diff --git a/docs/cmd/wolfictl_advisory_stream.md b/docs/cmd/wolfictl_advisory_move.md similarity index 71% rename from docs/cmd/wolfictl_advisory_stream.md rename to docs/cmd/wolfictl_advisory_move.md index f5c55c677..18f931719 100644 --- a/docs/cmd/wolfictl_advisory_stream.md +++ b/docs/cmd/wolfictl_advisory_move.md @@ -1,24 +1,27 @@ -## wolfictl advisory stream +## wolfictl advisory move -Start version streaming for a package by moving its advisories into a new package. +Move a package's advisories into a new package. -***Aliases**: stream* +***Aliases**: mv* ### Usage ``` -wolfictl advisory stream +wolfictl advisory move ``` ### Synopsis -Start version streaming for a package by moving its advisories into a new package. +Move a package's advisories into a new package. This command will move most advisories for the given package into a new package. And rename the package to the new package name. (i.e., from foo.advisories.yaml to foo-X.Y.advisories.yaml) If the target file already exists, the command will try to merge the advisories. To ensure the advisories are up-to-date, the command will start a scan for the new package. +This command is also useful to start version streaming for an existing package that has not been +version streamed before. Especially that requires manual intervention to move the advisories. + The command will move the latest event for each advisory, and will update the timestamp of the event to now. The command will not copy events of type "detection", "fixed", "analysis_not_planned", or "fix_not_planned". @@ -28,7 +31,7 @@ of the event to now. The command will not copy events of type "detection", "fixe ``` -d, --dir string directory containing the advisories to copy (default ".") - -h, --help help for stream + -h, --help help for move ``` ### Options inherited from parent commands diff --git a/docs/man/man1/wolfictl-advisory-stream.1 b/docs/man/man1/wolfictl-advisory-move.1 similarity index 68% rename from docs/man/man1/wolfictl-advisory-stream.1 rename to docs/man/man1/wolfictl-advisory-move.1 index c5f665764..51707f463 100644 --- a/docs/man/man1/wolfictl-advisory-stream.1 +++ b/docs/man/man1/wolfictl-advisory-move.1 @@ -1,21 +1,21 @@ -.TH "WOLFICTL\-ADVISORY\-STREAM" "1" "" "Auto generated by spf13/cobra" "" +.TH "WOLFICTL\-ADVISORY\-MOVE" "1" "" "Auto generated by spf13/cobra" "" .nh .ad l .SH NAME .PP -wolfictl\-advisory\-stream \- Start version streaming for a package by moving its advisories into a new package. +wolfictl\-advisory\-move \- Move a package's advisories into a new package. .SH SYNOPSIS .PP -\fBwolfictl advisory stream \fP +\fBwolfictl advisory move \fP .SH DESCRIPTION .PP -Start version streaming for a package by moving its advisories into a new package. +Move a package's advisories into a new package. .PP This command will move most advisories for the given package into a new package. And rename the @@ -23,6 +23,10 @@ package to the new package name. (i.e., from foo.advisories.yaml to foo\-X.Y.adv target file already exists, the command will try to merge the advisories. To ensure the advisories are up\-to\-date, the command will start a scan for the new package. +.PP +This command is also useful to start version streaming for an existing package that has not been +version streamed before. Especially that requires manual intervention to move the advisories. + .PP The command will move the latest event for each advisory, and will update the timestamp of the event to now. The command will not copy events of type "detection", "fixed", @@ -36,7 +40,7 @@ of the event to now. The command will not copy events of type "detection", "fixe .PP \fB\-h\fP, \fB\-\-help\fP[=false] - help for stream + help for move .SH OPTIONS INHERITED FROM PARENT COMMANDS diff --git a/pkg/cli/advisory.go b/pkg/cli/advisory.go index 4d187bed9..d55eb04b0 100644 --- a/pkg/cli/advisory.go +++ b/pkg/cli/advisory.go @@ -48,7 +48,7 @@ func cmdAdvisory() *cobra.Command { cmdAdvisorySecDB(), cmdAdvisoryUpdate(), cmdAdvisoryValidate(), - cmdAdvisoryStream(), + cmdAdvisoryMove(), ) return cmd diff --git a/pkg/cli/advisory_stream.go b/pkg/cli/advisory_move.go similarity index 78% rename from pkg/cli/advisory_stream.go rename to pkg/cli/advisory_move.go index fd7e14ad2..fe004c819 100644 --- a/pkg/cli/advisory_stream.go +++ b/pkg/cli/advisory_move.go @@ -2,7 +2,6 @@ package cli import ( "fmt" - "regexp" "strings" "github.com/spf13/cobra" @@ -10,19 +9,22 @@ import ( rwos "github.com/wolfi-dev/wolfictl/pkg/configs/rwfs/os" ) -func cmdAdvisoryStream() *cobra.Command { +func cmdAdvisoryMove() *cobra.Command { var dir string cmd := &cobra.Command{ - Use: "stream ", - Aliases: []string{"stream"}, - Short: "Start version streaming for a package by moving its advisories into a new package.", - Long: `Start version streaming for a package by moving its advisories into a new package. + Use: "move ", + Aliases: []string{"mv"}, + Short: "Move a package's advisories into a new package.", + Long: `Move a package's advisories into a new package. This command will move most advisories for the given package into a new package. And rename the package to the new package name. (i.e., from foo.advisories.yaml to foo-X.Y.advisories.yaml) If the target file already exists, the command will try to merge the advisories. To ensure the advisories are up-to-date, the command will start a scan for the new package. +This command is also useful to start version streaming for an existing package that has not been +version streamed before. Especially that requires manual intervention to move the advisories. + The command will move the latest event for each advisory, and will update the timestamp of the event to now. The command will not copy events of type "detection", "fixed", "analysis_not_planned", or "fix_not_planned". @@ -36,10 +38,6 @@ of the event to now. The command will not copy events of type "detection", "fixe have = strings.TrimSuffix(have, ".advisories.yaml") want = strings.TrimSuffix(want, ".advisories.yaml") - if err := checkPackageHasVersionStreamSuffix(want); err != nil { - return err - } - advisoryFsys := rwos.DirFS(dir) advisoryCfgs, err := v2.NewIndex(ctx, advisoryFsys) if err != nil { @@ -71,8 +69,7 @@ of the event to now. The command will not copy events of type "detection", "fixe havePath := have + ".advisories.yaml" wantPath := want + ".advisories.yaml" - // If automation already created the new advisory file before manual version streaming, - // respect the existing file and merge the advisories to it. + // If the new file already exists, merge the old advisories to it and re-create. if shouldMergeExistings { newDoc := newEntry.Configuration() @@ -102,16 +99,6 @@ of the event to now. The command will not copy events of type "detection", "fixe return cmd } -// checkPackageHasVersionStreamSuffix ensures the package name has the "-X" or "-X.Y" suffix. -// X and Y are positive integers. -func checkPackageHasVersionStreamSuffix(pkg string) error { - re := regexp.MustCompile(`-\d+(\.\d+)?$`) - if re.MatchString(pkg) { - return nil - } - return fmt.Errorf("new package name %q does not have the version stream suffix", pkg) -} - // mergeExistingAdvisories merges the current advisories with the existing advisories. func mergeExistingAdvisories(current, existing v2.Advisories) v2.Advisories { res := make(v2.Advisories, 0, len(current)+len(existing))