Blocker and Vulnerability update (#1473)
* Make vulnerability scan a common code
This commit is contained in:
Vikas Bhansali
GitHub
Родитель
13f5d24be3
Коммит
db7dec95e4
31
cmd/root.go
31
cmd/root.go
|
|
@ -151,6 +151,29 @@ func beginDetectNewVersion() chan interface{} {
|
|||
return
|
||||
}
|
||||
|
||||
warningsUrl := common.Blobfuse2ListContainerURL + "/securitywarnings/" + common.Blobfuse2Version
|
||||
hasWarnings := checkVersionExists(warningsUrl)
|
||||
|
||||
if hasWarnings {
|
||||
// This version has known issues associated with it
|
||||
// Check whether the version has been blocked by the dev team or not.
|
||||
blockedVersions := common.Blobfuse2ListContainerURL + "/blockedversions/" + common.Blobfuse2Version
|
||||
isBlocked := checkVersionExists(blockedVersions)
|
||||
|
||||
if isBlocked {
|
||||
// This version is blocked and customer shall not be allowed to use this.
|
||||
blockedPage := common.BlobFuse2BlockingURL + "#" + strings.ReplaceAll(strings.ReplaceAll(common.Blobfuse2Version, ".", ""), "~", "")
|
||||
fmt.Fprintf(stderr, "PANIC: Visit %s to see the list of known issues blocking your current version [%s]\n", blockedPage, common.Blobfuse2Version)
|
||||
log.Warn("PANIC: Visit %s to see the list of known issues blocking your current version [%s]\n", blockedPage, common.Blobfuse2Version)
|
||||
os.Exit(1)
|
||||
} else {
|
||||
// This version is not blocked but has know issues list which customer shall visit.
|
||||
warningsPage := common.BlobFuse2WarningsURL + "#" + strings.ReplaceAll(strings.ReplaceAll(common.Blobfuse2Version, ".", ""), "~", "")
|
||||
fmt.Fprintf(stderr, "WARNING: Visit %s to see the list of known issues associated with your current version [%s]\n", warningsPage, common.Blobfuse2Version)
|
||||
log.Warn("WARNING: Visit %s to see the list of known issues associated with your current version [%s]\n", warningsPage, common.Blobfuse2Version)
|
||||
}
|
||||
}
|
||||
|
||||
if local.OlderThan(*remote) {
|
||||
executablePathSegments := strings.Split(strings.Replace(os.Args[0], "\\", "/", -1), "/")
|
||||
executableName := executablePathSegments[len(executablePathSegments)-1]
|
||||
|
|
@ -158,14 +181,6 @@ func beginDetectNewVersion() chan interface{} {
|
|||
fmt.Fprintf(stderr, "*** "+executableName+": A new version [%s] is available. Consider upgrading to latest version for bug-fixes & new features. ***\n", remoteVersion)
|
||||
log.Info("*** "+executableName+": A new version [%s] is available. Consider upgrading to latest version for bug-fixes & new features. ***\n", remoteVersion)
|
||||
|
||||
warningsUrl := common.Blobfuse2ListContainerURL + "/securitywarnings/" + common.Blobfuse2Version
|
||||
hasWarnings := checkVersionExists(warningsUrl)
|
||||
|
||||
if hasWarnings {
|
||||
warningsPage := common.BlobFuse2WarningsURL + "#" + strings.ReplaceAll(common.Blobfuse2Version, ".", "")
|
||||
fmt.Fprintf(stderr, "Visit %s to see the list of vulnerabilities associated with your current version [%s]\n", warningsPage, common.Blobfuse2Version)
|
||||
log.Warn("Visit %s to see the list of vulnerabilities associated with your current version [%s]\n", warningsPage, common.Blobfuse2Version)
|
||||
}
|
||||
completed <- "A new version of Blobfuse2 is available"
|
||||
}
|
||||
}()
|
||||
|
|
|
|||
|
|
@ -104,6 +104,27 @@ func (suite *rootCmdSuite) TestNoSecurityWarnings() {
|
|||
suite.assert.False(found)
|
||||
}
|
||||
|
||||
func (suite *rootCmdSuite) TestSecurityWarnings() {
|
||||
defer suite.cleanupTest()
|
||||
warningsUrl := common.Blobfuse2ListContainerURL + "/securitywarnings/" + "1.1.1"
|
||||
found := checkVersionExists(warningsUrl)
|
||||
suite.assert.True(found)
|
||||
}
|
||||
|
||||
func (suite *rootCmdSuite) TestBlockedVersion() {
|
||||
defer suite.cleanupTest()
|
||||
warningsUrl := common.Blobfuse2ListContainerURL + "/blockedversions/" + "1.1.1"
|
||||
isBlocked := checkVersionExists(warningsUrl)
|
||||
suite.assert.True(isBlocked)
|
||||
}
|
||||
|
||||
func (suite *rootCmdSuite) TestNonBlockedVersion() {
|
||||
defer suite.cleanupTest()
|
||||
warningsUrl := common.Blobfuse2ListContainerURL + "/blockedversions/" + common.Blobfuse2Version
|
||||
found := checkVersionExists(warningsUrl)
|
||||
suite.assert.False(found)
|
||||
}
|
||||
|
||||
func (suite *rootCmdSuite) TestGetRemoteVersionInvalidURL() {
|
||||
defer suite.cleanupTest()
|
||||
out, err := getRemoteVersion("abcd")
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ import (
|
|||
|
||||
const Blobfuse2ListContainerURL = "https://blobfuse2.blob.core.windows.net/release"
|
||||
const BlobFuse2WarningsURL = "https://aka.ms/blobfuse2warnings"
|
||||
const BlobFuse2BlockingURL = "https://aka.ms/blobfuse2blockers"
|
||||
|
||||
type Version struct {
|
||||
segments []int64
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче