Author: lkundrak

Update of /cvs/fedora/fedora-security/tools/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23949/scripts

Modified Files: Tag: lkundrak-tools-ng add-tracking-bugs Log Message: Finally commiting the splitoff of the tracking bug routines to the library 12:17 <thoger> kto necommituje, bude pocas dlhych zimnych vecerov riesit konflikty... And hopefuly merging in tomas' change... :}

Index: add-tracking-bugs =================================================================== RCS file: /cvs/fedora/fedora-security/tools/scripts/Attic/add-tracking-bugs,v retrieving revision 1.1.2.2 retrieving revision 1.1.2.3 diff -u -r1.1.2.2 -r1.1.2.3 --- add-tracking-bugs 7 Jan 2008 16:52:18 -0000 1.1.2.2 +++ add-tracking-bugs 9 Jan 2008 21:42:38 -0000 1.1.2.3 @@ -21,72 +21,11 @@

use Libexig::Util; use Libexig::Bugzilla; +use Libexig::Fedora;

use warnings; use strict;

-my $comment_head = - 'This is an automatically created tracking bug! '. - 'It was created to ensure that one or more security '. - 'vulnerabilities are fixed in all affected branches.'. - "\n\n". - 'You should *not* refer to this bug publicly, as it is a '. - 'private "Fedora Project Contributors" bug.'. - "\n\n". - 'For comments that are specific to the vulnerability please use bugs '. - 'filed against "Security Response" product referenced in "Blocks" '. - 'field.'. - "\n\n"; - -my $comment_tail = - 'For more information see: '. - 'http://fedoraproject.org/wiki/Security/TrackingBugs'; - -my $comment_update = - # Following the list of parent bugs - "\n". - 'When creating an update for the version this this bug is reported '. - 'against please include the bug IDs of respective bugs filed '. - 'against "Security Response" product as well as of this bug and let the '. - 'update system close them. Please '. - 'note that the update announcement will (and should) contain only '. - 'references to "Security Response" bugs as long as the tracking '. - 'bug is restricted to "Fedora Project Contributors".'. - "\n\n"; - -my $comment_rawhide = - "\n". - 'Please close this bug with RAWHIDE (referencing appropriate N-V-R in '. - 'Fixed In field if possible) once is it fixed in devel branch. '. - 'Do *not* include the bug id of this bug in the RPM changelog and the '. - 'commit message.'. - "\n\n"; - - -my %impact = ( - 'urgent', => 4, - 'high', => 3, - 'medium', => 2, - 'low' => 1, -); - -# Valid versions -my %versions = ( - '6', => '6', - 'f6', => '6', - 'fc6', => '6', - '7', => '7', - 'f7', => '7', - 'fc7', => '7', - '8', => '8', - 'f8', => '8', - 'fc8', => '8', - '9', => 'rawhide', - 'f9', => 'rawhide', - 'fc9', => 'rawhide', - 'devel', => 'rawhide', -); - # Command line options my (@bugs, @versions, $dryrun, $debug, $username, $password, $component); @@ -115,14 +54,17 @@

$options{'versions'} or die 'versions argument is mandatory'; @versions = split (/,/, $options{'versions'}); -$versions{$_} or die "Invalid version: $_" foreach (@versions); +#XXX +##$versions{$_} or die "Invalid version: $_" foreach (@versions);

$component = $options{'component'} or die 'component argument is mandatory'; $dryrun = ($options{'dryrun'} or 0); $debug = ($options{'debug'} or 0); $username = ($options{'username'} or $ENV{'LOGNAME'}.'@redhat.com'); -$password = ($options{'password'} or $dryrun or - read_noecho ("Bugzilla password for $username: ")); +$password = ($options{'password'} or read_noecho ("Bugzilla password for $username: ")) + unless $dryrun; + +$dryrun = 1;

my $bugzilla = new Libexig::Bugzilla ({ 'username' => $username, @@ -133,92 +75,10 @@

# Get parent bugs

-my $bugs = $bugzilla->get_bugs (@bugs, ['alias','keywords','priority','bug_id', 'bug_severity', 'short_short_desc']); -print Dumper ($bugs) if $debug; - -# Construct a tracking bug template - -my %bug_tmpl = ( - 'bug_file_loc' => 'http://fedoraproject.org/wiki/Security/TrackingBugs', - 'rep_platform' => 'All', - 'op_sys' => 'Linux', - 'short_desc' => '', - 'keywords' => 'Security', - 'product' => 'Fedora', - 'comment' => $comment_head, - 'component' => $component, - 'bug_severity' => 'low', - 'priority' => 'low', - 'bit-58' => '1', # Fedora Project Contributors -); - -foreach my $bug (@{$bugs}) { - - # Take the highest of priorities - $bug_tmpl{'bug_severity'} = $bug->{'bug_severity'} - if ($impact{$bug->{'bug_severity'}} > $impact{$bug_tmpl{'bug_severity'}}); - $bug_tmpl{'priority'} = $bug->{'priority'} - if ($impact{$bug->{'priority'}} > $impact{$bug_tmpl{'priority'}}); - - # This will be overwriten if we block just one parent bug - $bug_tmpl{'short_desc'} .= $bug->{'alias'}.' '; - - # Add the parent bug to the comment - $bug_tmpl{'comment'} .= "\tbug #$bug->{'bug_id'}: $bug->{'short_short_desc'}\n"; -} - -if ($#bugs) { - $bug_tmpl{'short_desc'} .= "Multiple $component vulnerabilities"; -} else { - $bug_tmpl{'short_desc'} = $bugs->[0]->{'short_short_desc'}; -} - -# File for each version - -my $comment = "Created Fedora tracking bugs for $component:\n\n"; - -foreach my $version (@versions) { - my %bug = %bug_tmpl; - $bug{'short_desc'} .= " [Fedora $versions{$version}]"; - $bug{'version'} = $versions{$version}; - - if ($bug{'version'} eq 'rawhide') { - $bug{'comment'} .= $comment_rawhide; - } else { - $bug{'comment'} .= $comment_update; - } - - $bug{'comment'} .= $comment_tail; - - print Dumper (%bug) if $debug; - my $bug_id = $bugzilla->file_bug (%bug); - - if ($bug{'version'} ne 'rawhide') { - my $tr_comment = - 'You can eventually use the following link to '. - 'create the update request: '."\n". - 'https://admin.fedoraproject.org/updates/new/'. - '?request=Stable'. - '&type=security'. - '&release=Fedora%20'.$bug{'version'}. - '&bugs='.$bug_id; - - foreach my $bug (@{$bugs}) { - $tr_comment .= ','.$bug->{'bug_id'}; - } - - # XXX: public - $bugzilla->add_private_comment ($bug_id, $tr_comment); - } +my $parent_bugs = $bugzilla->get_bugs (@bugs, ['alias','keywords','priority','bug_id', 'bug_severity', 'short_short_desc']); +print Dumper ($parent_bugs) if $debug;

- $bugzilla->add_blockers ($bug_id, @bugs); - $comment .= $bug{'version'}.": bug #$bug_id\n"; -} - -# Add comment to original bugs - -foreach my $bug (@bugs) { - $bugzilla->add_private_comment ($bug, $comment); -} +my $tracking_bugs = Libexig::Fedora::tracking_bugs ($parent_bugs, $component, @versions);

-print STDERR $comment; +use Data::Dumper; +print Dumper ($tracking_bugs);