SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions
475 commits 13 branches 34 tags 8.5 MiB
Commit graph

127 commits

Author SHA1 Message Date
Bernhard Reiter
6a605fdbcc
Add checker hint about not yet using role 2022-07-21 16:31:22 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
d5b9aa9ce0 Apply automatic changes 2022-07-21 13:04:51 +00:00
JanHoefelmeyer
5716374eac
Move example location of config files to /etc 
* Move example and integration test configuration files to /etc/csaf,
   this includes the provider's config.toml as well as the test OpenPGP keys.
   This shall make it more compatible with good practices like the FHS.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-07-21 15:04:09 +02:00
Bernhard Reiter
7965917168
Improve doc for development test script setup 
* Add a commented out hint how to clone a special branch
   in the calling example of docs/scripts/Readme.md.
 2022-07-21 12:44:03 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
0375e22747 Apply automatic changes 2022-07-20 10:05:55 +00:00
Fadi Abbud
9bb65a8cf8
Include service/category documents in itests (#239) 2022-07-20 12:05:08 +02:00
Fadi Abbud
798e11ad18
Merge pull request #234 from csaf-poc/quick-ckeck 
Quick ckeck
 2022-07-19 10:07:08 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
5caed04dc8 Apply automatic changes 2022-07-18 18:16:39 +00:00
JanHoefelmeyer
e424cd3d6c
Improve provider documentation 
* Creates an example config.toml and replaces csaf_providers example with the autodoc to said example.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
Co-authored-by: @mfd2007
 2022-07-18 20:15:45 +02:00
Sascha L. Teichmann
efa233f2ce Merge branch 'main' into quick-ckeck 2022-07-18 20:08:02 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
8e18b6f36f Apply automatic changes 2022-07-18 16:00:33 +00:00
Sascha L. Teichmann
8b57851486
Moved direct loading of pmd from downloader to library. (#233) 
* Moved direct loading of pmd from downloader to library,
  so aggregator and checker gain the ability.
* Disabled some checks if we were given a direct PMD URL.
 2022-07-18 17:59:38 +02:00
Sascha L. Teichmann
7f113f1f30 Adjusted documentation 2022-07-17 15:01:15 +02:00
Omar Santos
0171715390
Correcting documentation (#229) 
The title of the .md file should be csaf_downloader, not "uploader". Also added an introductory sentence.
 2022-07-15 07:43:57 +02:00
JanHoefelmeyer
2ac7940206
Pwacc (#218) 
* Adds option to require Client Certificate and a Password to aquire write access in provider

* Removed unnecessary flavourtext from provider markdown file

* Fixed and simplified the auth middleware

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2022-07-13 14:09:27 +02:00
JanHoefelmeyer
3ed1d3ab21
Rewrote confusing config option explanations in csaf_provider (#213) 
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
 2022-07-11 12:32:48 +02:00
JanHoefelmeyer
15f05fc122
Adds explanation of type returns of individual checkers to csaf_checker.md (#215) 
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
 2022-07-11 12:30:57 +02:00
Fadi Abbud
12693409a8 Add example to provider documentation (categories) 2022-07-08 11:27:52 +02:00
Sascha L. Teichmann
dc8c89c886 Merge branch 'main' into rolie-categories 2022-07-05 16:54:12 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
69c3030eef Apply automatic changes 2022-07-05 14:45:26 +00:00
Sascha L. Teichmann
20f5937240
Only create/update index.txt, changes.csv, security.txt when configured. (#210) 
* Change default to not write index.txt, changes.csv and security.txt 
  (for provider and aggregator)
* Add config file options to reenable writing.
 2022-07-05 16:44:45 +02:00
Sascha L. Teichmann
acf5df9d56 Add rudimentary documentation. 2022-06-30 19:06:06 +02:00
JanHoefelmeyer
bab5ebdc78
Merge pull request #192 from csaf-poc/itest-for-remote-validator 
Remote validator checks uploaded files for mistakes
 2022-06-27 15:13:15 +02:00
Sascha L. Teichmann
b359fd0a62
Add CSAF downloader 
* Dense and refactor ROLIE code in aggregator a bit.
* Move  advisory file processor to csaf package.
* Fix minor typo on main readme
 2022-06-23 14:14:44 +02:00
Fadi Abbud
9a390e2bcc Adjust script 
* Disable exiting from Script for the errors by checking if the
validator-service is started.
 2022-06-22 11:47:09 +02:00
Fadi Abbud
e1966a5716 Adjust "setupProviderForItest.sh" script 
* To wait for the validator-service to be started.
 2022-06-22 11:14:22 +02:00
Fadi Abbud
07ea594e22 Merge branch 'main' into itest-for-remote-validator 2022-06-22 09:22:56 +02:00
Fadi Abbud
36384ca942 Add "sudo" to one command 2022-06-22 09:21:46 +02:00
Fadi Abbud
847ca3d6af Change permission for one script file 2022-06-21 16:52:19 +02:00
Fadi Abbud
a899376b8c Include testing the remote validator in itests 2022-06-21 16:51:30 +02:00
JanHoefelmeyer
1a6829c9ea
Improve provider docs 
* Rephrase link from setup-provider to csaf_provider options.
* Remove a few superfluous whitespace chars.
 2022-06-21 15:43:03 +02:00
Sascha L. Teichmann
78d8b89aca
Add support for remote validation services. (#185) 
* Simple tool to test the remote validation

