Skip to content

Commit

Permalink
feat(V2): RHINENG-11269 use the V2 models for SSG import
Browse files Browse the repository at this point in the history
  • Loading branch information
skateman committed Nov 1, 2024
1 parent 9556f4b commit 828e5d0
Show file tree
Hide file tree
Showing 31 changed files with 179 additions and 1,550 deletions.
9 changes: 9 additions & 0 deletions app/models/v2/profile.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,5 +30,14 @@ def variant_for_minor(version)
os_minor_versions: { os_minor_version: version }
)
end

def self.from_parser(obj, existing: nil, security_guide_id: nil, value_overrides: nil)
record = existing || new(ref_id: obj.id, security_guide_id: security_guide_id)

Check warning on line 35 in app/models/v2/profile.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/profile.rb#L35

Added line #L35 was not covered by tests

record.assign_attributes(title: obj.title, description: obj.description,

Check warning on line 37 in app/models/v2/profile.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/profile.rb#L37

Added line #L37 was not covered by tests
value_overrides: value_overrides, upstream: false)

record

Check warning on line 40 in app/models/v2/profile.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/profile.rb#L40

Added line #L40 was not covered by tests
end
end
end
18 changes: 18 additions & 0 deletions app/models/v2/rule.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ class Rule < ApplicationRecord

indexable_by :ref_id, &->(scope, value) { scope.find_by!(ref_id: value.try(:gsub, '-', '.')) }

attr_accessor :op_source

# rubocop:disable Metrics/AbcSize
def self.sorted_severities(table = arel_table)
Arel.sql(
Expand Down Expand Up @@ -71,5 +73,21 @@ def remediation_issue_id
def self.short_ref_id(ref_id)
ref_id.downcase[SHORT_REF_ID_RE] || ref_id
end

# rubocop:disable Metrics/ParameterLists
def self.from_parser(obj, existing: nil, rule_group_id: nil,
security_guide_id: nil, precedence: nil, value_checks: nil)
record = existing || new(ref_id: obj.id, security_guide_id: security_guide_id)

Check warning on line 80 in app/models/v2/rule.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule.rb#L80

Added line #L80 was not covered by tests

record.op_source = obj

Check warning on line 82 in app/models/v2/rule.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule.rb#L82

Added line #L82 was not covered by tests

record.assign_attributes(title: obj.title, description: obj.description, rationale: obj.rationale,

Check warning on line 84 in app/models/v2/rule.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule.rb#L84

Added line #L84 was not covered by tests
severity: obj.severity, precedence: precedence, rule_group_id: rule_group_id,
upstream: false, value_checks: value_checks, identifier: obj.identifier&.to_h,
references: obj.references.map(&:to_h), remediation_available: false)

record

Check warning on line 89 in app/models/v2/rule.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule.rb#L89

Added line #L89 was not covered by tests
end
# rubocop:enable Metrics/ParameterLists
end
end
9 changes: 9 additions & 0 deletions app/models/v2/rule_group.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,14 @@ class RuleGroup < ApplicationRecord

searchable_by :title, %i[like unlike eq ne]
searchable_by :ref_id, %i[like unlike]

def self.from_parser(obj, existing: nil, security_guide_id: nil, parent_id: nil, precedence: nil)
record = existing || new(ref_id: obj.id, security_guide_id: security_guide_id)

Check warning on line 21 in app/models/v2/rule_group.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule_group.rb#L21

Added line #L21 was not covered by tests

record.assign_attributes(title: obj.title, description: obj.description, rationale: obj.rationale,

Check warning on line 23 in app/models/v2/rule_group.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule_group.rb#L23

Added line #L23 was not covered by tests
precedence: precedence, parent_id: parent_id)

record

Check warning on line 26 in app/models/v2/rule_group.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/rule_group.rb#L26

Added line #L26 was not covered by tests
end
end
end
6 changes: 6 additions & 0 deletions app/models/v2/security_guide.rb
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,11 @@ class SecurityGuide < ApplicationRecord
def self.os_versions
reselect(:os_major_version).distinct.reorder(:os_major_version).map(&:os_major_version)
end

def self.from_parser(obj)
record = find_or_initialize_by(ref_id: obj.id, version: obj.version)
record.assign_attributes(title: obj.title, description: obj.description)
record

Check warning on line 46 in app/models/v2/security_guide.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/security_guide.rb#L44-L46

Added lines #L44 - L46 were not covered by tests
end
end
end
10 changes: 10 additions & 0 deletions app/models/v2/value_definition.rb
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ class ValueDefinition < ApplicationRecord
searchable_by :title, %i[like unlike eq ne]
searchable_by :ref_id, %i[like unlike]

attr_accessor :op_source

def validate_value(value)
return false unless value.is_a?(String)

Expand All @@ -27,5 +29,13 @@ def validate_value(value)
true
end
end

def self.from_parser(obj, existing: nil, security_guide_id: nil)
record = existing || new(ref_id: obj.id, security_guide_id: security_guide_id)
record.op_source = obj
record.assign_attributes(title: obj.title, description: obj.description,

Check warning on line 36 in app/models/v2/value_definition.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/value_definition.rb#L34-L36

Added lines #L34 - L36 were not covered by tests
value_type: obj.type, default_value: obj.value)
record

Check warning on line 38 in app/models/v2/value_definition.rb

View check run for this annotation

Codecov / codecov/patch

app/models/v2/value_definition.rb#L38

Added line #L38 was not covered by tests
end
end
end
48 changes: 0 additions & 48 deletions app/services/concerns/xccdf/benchmarks.rb

This file was deleted.

