Required changes due to compatibility issues (#7)

* Required changes due to compatibility issues * rm unused optional * Readme updates * Add readme features * v0.0.3 * update readme --------- Co-authored-by: Diogo Lemos <[email protected]>
surface-security · Jun 13, 2024 · 270cd92 · 270cd92
1 parent 531f3a2
commit 270cd92
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 29 deletions.
diff --git a/README.md b/README.md
@@ -29,21 +29,15 @@ Once we receive a **SBOM** we check for vulnerabilities within our Vulnerability
 
 ### How to run it
 
-The **SBOM repo** is composed by a python/django app plus a postgres database. To make the whole process as simple as possible, a `docker-compose.yml` was created.
-
-It includes everything the app needs, and you just need to do a `docker compose up`  which will start Django, nginx and Postgres. Then open the API at http://localhost.
-
-
-### Import for it 
-
-Once everything is setup, you need to import results into the **SBOM repo**. 
-As requirement you will need a previous **SBOM**, we're using [cdxgen](https://github.com/CycloneDX/cdxgen) as a **SBOM** generator. 
-**TLA** is a 3 letter acronym for you to specify your application name, we used it to simplify things as much as possible but feel free to use which name you want.
-**Entry** is a second key, like a tag. **GIT_URL**,  **GIT_BRANCH** and **Branch** are pretty clear.
-
-**localhost** can be replaced by whatever url you want, feel free to deploy and use your own.
-
-That can be done using the following curl:
-
-`curl -F 'file=@./sbom.json' "https://localhost/sbomrepo/v1/sbom?repo=${{GIT_URL}}&branch=${{GIT_BRANCH}}&main_branch={branch}"`
-
+The **SBOM repo** is pypi package. You can install it using `pip install django-sbomrepo` within your django application. Make sure you include the `sbomrepo` in your `INSTALLED_APPS` in your `settings.py` file and update your `urls.py` file to include the `sbomrepo` urls.
+
+### Features
+
+Import SBOM -> `curl -F 'file=@./sbom.json' "http://localhost:8000/sbomrepo/v1/sbom?repo=${{GIT_URL}}&branch=${{GIT_BRANCH}}&main_branch={branch}"`
+Get SBOM -> `curl "http://localhost:8000/sbomrepo/v1/sbom/<serial_number>"`
+Get SBOM and Vulnerabilities -> `curl "http://localhost:8000/sbomrepo/v1/sbom/<serial_number>?vuln_data=true"`
+List All SBOMs -> `curl "http://localhost:8000/sbomrepo/v1/sbom/all"`
+Delete SBOMs -> `curl -X DELETE "http://localhost:8000/sbomrepo/v1/sbom/delete"`
+Reimport SBOM -> `curl -X POST "http://localhost:8000/sbomrepo/v1/sbom/<serial_number>/reimport"`
+Get Vulnerability -> `curl "http://localhost:8000/sbomrepo/v1/vulnerability/<id>"`
+Get Ecosystems -> `curl "http://localhost:8000/sbomrepo/v1/ecosystems"`
diff --git a/sbomrepo/__init__.py b/sbomrepo/__init__.py
@@ -1,4 +1,4 @@
-__version__ = "0.0.2"
+__version__ = "0.0.3"
 
 import os
 import sys

diff --git a/sbomrepo/apps.py b/sbomrepo/apps.py
@@ -2,7 +2,7 @@
 from django.conf import settings
 
 APP_SETTINGS = dict(
-    VERSION='0.0.2',
+    VERSION='0.0.3',
 )
 
 class SbomRepoConfig(AppConfig):

diff --git a/sbomrepo/management/commands/resync_vulnerabilities.py b/sbomrepo/management/commands/resync_vulnerabilities.py
@@ -12,22 +12,22 @@
 
 
 class Command(BaseCommand):
-    def handle(self, *args: Any, **options: Any) -> str | None:
+    def handle(self):
         session = requests.Session()
 
         ecosystems = get_osv_ecosystems()
 
         for ecosystem in tqdm(ecosystems):
             z = session.get(f"https://osv-vulnerabilities.storage.googleapis.com/{ecosystem}/all.zip")
 
-            vulns = []
-
             with ZipFile(BytesIO(z.content)) as zipfile:
                 for file_name in zipfile.namelist():
                     with zipfile.open(file_name) as f:
                         j = json.load(f)
-                        vulns.append(Vulnerability(id=j["id"], ecosystem=ecosystem, document=j))
-
-            Vulnerability.objects.bulk_create(
-                vulns, update_conflicts=True, unique_fields=["id"], update_fields=["document"], batch_size=100
-            )
+                        Vulnerability.objects.update_or_create(
+                            id=j["id"],
+                            defaults={
+                                "ecosystem": ecosystem,
+                                "document": j
+                            }
+                        )
diff --git a/sbomrepo/views.py b/sbomrepo/views.py
@@ -140,7 +140,7 @@ def reimport_sbom(request: HttpRequest, serial_number: str) -> HttpResponse:
 
 
 class SBOMView(View):
-    def get(self, request: HttpRequest, serial_number: str | None) -> HttpResponse:
+    def get(self, request: HttpRequest, serial_number: str) -> HttpResponse:
         sbom = get_object_or_404(models.SBOM, pk=serial_number)
         doc = sbom.document
         doc["sbomrepo"] = {"metadata": sbom.metadata}