Download advisories to label/year folders

2025-12-22 11:55:40 +01:00 · 2022-06-23 15:04:49 +02:00 · 2022-06-23 15:04:49 +02:00 · f8ce08a26e
commit f8ce08a26e
parent 0b19782374
2 changed files with 26 additions and 8 deletions
--- a/cmd/csaf_downloader/downloader.go
+++ b/cmd/csaf_downloader/downloader.go
@ -23,7 +23,9 @@ import (
 	"os"
 	"path"
 	"path/filepath"
+	"strconv"
 	"strings"
+	"time"

 	"github.com/ProtonMail/gopenpgp/v2/crypto"
 	"github.com/csaf-poc/csaf_distribution/csaf"
@ -36,6 +38,14 @@ type downloader struct {
 	opts      *options
 	directory string
 	keys      []*crypto.KeyRing
+	eval      *util.PathEval
+}
+
+func newDownloader(opts *options) *downloader {
+	return &downloader{
+		opts: opts,
+		eval: util.NewPathEval(),
+	}
 }

 func (d *downloader) httpClient() util.Client {
@ -136,11 +146,8 @@ func (d *downloader) download(domain string) error {
 		return fmt.Errorf("invalid URL '%s': %v", lpmd.URL, err)
 	}

-	eval := util.NewPathEval()
-
 	if err := d.loadOpenPGPKeys(
 		d.httpClient(),
-		eval,
 		lpmd.Document,
 		base,
 	); err != nil {
@ -149,7 +156,7 @@ func (d *downloader) download(domain string) error {

 	afp := csaf.NewAdvisoryFileProcessor(
 		d.httpClient(),
-		eval,
+		d.eval,
 		lpmd.Document,
 		base)

@ -158,12 +165,11 @@ func (d *downloader) download(domain string) error {

 func (d *downloader) loadOpenPGPKeys(
 	client util.Client,
-	eval *util.PathEval,
 	doc interface{},
 	base *url.URL,
 ) error {

-	src, err := eval.Eval("$.public_openpgp_keys", doc)
+	src, err := d.eval.Eval("$.public_openpgp_keys", doc)
 	if err != nil {
 		// no keys.
 		return nil
@ -237,6 +243,12 @@ func (d *downloader) downloadFiles(label csaf.TLPLabel, files []csaf.AdvisoryFil

 	var lastDir string

+	lower := strings.ToLower(string(label))
+
+	var initialReleaseDate time.Time
+
+	dateExtract := util.TimeMatcher(&initialReleaseDate, time.RFC3339)
+
 	for _, file := range files {

 		u, err := url.Parse(file.URL())
@ -349,9 +361,15 @@ func (d *downloader) downloadFiles(label csaf.TLPLabel, files []csaf.AdvisoryFil
 			continue
 		}

+		if err := d.eval.Extract(`$.document.tracking.initial_release_date`, dateExtract, false, doc); err != nil {
+			log.Printf("Cannot extract initial_release_date from advisory '%s'\n", file.URL())
+			initialReleaseDate = time.Now()
+		}
+		initialReleaseDate = initialReleaseDate.UTC()
+
 		// Write advisory to file

-		newDir := path.Join(d.directory, string(label))
+		newDir := path.Join(d.directory, lower, strconv.Itoa(initialReleaseDate.Year()))
 		if newDir != lastDir {
 			if err := os.MkdirAll(newDir, 0755); err != nil {
 				return err
--- a/cmd/csaf_downloader/main.go
+++ b/cmd/csaf_downloader/main.go
@ -53,7 +53,7 @@ func main() {
 		return
 	}

-	d := downloader{opts: opts}
+	d := newDownloader(opts)

 	errCheck(d.run(domains))
 }