aboutsummaryrefslogtreecommitdiffstats
path: root/anteater/src/patch_scan.py
AgeCommit message (Collapse)AuthorFilesLines
2017-11-16Implements full path for hash checks of binarieslhinds1-1/+2
Previously the hash check would work only against the filename, and not using the relative path. This change uses the whole relative path to allow indentical filenames in different folder locations within the same repo. Also updated the generate-sha256.py script to introduce the same changes. JIRA: RELENG-303 Change-Id: I3a59e015b708eb5a966690b9839e5e15ac5b64c7 Signed-off-by: lhinds <lhinds@redhat.com>
2017-11-16Enter sha256 binary sum in report fileslhinds1-0/+3
JIRA: RELENG-317 Change-Id: If1a0c1e911e2d9c9684c29379707550133146020 Signed-off-by: lhinds <lhinds@redhat.com>
2017-10-10Implements master ignore listlhinds1-4/+5
This change introduces a master ignore list, to save having to repeat ignore strings in every project exception file. This is achieved via a new ignore_list.yaml file that is merged with the project exception list and then used for the re.search ignore statement in both patch_scan.py and project_scan.py Change-Id: Ifb60b8ba3091603182c2025dbbbfd1a88a72439b Signed-off-by: lhinds <lhinds@redhat.com>
2017-09-14Introduce ignore list for content scanslhinds1-3/+6
Anteater was reporting fails on files which are documents and so harmless (for example an rst file) This patch introduces a file_ignore list in master_list.yaml Change-Id: I87c73c80a36114a7df9e1da47d89ca14e3bf668a Signed-off-by: lhinds <lhinds@redhat.com>
2017-09-05Small fix for log formattinglhinds1-2/+2
A new line was missing on the content logs that was spoiling output to .reports/ Change-Id: I2748c2848debc1fa850fc5ce27d71cbaa5e4f78f Signed-off-by: lhinds <lhinds@redhat.com>
2017-08-25Handle missing / deleted / renamed files correctly.lhinds1-25/+26
Previously git rm or mv'ed files would be listed in the patchset. Anteater would then attempt to open the files and fail (as they don't exist). This patch resolves the issue by first not sys.exit'ing on a file not existing, and also not logging with ERROR level (which made the security audit job incorrectly fail). JIRA: RELENG-302 Change-Id: I6a0c56f691f4d80aca1b3509472c1d6e56d492e1 Signed-off-by: lhinds <lhinds@redhat.com>
2017-08-21Incorrect indentlhinds1-10/+10
gate report function incorrectly indented Change-Id: Id1b840847c7ae4d731cc3e80c93a1497ac963a88 Signed-off-by: lhinds <lhinds@redhat.com>
2017-08-21Incorrect Identlhinds1-1/+1
Failure = True is incorrectly formnatted, meaning the failure is not registered within the conditonal check Change-Id: Ib648c9d763fe1d9cbcc69dfe2f27c2aad89a68cf Signed-off-by: lhinds <lhinds@redhat.com>
2017-08-04Implements Rationale Fieldlhinds1-16/+22
This change Implements a descriptive field to explain the rationale behind a block. In time this will be part of a sphinx auto build documentation system, which extracts the `desc` field and places it into a template. The user will then be provided with a url. JIRA: RELENG-276 Change-Id: I82b4eb02fe502928726846cc08388a7a4f0ea2f6 Signed-off-by: lhinds <lhinds@redhat.com>
2017-07-26Implements file except handler for patchsetslhinds1-2/+6
Simple try / except handler in the event that an edge case occurs and a patchset is not present. Change-Id: Ica5df2f5b37fff98c52f79bd2a8e47ba46890e80 Signed-off-by: lhinds <lhinds@redhat.com>
2017-07-11Fix for CCL 4.0 Licenses.lhinds1-3/+3
A follow up patch should move the patterns list into yaml Change-Id: Id814d6fc09631d5037f6825f32daca8d74edc118 Signed-off-by: lhinds <lhinds@redhat.com>
2017-07-03Merge "move logging to runtime init"Luke Hinds1-2/+2
2017-07-01move logging to runtime initRoss Brattain1-2/+2
There are many ways to init logging, but doing import-time logic can cause problems. For yardstick we are doing this type of run-time init in the main program startup. This allows for some flexibiliy since we just set the root loggers. Every other logger is standard, not subclassed Change-Id: I7004a147f03a7104f373141caf9206d8e49a5d4c Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
