Skip to content

Commit

Permalink
feat: csaf correlation - correlate vulnerability to purls and sboms
Browse files Browse the repository at this point in the history
  • Loading branch information
dejanb committed Nov 4, 2024
1 parent 1cfcb86 commit 99f3d67
Show file tree
Hide file tree
Showing 10 changed files with 332 additions and 70 deletions.
1 change: 1 addition & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions entity/src/cpe.rs
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ pub enum Relation {
to = "super::sbom_package_cpe_ref::Column::CpeId"
)]
SbomPackage,
#[sea_orm(
belongs_to = "super::product::Entity",
from = "Column::Product",
to = "super::product::Column::CpeKey"
)]
Product,
}

impl Related<super::sbom_package_cpe_ref::Entity> for Entity {
Expand All @@ -36,6 +42,12 @@ impl Related<super::sbom_package_cpe_ref::Entity> for Entity {
}
}

impl Related<super::product::Entity> for Entity {
fn to() -> RelationDef {
Relation::Product.def()
}
}

impl ActiveModelBehavior for ActiveModel {}

impl Display for Model {
Expand Down
11 changes: 11 additions & 0 deletions entity/src/product.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,11 @@ pub enum Relation {
Vendor,
#[sea_orm(has_many = "super::product_version::Entity")]
ProductVersion,
#[sea_orm(
has_many = "super::cpe::Entity"
from = "Column::CpeKey"
to = "super::cpe::Column::Product")]
Cpe,
}

impl Related<organization::Entity> for Entity {
Expand All @@ -35,4 +40,10 @@ impl Related<super::product_version::Entity> for Entity {
}
}

impl Related<super::cpe::Entity> for Entity {
fn to() -> RelationDef {
Relation::Cpe.def()
}
}

impl ActiveModelBehavior for ActiveModel {}
14 changes: 1 addition & 13 deletions entity/src/product_status.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ pub struct Model {
pub advisory_id: Uuid,
pub vulnerability_id: String,
pub status_id: Uuid,
pub base_purl_id: Option<Uuid>,
pub component: Option<String>,
pub product_version_range_id: Uuid,
pub context_cpe_id: Option<Uuid>,
}
Expand All @@ -21,12 +21,6 @@ pub enum Relation {
)]
ProductVersionRange,

#[sea_orm(belongs_to = "super::base_purl::Entity",
from = "Column::BasePurlId"
to = "super::base_purl::Column::Id"
)]
BasePurl,

#[sea_orm(belongs_to = "super::vulnerability::Entity",
from = "Column::VulnerabilityId"
to = "super::vulnerability::Column::Id"
Expand Down Expand Up @@ -64,12 +58,6 @@ impl Related<super::product_version_range::Entity> for Entity {
}
}

impl Related<super::base_purl::Entity> for Entity {
fn to() -> RelationDef {
Relation::BasePurl.def()
}
}

impl Related<super::vulnerability::Entity> for Entity {
fn to() -> RelationDef {
Relation::Vulnerability.def()
Expand Down
2 changes: 2 additions & 0 deletions migration/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ mod m0000625_alter_qualified_purl_purl_column;
mod m0000630_create_product_version_range;
mod m0000631_alter_product_cpe_key;
mod m0000640_create_product_status;
mod m0000641_update_product_status;
mod m0000650_alter_advisory_tracking;
mod m0000660_purl_id_indexes;
mod m0000670_version_cmp;
Expand Down Expand Up @@ -174,6 +175,7 @@ impl MigratorTrait for Migrator {
Box::new(m0000630_create_product_version_range::Migration),
Box::new(m0000631_alter_product_cpe_key::Migration),
Box::new(m0000640_create_product_status::Migration),
Box::new(m0000641_update_product_status::Migration),
Box::new(m0000650_alter_advisory_tracking::Migration),
Box::new(m0000660_purl_id_indexes::Migration),
Box::new(m0000670_version_cmp::Migration),
Expand Down
72 changes: 72 additions & 0 deletions migration/src/m0000641_update_product_status.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
use sea_orm_migration::prelude::*;

#[derive(DeriveMigrationName)]
pub struct Migration;

#[async_trait::async_trait]
#[allow(deprecated)]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(ProductStatus::Table)
.drop_column(ProductStatus::BasePurlId)
.to_owned(),
)
.await?;

manager
.alter_table(
Table::alter()
.table(ProductStatus::Table)
.add_column(ColumnDef::new(ProductStatus::Component).string())
.to_owned(),
)
.await?;

Ok(())
}

async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(ProductStatus::Table)
.drop_column(ProductStatus::Component)
.to_owned(),
)
.await?;

manager
.alter_table(
Table::alter()
.table(ProductStatus::Table)
.add_column(ColumnDef::new(ProductStatus::BasePurlId).uuid())
.add_foreign_key(
TableForeignKey::new()
.from_tbl(ProductStatus::Table)
.from_col(ProductStatus::BasePurlId)
.to_tbl(BasePurl::Table)
.to_col(BasePurl::Id),
)
.to_owned(),
)
.await?;

Ok(())
}
}

#[derive(DeriveIden)]
enum ProductStatus {
Table,
BasePurlId,
Component,
}

#[derive(DeriveIden)]
enum BasePurl {
Table,
Id,
}
1 change: 1 addition & 0 deletions modules/fundamental/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ base64 = { workspace = true }
cpe = { workspace = true }
futures-util = { workspace = true }
itertools = { workspace = true }
lenient_semver = { workspace = true }
langchain-rust = { workspace = true }
log = { workspace = true }
sea-orm = { workspace = true }
Expand Down
Loading

0 comments on commit 99f3d67

Please sign in to comment.