search

openshift-eng / elliott

Apache License 2.0
15 stars 28 forks source link

attach-cve-flaws: fix CVEs not associated error #426

Closed vfreex closed 2 years ago

vfreex commented 2 years ago

There is an issue with the order of converting RHBA to RHSA and associating CVEs with builds. We need to do it in the correct order and ensure that the association for JIRA bugs and bugzilla bugs don't override each other.

https://saml.buildvm.hosts.prod.psi.bos.redhat.com:8888/job/aos-cd-builds/job/build%252Fprepare-release/481/console

2022-09-15 06:41:40,996 ERROR Traceback (most recent call last):
  File "/mnt/workspace/jenkins/working/_cd-builds_build_prepare-release/art-tools/elliott/elliottlib/cli/attach_cve_flaws_cli.py", line 128, in get_flaws
    await associate_builds_with_cves(errata_api, advisory, attached_tracker_bugs, tracker_flaws, flaw_id_bugs, noop)
  File "/mnt/workspace/jenkins/working/_cd-builds_build_prepare-release/art-tools/elliott/elliottlib/cli/attach_cve_flaws_cli.py", line 165, in associate_builds_with_cves
    await AsyncErrataUtils.associate_builds_with_cves(errata_api, advisory.errata_id, attached_builds, cve_components_mapping, dry_run=dry_run)
  File "/mnt/workspace/jenkins/working/_cd-builds_build_prepare-release/art-tools/elliott/elliottlib/errata_async.py", line 144, in associate_builds_with_cves
    raise ValueError(f"The following CVEs are not associated with advisory {advisory_id}: {', '.join(sorted(extra_cves))}")
ValueError: The following CVEs are not associated with advisory 101901: CVE-2022-34177, CVE-2022-36881
openshift-bot commented 2 years ago

