Development has been moved to https://gitlab.cee.redhat.com/jridky/centos-cve-check/tree/master
Fill bugzilla credentials into bugzilla.conf file first.
Fill MySQL credentials into database.conf if you would like to run this script as web service. This assumes, you have installed MySQL (MariaDB) database and you have created database and table as available in dbinit.sql file.
Run setup.sh script as root.
python3 check.py -l NVR
WARNING: Without -l option script will try to communicate with MySQL database. To avoid this, you have to use -l option.
Based on return value:
- 0 = Allow
- 1 = Deny
- 2 = Deny due of error (no valid NVR passed)
Standard output will contain NVR of the newest safe build, that can be shipped in CentOS stream.
For testing, you can use ./testing.sh. This script expect file inputfile, which contains NVR of tested packages. Onle line, one NVR.
python3 server.py
Webservice will be available at http://localhost:8000 and supports following URL:
/check/NVR- will run checker script upon given NVR. As result, JSON withtaskIdis returned./info/TASKID- will return info about given TASKID in JSON format./state/TASKID- will return current state of given TASKID in as plain text./log/TASKID- will return log from checker script of TASKID in HTML format./history/PACKAGE- will return check history of given PACKAGE (without NVR) in JSON format.
Josef Ridky jridky@redhat.com