* Added remote validator support to provider.

* Added remote validation to aggregator.

* Calm golint

* Removed csaf_remote_validator tool as it was only for dev.

* Re-added csaf_remote_validator tool. Testing is not done.

* Embed the document entirely

* Include testing the remote validator in the Itests

* Change permission of the script

* Remove code for Itests

* As these will be done in another branch

Co-authored-by: Fadi Abbud <fadi.abbud@intevation.de>
 2022-06-21 14:47:06 +02:00
Jan Höfelmeyer
7cbbb4bf81 formatting on provider-setup.md 2022-06-20 12:34:49 +02:00
Jan Höfelmeyer
05915526c2 Resolved merge conflict in csaf_provider.md 2022-06-20 11:54:46 +02:00
Jan Höfelmeyer
3f712584d0 Updates docs/provider-setup.md to no longer include information already given in csaf_provider.md as well as properly link to this doc 2022-06-17 14:14:00 +02:00
Jan Höfelmeyer
004519c9fc fixes formatting at the end of the file 2022-06-17 13:35:54 +02:00
Jan Höfelmeyer
aa523e5659 Fixes formatting of TOML table causing a line to not show up 2022-06-17 13:34:19 +02:00
Jan Höfelmeyer
aa7aadf3f1 Fixes formatting of TOML table at the end of csaf_provider.md 2022-06-17 13:33:14 +02:00
Jan Höfelmeyer
3465938508 Fixes last bit of TOML code not being highlighted 2022-06-17 13:23:44 +02:00
Jan Höfelmeyer
22a6543932 Fixes newlines at the end of docs/csaf_provider.md 2022-06-17 13:22:11 +02:00
Jan Höfelmeyer
a680d909e1 Fixes newlines at the end of docs/csaf_provider.md 2022-06-17 13:17:36 +02:00
Jan Höfelmeyer
21960febe1 Exchanges TOML inline table with standard table for better readability 2022-06-17 13:13:35 +02:00
Jan Höfelmeyer
80eca02ca0 Exchanges TOML inline table with standard table for better readability 2022-06-17 13:01:25 +02:00
JanHoefelmeyer
bb0a30aba3
Improve provider docs 
* Add issuing_authority and contact_details to publisher info example
   in docs/csaf_provider.md.
* Add a link to toml's website.
 2022-06-17 09:26:27 +02:00
Jan Höfelmeyer
0268d989b5 Adds a link to toml's website to docs/provider.md 2022-06-16 12:46:03 +02:00
Jan Höfelmeyer
8fdda14aee Improves Examples for issuing_authority and contact_details in csaf_provider.md 2022-06-16 12:32:11 +02:00
Jan Höfelmeyer
041621cda7 Added issuing_authority and contact_details to publisher info in docs/csaf_provider.md 2022-06-14 13:50:01 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
86a6f9abde Apply automatic changes 2022-06-14 11:20:09 +00:00
Bernhard E. Reiter
1e9d31277d
Improve nginx setup docs (#182) 
* Change nginx config to return 403 on unauthorized access to
   the non-white TLP locations. We cannot hide the existence anyway,
   as it is listed in the provider-metadata.json, even when restricted.
 2022-06-14 13:19:30 +02:00
Bernhard Reiter
7e7947a601
Improve integration test for checker 
* Change checking to use client certs and verbose for html
   as this is what can be displayed on a webbrowser.
 * Rename the json result file to indicate why the result will differ
   without using the access of the client certificate.
 2022-06-14 11:56:11 +02:00