2 changes: 1 addition & 1 deletion app/services/concerns/xccdf/hosts.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ def test_result_profile
name: @test_result_file.test_result.profile_id
).find_or_initialize_by(
ref_id: @test_result_file.test_result.profile_id,
benchmark: benchmark
benchmark_id: security_guide.id
)
end
end
Expand Down
12 changes: 6 additions & 6 deletions app/services/concerns/xccdf/profile_os_minor_versions.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ module ProfileOsMinorVersions

included do
def save_profile_os_minor_versions
::ProfileOsMinorVersion.transaction do
::V2::ProfileOsMinorVersion.transaction do

Check warning on line 10 in app/services/concerns/xccdf/profile_os_minor_versions.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_os_minor_versions.rb#L10

Added line #L10 was not covered by tests
# Delete all existing mappings for the given benchmark
old_profile_os_minor_versions.delete_all
# Import the new mappings
::ProfileOsMinorVersion.import!(new_profile_os_minor_versions)
::V2::ProfileOsMinorVersion.import!(new_profile_os_minor_versions)

Check warning on line 14 in app/services/concerns/xccdf/profile_os_minor_versions.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_os_minor_versions.rb#L14

Added line #L14 was not covered by tests
end
end

Expand All @@ -20,18 +20,18 @@ def save_profile_os_minor_versions
def new_profile_os_minor_versions
@profiles.flat_map do |profile|
os_minor_versions.map do |os_minor_version|
::ProfileOsMinorVersion.new(profile: profile, os_minor_version: os_minor_version)
::V2::ProfileOsMinorVersion.new(profile: profile, os_minor_version: os_minor_version)

Check warning on line 23 in app/services/concerns/xccdf/profile_os_minor_versions.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_os_minor_versions.rb#L23

Added line #L23 was not covered by tests
end
end
end

def old_profile_os_minor_versions
@old_profile_os_minor_versions ||= ::ProfileOsMinorVersion.where(profile: @profiles.map(&:id))
@old_profile_os_minor_versions ||= ::V2::ProfileOsMinorVersion.where(profile: @profiles.map(&:id))

Check warning on line 29 in app/services/concerns/xccdf/profile_os_minor_versions.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_os_minor_versions.rb#L29

Added line #L29 was not covered by tests
end

def os_minor_versions
SupportedSsg.by_ssg_version(true)[@benchmark.version]
.select { |ssg| ssg.os_major_version == @benchmark.os_major_version }
SupportedSsg.by_ssg_version(true)[@security_guide.version]
.select { |ssg| ssg.os_major_version == @security_guide.os_major_version }

Check warning on line 34 in app/services/concerns/xccdf/profile_os_minor_versions.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_os_minor_versions.rb#L33-L34

Added lines #L33 - L34 were not covered by tests
.map(&:os_minor_version)
end
end
Expand Down
17 changes: 8 additions & 9 deletions app/services/concerns/xccdf/profile_rules.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,14 @@ module ProfileRules

included do
def save_profile_rules
::ProfileRule.transaction do
::ProfileRule.import!(profile_rules,
on_duplicate_key_update: {
conflict_target: %i[rule_id profile_id],
columns: %i[rule_id profile_id]
})
::V2::ProfileRule.transaction do
::V2::ProfileRule.import!(profile_rules,

Check warning on line 11 in app/services/concerns/xccdf/profile_rules.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_rules.rb#L10-L11

Added lines #L10 - L11 were not covered by tests
on_duplicate_key_update: {
conflict_target: %i[rule_id profile_id],
columns: %i[rule_id profile_id]
})

base = ::ProfileRule.joins(profile: :benchmark)
.where('profiles.parent_profile_id' => nil)
base = ::V2::ProfileRule.joins(profile: :security_guide)

Check warning on line 17 in app/services/concerns/xccdf/profile_rules.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_rules.rb#L17

Added line #L17 was not covered by tests

profile_rule_links_to_remove(base).delete_all
end
Expand All @@ -36,7 +35,7 @@ def profile_rules

def profile_rule_links_to_remove(base)
grouped_rules = profile_rules.group_by(&:profile_id)
grouped_rules.reduce(ProfileRule.none) do |query, (profile_id, prs)|
grouped_rules.reduce(V2::ProfileRule.none) do |query, (profile_id, prs)|

Check warning on line 38 in app/services/concerns/xccdf/profile_rules.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profile_rules.rb#L38

Added line #L38 was not covered by tests
query.or(
base.where(profile_id: profile_id)
.where.not(rule_id: prs.map(&:rule_id))
Expand Down
23 changes: 11 additions & 12 deletions app/services/concerns/xccdf/profiles.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,27 +8,26 @@ module Profiles
included do
def profiles
@profiles ||= @op_profiles.map do |op_profile|
::Profile.from_openscap_parser(
::V2::Profile.from_parser(

