Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix fw security #4312

Closed
wants to merge 3 commits into from
Closed

Fix fw security #4312

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d91b4f6
fix: json ParseException in FwupdagentSecurity
JoySnow Dec 18, 2024
175ad36
fix: remove the collection of unsed spec fw_devices
JoySnow Dec 18, 2024
198093c
pytest error fix
JoySnow Dec 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion insights/collect.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@
- name: insights.combiners.sap.Sap
enabled: true

# needed for fw_devices and fw_security specs
# needed for fw_security specs
- name: insights.parsers.virt_what.VirtWhat
enabled: true
- name: insights.combiners.virt_what.VirtWhat
Expand Down
22 changes: 19 additions & 3 deletions insights/parsers/fwupdagent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,13 +123,21 @@ class FwupdagentDevices(CommandParser, JSONParser):
>>> len(devices["Devices"])
2
"""
pass
def _handle_content(self, context):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks not a good idea to cut the content in the _handle_content level. Why not re-implement it in parse_content?

# Find the actual json start line
# To skip the "INFO:", "WARNING:" lines at the top of the command output
index = 0
for idx, line in enumerate(context.content):
if line and line.strip().startswith('{'):
index = idx
break
self.parse_content(context.content[index:])


@parser(Specs.fw_security)
class FwupdagentSecurity(CommandParser, JSONParser):
"""
Class ``FwupdagentSecurity`` parses the output of the ``/bin/fwupdagent get-devices`` command.
Class ``FwupdagentSecurity`` parses the output of the ``/bin/fwupdagent security --force`` command.

Attributes:
data (dict): The parsed output of the command.
Expand Down Expand Up @@ -164,4 +172,12 @@ class FwupdagentSecurity(CommandParser, JSONParser):
>>> len(security["HostSecurityAttributes"])
2
"""
pass
def _handle_content(self, context):
# Find the actual json start line
# To skip the "INFO:", "WARNING:" lines at the top of the command output
index = 0
for idx, line in enumerate(context.content):
if line and line.strip().startswith('{'):
index = idx
break
self.parse_content(context.content[index:])
1 change: 0 additions & 1 deletion insights/specs/default.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -356,7 +356,6 @@ class DefaultSpecs(Specs):
firewalld_conf = simple_file("/etc/firewalld/firewalld.conf")
foreman_production_log = simple_file("/var/log/foreman/production.log")
fstab = simple_file("/etc/fstab")
fw_devices = simple_command("/bin/fwupdagent get-devices", deps=[IsBareMetal])
xiangce marked this conversation as resolved.
Show resolved Hide resolved
fw_security = simple_command("/bin/fwupdagent security --force", deps=[IsBareMetal])
galera_cnf = first_file(
[
Expand Down
24 changes: 24 additions & 0 deletions insights/tests/parsers/test_fwupdagent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@
from insights.tests import context_wrap

DEVICES = """
INFO: The fwupdagent command is deprecated, use `fwupdmgr --json` instead
WARNING: UEFI firmware can not be updated in legacy BIOS mode
See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
{
"Devices" : [
{
Expand Down Expand Up @@ -103,7 +106,16 @@
}
"""

DEVICES_ERROR_1 = """
INFO: The fwupdagent command is deprecated, use `fwupdmgr --json` instead
WARNING: UEFI firmware can not be updated in legacy BIOS mode
See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
""".strip()

SECURITY = """
INFO: The fwupdagent command is deprecated, use `fwupdmgr --json` instead
WARNING: UEFI firmware can not be updated in legacy BIOS mode
See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
{
"HostSecurityAttributes" : [
{
Expand Down Expand Up @@ -150,6 +162,12 @@
This tool can be used from other tools and from shell scripts.
"""

SECURITY_ERROR_3 = """
INFO: The fwupdagent command is deprecated, use `fwupdmgr --json` instead
WARNING: UEFI firmware can not be updated in legacy BIOS mode
See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
""".strip()


def test_devices():
devices = FwupdagentDevices(context_wrap(DEVICES))
Expand All @@ -160,6 +178,9 @@ def test_devices():
assert devices["Devices"][1]["Name"] == "USB3.0 Hub"
assert devices["Devices"][1]["Version"] == "3.114"

with pytest.raises(ParseException):
FwupdagentDevices(context_wrap(DEVICES_ERROR_1))


def test_security():
security = FwupdagentSecurity(context_wrap(SECURITY))
Expand All @@ -175,6 +196,9 @@ def test_security():
with pytest.raises(ParseException):
FwupdagentSecurity(context_wrap(SECURITY_ERROR_2))

with pytest.raises(ParseException):
FwupdagentSecurity(context_wrap(SECURITY_ERROR_3))


def test_doc_examples():
env = {
Expand Down
Loading