2017-07-01switch logging to proper usageRoss Brattain1-22/+14
The logging methods do string interpolation themselves The first arg to logging.debug() is formally defined to be a message format string. From the reference: https://docs.python.org/2/library/logging.html#logging.Logger.debug Logger.debug(msg, *args, **kwargs) Logs a message with level DEBUG on this logger. The msg is the message format string, and the args are the arguments which are merged into msg using the string formatting operator. (Note that this means that you can use keywords in the format string, together with a single dictionary argument.) There are two keyword arguments in kwargs which are inspected: exc_info which, if it does not evaluate as false, causes exception information to be added to the logging message. If an exception tuple (in the format returned by sys.exc_info()) is provided, it is used; otherwise, sys.exc_info() is called to get the exception information The reason logging does string interpolation it self is to implement deferred interpolation. String interpolation involves evaluating arguments, so it can introduce significant computation. The logging module tries to be smart about deferring interpolation until the last possible moment. The logging methods check isEnabledFor for the log level and won't interpolate if the level is not enabled. https://github.com/python/cpython/blob/2.7/Lib/logging/__init__.py#L1178 def warning(self, msg, *args, **kwargs): if self.isEnabledFor(WARNING): self._log(WARNING, msg, args, **kwargs) logging actually waits to interpolate the string in LogRecord.getMessage() https://github.com/python/cpython/blob/2.7/Lib/logging/__init__.py#L328 if self.args: msg = msg % self.args Change-Id: I0090dcbc408200b6f2471748eae0c5a763da2e37 Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
2017-06-28add Python3 support with sixRoss Brattain1-3/+3
switch to relative imports for package file use absolute imports in main this requires renaming anteater.py to main.py to avoid absolute import name conflict update setup.py to indicate python 3.4 support Change-Id: I0fcaf8a9825557962dc98a6a4eef490051fbbfb0 Signed-off-by: Ross Brattain <ross.b.brattain@intel.com>
2017-06-27Fixes UnboundLocalError issue.lhinds1-1/+1
If no hash exists in the project exception file, then `return binary_hash` is Nonetype which throws an Unbound variable error. This change adds some dummy text to allow try / except statements to deal with missing entries in project exception files. JIRA: RELENG-264 Change-Id: I98fb4b01a2930b350794326d4cf735c8e014e00a Signed-off-by: lhinds <lhinds@redhat.com>
2017-06-25Implements sha256 exception functionalitylhinds1-8/+20
This patch adds functionality for file checksum verfications for binary files. The master_list.yaml binaries yaml directive now only contains simple exceptions (for common artefacts that are gitignored) Each project_exception file now has a filename and a sha256 hash. If a binary file is not found, or the hash is mismatched, it will output the hash for the user to include in an exception patch. This functionality has been added to complete project scans and patchset scans JIRA: RELENG-240 Change-Id: Iafa5710f4a0da192fc74335b1200b504413f8a8b Signed-off-by: lhinds <lhinds@redhat.com>
2017-06-14Adds Wiki URL to gerrit outputlhinds1-1/+1
A link to a wiki page is supplied, that instructs the user on how to make an exception patch. Also quick fix to log format Change-Id: Icfc8072d9764fe321e14b97080fca47d26ea8dc6 Signed-off-by: lhinds <lhinds@redhat.com>
2017-05-22Initial code push of Anteaterlhinds1-0/+164
Likely far to much to cover in a commit msg. Main bulk is the Anteater code itself, alongside packaging requirements and build tools and Dockerfile. Unit tests are planned as a follow up, so pushing this for now so that efforts can get underway to integrate the tool with jjb. Questions on how it works, please reach me in IRC. Change-Id: I2cd3cae391f8bf2cdc91b39c56dfc4833a1c4913 Signed-off-by: lhinds <lhinds@redhat.com>