Aggregator: Add time range filtering

2025-12-22 11:55:40 +01:00 · 2023-08-17 16:54:11 +02:00 · 2023-08-17 16:54:11 +02:00 · d49049c3af
commit d49049c3af
parent 42709a8554
4 changed files with 26 additions and 0 deletions
--- a/cmd/csaf_aggregator/config.go
+++ b/cmd/csaf_aggregator/config.go
@ -22,6 +22,7 @@ import (
 	"github.com/csaf-poc/csaf_distribution/v2/csaf"
 	"github.com/csaf-poc/csaf_distribution/v2/internal/certs"
 	"github.com/csaf-poc/csaf_distribution/v2/internal/filter"
+	"github.com/csaf-poc/csaf_distribution/v2/internal/models"
 	"github.com/csaf-poc/csaf_distribution/v2/internal/options"
 	"github.com/csaf-poc/csaf_distribution/v2/util"
 	"golang.org/x/time/rate"
@ -61,6 +62,8 @@ type provider struct {
 	ClientKey        *string `toml:"client_key"`
 	ClientPassphrase *string `toml:"client_passphrase"`

+	Range *models.TimeRange `toml:"timerange"`
+
 	clientCerts   []tls.Certificate
 	ignorePattern filter.PatternMatcher
 }
@ -88,6 +91,8 @@ type config struct {
 	ClientKey        *string `toml:"client_key"`
 	ClientPassphrase *string `toml:"client_passphrase"`

+	Range *models.TimeRange `long:"timerange" short:"t" description:"RANGE of time from which advisories to download" value-name:"RANGE" toml:"timerange"`
+
 	// LockFile tries to lock to a given file.
 	LockFile *string `toml:"lock_file"`

@ -156,6 +161,20 @@ func (c *config) tooOldForInterims() func(time.Time) bool {
 	return func(t time.Time) bool { return t.Before(from) }
 }

+// ageAccept returns a function which checks if a given time
+// is in the accepted download interval of the provider or
+// the global config.
+func (p *provider) ageAccept(c *config) func(time.Time) bool {
+	switch {
+	case p.Range != nil:
+		return p.Range.Contains
+	case c.Range != nil:
+		return c.Range.Contains
+	default:
+		return nil
+	}
+}
+
 // ignoreFile returns true if the given URL should not be downloaded.
 func (p *provider) ignoreURL(u string, c *config) bool {
 	return p.ignorePattern.Matches(u) || c.ignorePattern.Matches(u)
--- a/cmd/csaf_aggregator/mirror.go
+++ b/cmd/csaf_aggregator/mirror.go
@ -78,6 +78,8 @@ func (w *worker) mirrorInternal() (*csaf.AggregatorCSAFProvider, error) {
 		w.metadataProvider,
 		base)

+	afp.AgeAccept = w.provider.ageAccept(w.processor.cfg)
+
 	if err := afp.Process(w.mirrorFiles); err != nil {
 		return nil, err
 	}
@ -494,6 +496,7 @@ func (w *worker) mirrorFiles(tlpLabel csaf.TLPLabel, files []csaf.AdvisoryFile)
 	yearDirs := make(map[int]string)

 	for _, file := range files {
+
 		u, err := url.Parse(file.URL())
 		if err != nil {
 			log.Printf("error: %s\n", err)
--- a/docs/csaf_aggregator.md
+++ b/docs/csaf_aggregator.md
@ -6,6 +6,7 @@
  csaf_aggregator [OPTIONS]

 Application Options:
+  -t, --timerange=RANGE     RANGE of time from which advisories to download
  -i, --interim             Perform an interim scan
      --version             Display version of the binary
  -c, --config=TOML-FILE    Path to config TOML file
@ -99,6 +100,7 @@ client_cert             // path to client certificate to access access-protected
 client_key              // path to client key to access access-protected advisories
 client_passphrase       // client passphrase to access access-protected advisories
 header                  // adds extra HTTP header fields to the client
+timerange               // Accepted time range of advisories to handle. See checker doc for details.
 ```

 Next we have two TOML _tables_:
--- a/docs/examples/aggregator.toml
+++ b/docs/examples/aggregator.toml
@ -10,6 +10,7 @@ insecure = true
 #interim_years =
 #passphrase =
 #write_indices = false
+#timerange =

 # specification requires at least two providers (default),
 # to override for testing, enable:
@ -31,6 +32,7 @@ insecure = true
  create_service_document = true
 #  rate = 1.5
 #  insecure = true
+#  timerange =

 [[providers]]
  name = "local-dev-provider2"