Check warning on line 11 in app/services/concerns/xccdf/profiles.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profiles.rb#L11

Added line #L11 was not covered by tests
op_profile,
existing: old_profiles[op_profile.id],
benchmark_id: @benchmark&.id,
security_guide_id: @security_guide.id,
value_overrides: value_overrides(op_profile)
)
end
end

def save_profiles
# Import the new records first with validation
::Profile.import!(new_profiles, ignore: true)
::V2::Profile.import!(new_profiles, ignore: true)

Check warning on line 22 in app/services/concerns/xccdf/profiles.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profiles.rb#L22

Added line #L22 was not covered by tests

# Update the fields on existing profiles, validation is not necessary
::Profile.import(old_profiles.values,
on_duplicate_key_update: {
conflict_target: %i[ref_id benchmark_id],
columns: %i[name value_overrides],
index_predicate: 'parent_profile_id IS NULL'
},
validate: false)
::V2::Profile.import(old_profiles.values,

Check warning on line 25 in app/services/concerns/xccdf/profiles.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profiles.rb#L25

Added line #L25 was not covered by tests
on_duplicate_key_update: {
conflict_target: %i[ref_id security_guide_id],
columns: %i[name value_overrides]
},
validate: false)
end

private
Expand All @@ -38,8 +37,8 @@ def new_profiles
end

def old_profiles
@old_profiles ||= ::Profile.where(
ref_id: @op_profiles.map(&:id), benchmark: @benchmark&.id, parent_profile_id: nil
@old_profiles ||= ::V2::Profile.where(

Check warning on line 40 in app/services/concerns/xccdf/profiles.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/profiles.rb#L40

Added line #L40 was not covered by tests
ref_id: @op_profiles.map(&:id), security_guide_id: @security_guide.id
).index_by(&:ref_id)
end

Expand Down
54 changes: 0 additions & 54 deletions app/services/concerns/xccdf/rule_group_relationships.rb

This file was deleted.

34 changes: 19 additions & 15 deletions app/services/concerns/xccdf/rule_groups.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,31 +7,35 @@ module RuleGroups

included do
def save_rule_groups
@rule_groups ||= @op_rule_groups.each_with_index.map do |op_rule_group, idx|
::RuleGroup.from_openscap_parser(op_rule_group,
existing: old_rule_groups[op_rule_group.id],
precedence: idx, benchmark_id: @benchmark&.id)
end

::RuleGroup.import!(new_rule_groups, ignore: true)
::V2::RuleGroup.import!(new_rule_groups, ignore: true)

Check warning on line 10 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L10

Added line #L10 was not covered by tests

# Overwite a superset of old_rule_groups because the IDs of the ancestors are not
# available in the first import! above
::RuleGroup.import(rule_groups_with_ancestry, on_duplicate_key_update: {
conflict_target: %i[ref_id benchmark_id],
columns: %i[description rationale precedence ancestry]
}, validate: false)
::V2::RuleGroup.import(rule_groups_with_ancestry, on_duplicate_key_update: {

Check warning on line 14 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L14

Added line #L14 was not covered by tests
conflict_target: %i[ref_id security_guide_id],
columns: %i[description rationale precedence ancestry]
}, validate: false)
end

private

def rule_groups
@rule_groups ||= @op_rule_groups.each_with_index.map do |op_rule_group, idx|
::V2::RuleGroup.from_parser(

Check warning on line 24 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L23-L24

Added lines #L23 - L24 were not covered by tests
op_rule_group,
existing: old_rule_groups[op_rule_group.id], precedence: idx,
security_guide_id: @security_guide.id
)
end
end

def new_rule_groups
@new_rule_groups ||= @rule_groups.select(&:new_record?)
@new_rule_groups ||= rule_groups.select(&:new_record?)

Check warning on line 33 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L33

Added line #L33 was not covered by tests
end

def old_rule_groups
@old_rule_groups ||= ::RuleGroup.where(
ref_id: @op_rule_groups.map(&:id), benchmark: @benchmark&.id
@old_rule_groups ||= ::V2::RuleGroup.where(

Check warning on line 37 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L37

Added line #L37 was not covered by tests
ref_id: @op_rule_groups.map(&:id), security_guide_id: @security_guide.id
).index_by(&:ref_id)
end

Expand All @@ -50,7 +54,7 @@ def rule_groups_with_ancestry
end

def rule_group_for(ref_id:)
@cached_rule_groups ||= @rule_groups.index_by(&:ref_id)
@cached_rule_groups ||= rule_groups.index_by(&:ref_id)

Check warning on line 57 in app/services/concerns/xccdf/rule_groups.rb

View check run for this annotation

Codecov / codecov/patch

app/services/concerns/xccdf/rule_groups.rb#L57

Added line #L57 was not covered by tests
@cached_rule_groups[ref_id]
end
end
Expand Down
Loading

0 comments on commit 828e5d0

Please sign in to comment.