Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement PackageScanner service #170

Merged
merged 2 commits into from
May 22, 2020
Merged

Implement PackageScanner service #170

merged 2 commits into from
May 22, 2020

Conversation

karniv00l
Copy link
Contributor

No description provided.

@karniv00l karniv00l requested a review from akondas May 22, 2020 10:05
@karniv00l karniv00l added the enhancement New feature or request label May 22, 2020
@codecov
Copy link

codecov bot commented May 22, 2020

Codecov Report

Merging #170 into scanner will decrease coverage by 0.01%.
The diff coverage is 98.93%.

Impacted file tree graph

@@              Coverage Diff              @@
##             scanner     #170      +/-   ##
=============================================
- Coverage      99.87%   99.86%   -0.02%     
- Complexity      1177     1273      +96     
=============================================
  Files            203      215      +12     
  Lines           3332     3613     +281     
=============================================
+ Hits            3328     3608     +280     
- Misses             4        5       +1
Impacted Files Coverage Δ Complexity Δ
src/Service/Organization/PackageManager.php 100.00% <ø> (ø) 15.00 <0.00> (ø)
...rity/SecurityChecker/SensioLabsSecurityChecker.php 0.00% <0.00%> (ø) 2.00 <2.00> (?)
src/Command/ScanAllPackagesCommand.php 100.00% <100.00%> (ø) 5.00 <5.00> (?)
src/Controller/OrganizationController.php 100.00% <100.00%> (ø) 39.00 <2.00> (+2.00)
src/Entity/Organization/Package.php 100.00% <100.00%> (ø) 26.00 <4.00> (+4.00)
src/Entity/Organization/Package/ScanResult.php 100.00% <100.00%> (ø) 1.00 <1.00> (?)
src/Message/Security/ScanPackage.php 100.00% <100.00%> (ø) 2.00 <2.00> (?)
...Handler/Organization/SynchronizePackageHandler.php 100.00% <100.00%> (ø) 4.00 <1.00> (+1.00)
src/MessageHandler/Security/ScanPackageHandler.php 100.00% <100.00%> (ø) 3.00 <3.00> (?)
src/Query/User/Model/Package.php 100.00% <100.00%> (ø) 42.00 <14.00> (+15.00)
... and 21 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ba6ac23...147b528. Read the comment docs.

akondas
akondas reviewed May 22, 2020
View reviewed changes
src/Command/ScanAllPackagesCommand.php
$this->packageRepository->getById(Uuid::fromString($item->id()))
);
$progressBar->advance();
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to call EntityManager::clear to reduce memory usage, and use transaction here

akondas
akondas reviewed May 22, 2020
View reviewed changes
src/Query/User/Model/ScanResult/ResultContent.php
return $this->formatContent();
}

public function htmlSimple(): string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to rename this method and maybe we can remove html from readl model?
I know it simplifies, but it's not their responsibility to format html.

akondas
akondas reviewed May 22, 2020
View reviewed changes
src/Query/User/Model/ScanResult/ResultContent/LockFileResult.php
/**
* @param Advisory[] $advisories
*/
private function advisoriesHtml(array $advisories): string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as above

akondas
akondas reviewed May 22, 2020
View reviewed changes
src/Query/User/PackageQuery/DbalPackageQuery.php
SELECT content FROM organization_package_scan_result s
WHERE s.package_id = p.id
ORDER BY date DESC LIMIT 1
) scan_result_content
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need to rewrite this query, fortunately, we have already agreed on a better solution

@akondas akondas merged commit a103826 into repman-io:scanner May 22, 2020
akondas pushed a commit that referenced this pull request May 28, 2020
@karniv00l @akondas
Implement PackageScanner service (#170)
f89cfbc 
* Implement PackageScanner service

* Remove php 7.4.3 constant
karniv00l added a commit that referenced this pull request May 28, 2020
@akondas @karniv00l
Implement security scanner (#183)
8fdcdc6 
* Implement PackageScanner service (#170)

* Implement PackageScanner service

* Remove php 7.4.3 constant

* Implement SecurityChecker (#171)

* Implement SecurityChecker

* Remove unused class; Load advisories only when var is empty

* Add `repman:security:update-db` command to cron (#176)

* Add last scan result to package model (#177)

* Add last scan result to package entity

* Disable command output

* Get rid of html from read model

* Update db command (#178)

* Scan all packages when database is updated

* CR fixes

* Add expectations

* Fix update advisories database git command (#182)

* Fix update advisories database git command

* Add git config for buddy pipeline

Co-authored-by: Piotr Rogowski <piotr.rogowski0@gmail.com>
@karniv00l karniv00l deleted the add-scanner branch June 1, 2020 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akondas akondas akondas approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@karniv00l @akondas