Skip to content

Commit

Permalink
Add doc tests on CI and fix linter errors
Browse files Browse the repository at this point in the history
Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
  • Loading branch information
AyanSinhaMahapatra committed Aug 12, 2021
1 parent f9dd3e2 commit f4b04a6
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 24 deletions.
36 changes: 36 additions & 0 deletions .github/workflows/docs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: CI Documentation

on: [push, pull_request]

jobs:
build:
runs-on: ubuntu-20.04

strategy:
max-parallel: 4
matrix:
python-version: [3.7]

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}

- name: Give permission to run scripts
run: chmod +x ./docs/scripts/doc8_style_check.sh

- name: Install Dependencies
working-directory: ./docs
run: pip install -r requirements.txt

- name: Check Sphinx Documentation build minimally
working-directory: ./docs
run: sphinx-build -E source build

- name: Check for documentation style errors
working-directory: ./docs
run: ./scripts/doc8_style_check.sh
Empty file modified docs/scripts/doc8_style_check.sh
100644 → 100755
Empty file.
13 changes: 7 additions & 6 deletions docs/source/getting-started/docker_installation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,8 @@ Run your image as a container
At this point, the VulnerableCode app should be running at port ``8000`` on your Docker host.
Go to http://localhost:8000/ on a web browser to access the web UI.
Optionally, you can set ``NGINX_PORT`` environment variable in your shell or in the `.env` file to run on a different port than 8000.
Optionally, you can set ``NGINX_PORT`` environment variable in your shell or in the `.env` file
to run on a different port than 8000.

.. note::

Expand All @@ -58,17 +59,17 @@ Optionally, you can set ``NGINX_PORT`` environment variable in your shell or in
.. warning::

Serving VulnerableCode on a network could lead to security issues and there
are several steps that may be needed to secure such a deployment.
are several steps that may be needed to secure such a deployment.
Currently, this is not recommendend.


Invoke the importers
--------------------

Connect to the Docker container ``bash``.
From here you can access ``manage.py`` and run management commands
to import data as specified in the `Data import <../README.rst#data-import>`_ section and run commands
for the importers from there
Connect to the Docker container ``bash``.
From here you can access ``manage.py`` and run management commands
to import data as specified in the `Data import <../README.rst#data-import>`_ section and
run commands for the importers from there

For example:

Expand Down
2 changes: 1 addition & 1 deletion docs/source/getting-started/sources.rst
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Vulneribility Sources
=====================

.. include:: ../../../SOURCES.rst
.. include:: ../../../SOURCES.rst
34 changes: 17 additions & 17 deletions docs/source/how-to-guides/add_new_importer.rst
Original file line number Diff line number Diff line change
Expand Up @@ -43,15 +43,15 @@ The Building Blocks A.K.A Prerequisites
reference_id: str = ""
url: str = ""
severities: List[VulnerabilitySeverity] = dataclasses.field(default_factory=list)
Steps to build an Importer
--------------------------

* **Register an Importer:**

To do this go to ``vulnerabilites/importer_yielder.py``, in the ``IMPORTER_REGISTRY``
list add a dictionary with following data
list add a dictionary with following data

.. code:: python
Expand All @@ -63,7 +63,7 @@ list add a dictionary with following data
'data_source_cfg': {},
}
**Don't forget to replace <your_importer_name> and <your_data_source_name> with
appropriate strings**

Expand All @@ -72,7 +72,7 @@ If you know the license of the data you are importing, assign the license field
equal to the license of the data in the ``add_<your_importer_name>_importer``
method of the migration script.

* **Create a data source** :
* **Create a data source** :

- Go to ``vulnerabilities/importers`` , create a python script, let's call it ``my_importer.py``

Expand All @@ -83,25 +83,25 @@ method of the migration script.
.. code:: python
from typing import Set
from packageurl import PackageURL
import requests
from vulnerabilities.data_source import Advisory
from vulnerabilities.data_source import DataSource
class ExampleDataSource(DataSource):
#This method must be implemented
def updated_advisories(self)-> Set[Advisory]:
raw_data = self.fetch()
advisories = self.to_advisories(raw_data)
return self.batch_advisories(advisories)
#Optional Method, but it is recommended to have fetching separated
#Optional Method, but it is recommended to have fetching separated
def fetch(self):
return requests.get("http://examplesecurity.org/api/json").json()
#Optional Method
#Optional Method
@staticmethod
def to_advisories(json_response:dict) -> Set[Advisory]:
advisories = []
Expand All @@ -113,18 +113,18 @@ method of the migration script.
cve_id = entry['cve_id']
safe_purls ={ PackageURL(name=pkg_name,
type=pkg_type,
version=version)
version=version)
for version in safe_pkg_versions}
vuln_purls= {PackageURL(name=pkg_name,
type=pkg_type,
version=version)
version=version)
for version in vuln_pkg_versions}
advisory = Advisory(vulnerability_id=cve_id,summary='',impacted_package_urls=vuln_purls,resolved_package_urls=safe_purls)
advisories.append(advisory)
return advisories
Finally register this ``ExampleDataSource`` in
``vulnerabilities/importers/__init__.py`` by adding the following line
Expand All @@ -138,4 +138,4 @@ Done, congrats on writing your new importer.Test it via
::

./manage.py migrate
./manage.py import my_importer
./manage.py import my_importer

0 comments on commit f4b04a6

Please sign in to comment.