diff --git a/modules/importer/src/model/osv.rs b/modules/importer/src/model/osv.rs index aec1592dc..75d018bd7 100644 --- a/modules/importer/src/model/osv.rs +++ b/modules/importer/src/model/osv.rs @@ -6,8 +6,14 @@ pub struct OsvImporter { #[serde(flatten)] pub common: CommonImporter, + /// The URL to the git repository of the OSV data pub source: String, + /// An optional branch. Will use the default branch otherwise. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub branch: Option, + + /// An optional path to start searching for documents. Will use the root of the repository otherwise. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, } diff --git a/modules/importer/src/server/common/walker/git.rs b/modules/importer/src/server/common/walker/git.rs index 0f4bbb2b7..a1447479b 100644 --- a/modules/importer/src/server/common/walker/git.rs +++ b/modules/importer/src/server/common/walker/git.rs @@ -66,6 +66,9 @@ where /// The git source to clone from pub source: String, + /// The branch to check out + pub branch: Option, + /// A path inside the cloned repository to start searching for files pub path: Option, @@ -86,6 +89,7 @@ where pub fn new(source: impl Into, handler: H) -> Self { Self { source: source.into(), + branch: None, path: None, continuation: Default::default(), working_dir: (), @@ -102,6 +106,7 @@ where pub fn handler(self, handler: U) -> GitWalker { GitWalker { source: self.source, + branch: self.branch, path: self.path, continuation: self.continuation, working_dir: self.working_dir, @@ -123,6 +128,7 @@ where ) -> GitWalker { GitWalker { source: self.source, + branch: self.branch, path: self.path, continuation: self.continuation, working_dir, @@ -130,6 +136,11 @@ where } } + pub fn branch(mut self, branch: Option>) -> Self { + self.branch = branch.map(|s| s.into()); + self + } + pub fn path(mut self, path: Option>) -> Self { self.path = path.map(|s| s.into()); self @@ -186,9 +197,13 @@ where // clone or open repository let result = info_span!("clone repository").in_scope(|| { - RepoBuilder::new() - .fetch_options(fo) - .clone(&self.source, path) + let mut builder = RepoBuilder::new(); + + if let Some(branch) = &self.branch { + builder.branch(branch); + } + + builder.fetch_options(fo).clone(&self.source, path) }); let repo = match result { diff --git a/modules/importer/src/server/osv/mod.rs b/modules/importer/src/server/osv/mod.rs index 8da8d11ab..8b1c4eb82 100644 --- a/modules/importer/src/server/osv/mod.rs +++ b/modules/importer/src/server/osv/mod.rs @@ -94,6 +94,7 @@ impl super::Server { let walker = OsvWalker::new(osv.source.clone()) .continuation(continuation) + .branch(osv.branch) .path(osv.path) .callbacks(Context { context, diff --git a/modules/importer/src/server/osv/walker.rs b/modules/importer/src/server/osv/walker.rs index 33c405ddf..f67b0c9f1 100644 --- a/modules/importer/src/server/osv/walker.rs +++ b/modules/importer/src/server/osv/walker.rs @@ -101,6 +101,11 @@ where } } + pub fn branch(mut self, branch: Option>) -> Self { + self.walker = self.walker.branch(branch); + self + } + pub fn path(mut self, path: Option>) -> Self { self.walker = self.walker.path(path); self diff --git a/server/src/sample_data.rs b/server/src/sample_data.rs index 5e39cef64..7d29fcd09 100644 --- a/server/src/sample_data.rs +++ b/server/src/sample_data.rs @@ -1,11 +1,12 @@ -use std::collections::HashSet; -use std::time::Duration; +use std::{collections::HashSet, time::Duration}; use trustify_common::config::Database; -use trustify_module_importer::model::{ - CommonImporter, CsafImporter, CveImporter, ImporterConfiguration, OsvImporter, SbomImporter, - DEFAULT_SOURCE_CVEPROJECT, +use trustify_module_importer::{ + model::{ + CommonImporter, CsafImporter, CveImporter, ImporterConfiguration, OsvImporter, + SbomImporter, DEFAULT_SOURCE_CVEPROJECT, + }, + service::{Error, ImporterService}, }; -use trustify_module_importer::service::{Error, ImporterService}; use url::Url; async fn add( @@ -27,6 +28,7 @@ async fn add_osv( name: &str, source: &str, base: Option<&str>, + branch: Option<&str>, description: &str, ) -> anyhow::Result<()> { add( @@ -40,6 +42,7 @@ async fn add_osv( labels: Default::default(), }, source: source.to_string(), + branch: branch.map(ToString::to_string), path: base.map(|s| s.into()), }), ) @@ -136,6 +139,7 @@ pub async fn sample_data(db: trustify_common::db::Database) -> anyhow::Result<() "osv-pypa", "https://github.com/pypa/advisory-database", Some("vulns"), + None, "Python Packaging Advisory Database", ) .await?; @@ -145,6 +149,7 @@ pub async fn sample_data(db: trustify_common::db::Database) -> anyhow::Result<() "osv-psf", "https://github.com/psf/advisory-database", Some("advisories"), + None, "Python Software Foundation Advisory Database", ) .await?; @@ -154,6 +159,7 @@ pub async fn sample_data(db: trustify_common::db::Database) -> anyhow::Result<() "osv-r", "https://github.com/RConsortium/r-advisory-database", Some("vulns"), + None, "RConsortium Advisory Database", ) .await?; @@ -163,9 +169,20 @@ pub async fn sample_data(db: trustify_common::db::Database) -> anyhow::Result<() "osv-oss-fuzz", "https://github.com/google/oss-fuzz-vulns", Some("vulns"), + None, "OSS-Fuzz vulnerabilities", ) .await?; + add_osv( + &importer, + "osv-rustsec", + "https://github.com/rustsec/advisory-db", + Some("crates"), + Some("osv"), + "RustSec Advisory Database", + ) + .await?; + Ok(()) }