SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Merge branch 'main' into metadata-validation

Browse source
This commit is contained in:
Fadi Abbud 2022-06-29 08:13:29 +02:00
commit 7a023dc22c
3 changed files with 43 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
cmd/csaf_provider/actions.go
View file

@ -3,8 +3,8 @@
// //
// SPDX-License-Identifier: MIT // SPDX-License-Identifier: MIT
// //
// SPDX-FileCopyrightText: 2021 German Federal Office for Information Security (BSI) <https://www.bsi.bund.de> // SPDX-FileCopyrightText: 2022 German Federal Office for Information Security (BSI) <https://www.bsi.bund.de>
// Software-Engineering: 2021 Intevation GmbH <https://intevation.de> // Software-Engineering: 2022 Intevation GmbH <https://intevation.de>
package main package main
@ -155,7 +155,7 @@ func (c *controller) upload(r *http.Request) (interface{}, error) {
return nil, err return nil, err
} }
// Validate againt JSON schema. // Validate against JSON schema.
if !c.cfg.NoValidation { if !c.cfg.NoValidation {
validationErrors, err := csaf.ValidateCSAF(content) validationErrors, err := csaf.ValidateCSAF(content)
if err != nil { if err != nil {
@ -167,7 +167,7 @@ func (c *controller) upload(r *http.Request) (interface{}, error) {
} }
} }
// Validate against remote validator // Validate against remote validator.
if c.cfg.RemoteValidator != nil { if c.cfg.RemoteValidator != nil {
validator, err := c.cfg.RemoteValidator.Open() validator, err := c.cfg.RemoteValidator.Open()
if err != nil { if err != nil {

14
docs/scripts/setupProviderForITest.sh
View file

@ -104,6 +104,20 @@ curl https://localhost:8443/cgi-bin/csaf_provider.go/create --cert-type p12 --ce
popd popd
# Setup validation service
./setupValidationService.sh
# Disable exit for the next error as these is expected.
set +e
# Wait for the service to be started
for ((i = 1; i <= 10; i++)); do
if [ $(curl -IL http://localhost:3000/api/v1/tests | grep -c HTTP ) != "0" ]; then
break
fi
sleep 3
done
# Upload files # Upload files
./uploadToProvider.sh ./uploadToProvider.sh

25
docs/scripts/setupValidationService.sh Executable file
View file

@ -0,0 +1,25 @@
#!/usr/bin/env bash
sudo mkdir -p /var/lib/csaf
sudo chgrp www-data /var/lib/csaf/
sudo chmod g+s /var/lib/csaf/
sudo touch /var/lib/csaf/validations.db
sudo chgrp www-data /var/lib/csaf/validations.db
sudo chmod g+rw,o-rwx /var/lib/csaf/validations.db
echo '
remote_validator= { "url" = "http://localhost:3000", "presets" = ["mandatory"], "cache" = "/var/lib/csaf/validations.db" }
' | sudo tee --append /usr/lib/csaf/config.toml
# Install nodejs
curl -fsSL https://deb.nodesource.com/setup_14.x | sudo -E bash -
sudo apt-get install -y nodejs
npm install pm2 -g
pushd ~
git clone https://github.com/secvisogram/csaf-validator-service.git
cd csaf-validator-service
npm ci
pm2 start npm -- run dev
popd