CvesRequest{Cves: []string{cve}}
+
+	res, err := core.VmaasAPI.Cves(&req)
+	if err != nil {
+		utils.LogAndRespError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, res)
+}
+
+func CvesPostHandler(c *gin.Context) {
+	if !isCacheLoaded(c) {
+		return
+	}
+	req := vmaas.CvesRequest{}
+	err := bindValidateJSON(c, &req)
+	if err != nil {
+		utils.LogAndRespBadRequest(c, err)
+		return
+	}
+
+	cves, err := core.VmaasAPI.Cves(&req)
+	if err != nil {
+		utils.LogAndRespError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, cves)
+}
diff --git a/vmaas-go/webapp/controllers/utils.go b/vmaas-go/webapp/controllers/utils.go
@@ -10,20 +10,22 @@ import (
 	"github.com/redhatinsights/vmaas/base/utils"
 )
 
-func bindValidateJSON(c *gin.Context, request *vmaas.Request) error {
+func bindValidateJSON(c *gin.Context, request interface{}) error {
 	if request == nil {
 		return fmt.Errorf("nil vmaas request")
 	}
 	if err := c.BindJSON(request); err != nil {
 		return err
 	}
-	// validate module name:stream
-	for i, m := range request.Modules {
-		if m.Module == nil {
-			return fmt.Errorf("'module_name' is a required property - 'modules_list.%d'", i)
-		}
-		if m.Stream == nil {
-			return fmt.Errorf("'module_stream' is a required property - 'modules_list.%d'", i)
+
+	if reqest, ok := (request).(*vmaas.Request); ok {
+		for i, m := range reqest.Modules {
+			if m.Module == nil {
+				return fmt.Errorf("'module_name' is a required property - 'modules_list.%d'", i)
+			}
+			if m.Stream == nil {
+				return fmt.Errorf("'module_stream' is a required property - 'modules_list.%d'", i)
+			}
 		}
 	}
 	return nil

diff --git a/vmaas-go/webapp/routes/routes.go b/vmaas-go/webapp/routes/routes.go
@@ -3,6 +3,7 @@ package routes
 import (
 	"github.com/gin-contrib/gzip"
 	"github.com/gin-gonic/gin"
+	"github.com/redhatinsights/vmaas/base/utils"
 	"github.com/redhatinsights/vmaas/webapp/controllers"
 )
 
@@ -12,4 +13,9 @@ func InitAPI(api *gin.RouterGroup) {
 	api.POST("/updates", controllers.UpdatesPostHandler)
 	api.GET("/vulnerabilities/:package", controllers.VulnerabilitiesHandler)
 	api.POST("/vulnerabilities", controllers.VulnerabilitiesPostHandler)
+
+	if utils.Cfg.EnableGoCves {
+		api.GET("/cves/:cve", controllers.CvesHandler)
+		api.POST("/cves", controllers.CvesPostHandler)
+	}
 }