Build #1

GLOB sdist-make: /mnt/workspace/jenkins/working/art-tools_elliott_PR-426/setup.py
py38 create: /mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38
py38 installdeps: -rrequirements-dev.txt
py38 inst: /mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/.tmp/package/1/rh-elliott-2.0.14.dev123+gefdbfd4.zip
py38 installed: aiodns==3.0.0,aiohttp==3.8.1,aiosignal==1.2.0,astroid==2.12.9,async-timeout==4.0.2,attrs==22.1.0,Brotli==1.0.9,cchardet==2.1.7,certifi==2022.9.14,cffi==1.15.1,charset-normalizer==2.1.1,click==8.1.3,coverage==6.4.4,cryptography==38.0.1,decorator==5.1.1,defusedxml==0.7.1,dill==0.3.5.1,distlib==0.3.6,errata-tool @ git+http://github.com/thegreyd/errata-tool.git@bad2cb9c3321a1179f018cd9ddcf1d51d634290b,filelock==3.8.0,flake8==5.0.4,flexmock==0.11.3,frozenlist==1.3.1,future==0.18.2,gssapi==1.8.1,idna==3.4,importlib-metadata==4.12.0,iniconfig==1.1.1,isort==5.10.1,jaraco.classes==3.2.2,jeepney==0.8.0,jira==3.2.0,jsonpath-rw==1.4.0,keyring==23.9.1,koji==1.30.0,krb5==0.4.0,lazy-object-proxy==1.7.1,mccabe==0.7.0,mock==4.0.3,more-itertools==8.14.0,multidict==6.0.2,mypy==0.971,mypy-extensions==0.4.3,oauthlib==3.2.1,packaging==21.3,platformdirs==2.5.2,pluggy==1.0.0,ply==3.11,py==1.11.0,pycares==4.2.2,pycodestyle==2.9.1,pycparser==2.21,pyflakes==2.5.0,pygit2==1.10.1,pylint==2.15.2,pyparsing==3.0.9,pyspnego==0.6.0,pytest==7.1.3,python-bugzilla==3.2.0,python-dateutil==2.8.2,PyYAML==6.0,requests==2.28.1,requests-gssapi==1.2.3,requests-kerberos==0.14.0,requests-oauthlib==1.3.1,requests-toolbelt==0.9.1,rh-elliott @ file:///mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/.tmp/package/1/rh-elliott-2.0.14.dev123%2Bgefdbfd4.zip,ruamel.yaml==0.17.21,ruamel.yaml.clib==0.2.6,SecretStorage==3.3.3,semver==2.13.0,setuptools-scm==7.0.5,six==1.16.0,tenacity==8.0.1,tomli==2.0.1,tomlkit==0.11.4,tox==3.26.0,typing_extensions==4.3.0,urllib3==1.26.12,virtualenv==20.16.5,wrapt==1.14.1,yarl==1.8.1,zipp==3.8.1
py38 run-test-pre: PYTHONHASHSEED='1397127421'
py38 run-test: commands[0] | coverage run --branch --source elliottlib -m unittest discover -t . -s tests/
........E......................................BZ 9 is ignored because its status was MODIFIED at the moment of sweep cutoff (2021-06-30 12:30:00), however its status changed back to ['ASSIGNED'] afterwards
.................No flaw bugs could be found for these trackers: {'OCPBUGS-2'}
...changed 123 from status1 to status2
.123 is already on status1
.changed 123 from status1 to status2
..changed 123 from status1 to status2
.123 is already on status1
.changed 123 from status1 to status2
................../mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/lib64/python3.8/site-packages/aiohttp/connector.py:771: DeprecationWarning: The object should be created within an async function
  super().__init__(
/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/lib64/python3.8/site-packages/aiohttp/connector.py:782: DeprecationWarning: The object should be created within an async function
  resolver = DefaultResolver(loop=self._loop)
........./mnt/workspace/jenkins/working/art-tools_elliott_PR-426/elliottlib/errata_async.py:42: RuntimeWarning: coroutine 'AsyncMockMixin._execute_mock_call' was never awaited
  resp.raise_for_status()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
....................................../usr/lib64/python3.8/multiprocessing/pool.py:265: ResourceWarning: unclosed running multiprocessing pool <multiprocessing.pool.ThreadPool state=RUN pool_size=10>
  _warn(f"unclosed running multiprocessing pool {self!r}",
ResourceWarning: Enable tracemalloc to get the object allocation traceback
..................Retrieving bugs for advisories: ['123', '145']
./mnt/workspace/jenkins/working/art-tools_elliott_PR-426/elliottlib/errata_async.py:19: DeprecationWarning: The object should be created within an async function
  self._session = aiohttp.ClientSession(connector=aiohttp.TCPConnector(limit=32, force_close=True))
/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/lib64/python3.8/site-packages/aiohttp/cookiejar.py:67: DeprecationWarning: The object should be created within an async function
  super().__init__(loop=loop)
/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/lib64/python3.8/site-packages/aiohttp/client.py:341: ResourceWarning: Unclosed client session <aiohttp.client.ClientSession object at 0x7f557c5f5e80>
  _warnings.warn(
ResourceWarning: Enable tracemalloc to get the object allocation traceback
Unclosed client session
client_session: <aiohttp.client.ClientSession object at 0x7f557c5f5e80>
.....
======================================================================
ERROR: test_associate_builds_with_cves_bz (tests.test_attach_cve_flaws_cli.TestAttachCVEFlawsCLI)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/lib/python3.8/site-packages/mock/mock.py", line 1346, in patched
    return func(*newargs, **newkeywargs)
  File "/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/tests/test_attach_cve_flaws_cli.py", line 100, in test_associate_builds_with_cves_bz
    actual = get_event_loop().run_until_complete(attach_cve_flaws_cli.associate_builds_with_cves(errata_api, advisory, attached_tracker_bugs, tracker_flaws, flaw_id_bugs, dry_run=False))
  File "/usr/lib64/python3.8/asyncio/base_events.py", line 616, in run_until_complete
    return future.result()
  File "/mnt/workspace/jenkins/working/art-tools_elliott_PR-426/elliottlib/cli/attach_cve_flaws_cli.py", line 153, in associate_builds_with_cves
    component_name = tracker.whiteboard_component
AttributeError: 'int' object has no attribute 'whiteboard_component'

----------------------------------------------------------------------
Ran 161 tests in 0.758s

FAILED (errors=1)
Blocking bugs for next target release (4.7): ['OCPBUGS-4', 1]
ERROR: InvocationError for command /mnt/workspace/jenkins/working/art-tools_elliott_PR-426/.tox/py38/bin/coverage run --branch --source elliottlib -m unittest discover -t . -s tests/ (exited with code 1)
___________________________________ summary ____________________________________
ERROR:   py38: commands failed
locriandev commented 2 years ago

/lgtm