fabric8-analytics · anuragtr · Mar 20, 2019 · samuzzal-choudhury · Apr 2, 2019 · anuragtr
diff --git a/src/rest_api.py b/src/rest_api.py
@@ -13,6 +13,7 @@
 from repo_dependency_creator import RepoDependencyCreator
 from notification.user_notification import UserNotification
 from fabric8a_auth.errors import AuthError
+import re
 
 
 app = Flask(__name__)
@@ -380,6 +381,67 @@ def get_stacks_report(report):
     return flask.jsonify(_s3_helper.get_object_content(report))
 
 
+@app.route('/api/v1/cve-report/list/<frequency>', methods=['GET'])
+def list_cve_reports(frequency='weekly'):
+    """
+    Endpoint to fetch the list of generated cve reports.
+    The list is fetched based on the frequency which is either weekly or monthly.
+    'fromdate' and 'todate' can be given as query params to filter the list
+    """
+    lower = request.args.get('fromdate')
+    upper = request.args.get('todate')
+    cve_list = _s3_helper.list_cve_objects(frequency)
+    cve_list_filtered = {'objects': []}
+
+    if request.args.get('fromdate') is not None:
+        for i in cve_list['objects']:
+            if ((float(re.sub("[^0-9]", "", lower)) <= float(re.sub("[^0-9]", "", i))) &
+                    (float(re.sub("[^0-9]", "", i)) <= float(re.sub("[^0-9]", "", upper)))):
+                cve_list_filtered['objects'].append(i)
+        return flask.jsonify(cve_list_filtered)
+    else:
+        return flask.jsonify(cve_list)
+
+
+@app.route('/api/v1/cve-report/report/<path:report>', methods=['GET'])
+def get_cve_report(report):
+    """
+    Endpoint to retrieve a generated cve report.
+    A report matching with the filename retrieved using the /cve-report/list/{frequency} will be returned.
+    """
+    return flask.jsonify(_s3_helper.get_object_content(report))
+
+
+@app.route('/api/v1/epv-report/list', methods=['GET'])
+def list_epv_reports():
+    """
+    Endpoint to fetch the list of generated epv reports.
+    'fromdate' and 'todate' can be given as query params to filter the list
+    """
+    lower = request.args.get('fromdate')
+    upper = request.args.get('todate')
+    epv_list = _s3_helper.list_epv_objects()
+    epv_list_filtered = {'objects': []}
+
+    if request.args.get('fromdate') is not None:
+        for i in epv_list['objects']:
+            if ((float(re.sub("[^0-9]", "", lower)) <= float(re.sub("[^0-9]", "", i))) &
+                    (float(re.sub("[^0-9]", "", i)) <= float(re.sub("[^0-9]", "", upper)))):
+                epv_list_filtered['objects'].append(i)
+        return flask.jsonify(epv_list_filtered)
+    else:
+        return flask.jsonify(epv_list)
+
+
+@app.route('/api/v1/epv-report/report/<path:report>', methods=['GET'])
+def get_epv_report(report):
+    """
+    Endpoint to retrieve a generated epv report.
+    A report matching with the filename retrieved using the /epv-report/list will be returned.
+    """
+    return flask.jsonify(_s3_helper.get_object_content(report))
+
+
 @app.route('/api/v1/stacks-report/compare', methods=['GET'])
 def compare_stacks_report():
     """

diff --git a/src/utils.py b/src/utils.py
@@ -106,6 +106,24 @@ def get_object_content(self, object_name):
             raise e
         return result
 
+    def list_cve_objects(self, frequency='weekly'):
+        """Fetch the list of cve objects found on the S3 bucket."""
+        prefix = '{dp}/ingestion-data/cve/{freq}'.format(dp=self.deployment_prefix, freq=frequency)
+        res = {'objects': []}
+        for obj in self.s3_bucket_obj.objects.filter(Prefix=prefix):
+            if os.path.basename(obj.key) != '':
+                res['objects'].append(obj.key)
+        return res
+
+    def list_epv_objects(self):
+        """Fetch the list of epv objects found on the S3 bucket."""
+        prefix = '{dp}/ingestion-data/epv'.format(dp=self.deployment_prefix)
+        res = {'objects': []}
+        for obj in self.s3_bucket_obj.objects.filter(Prefix=prefix):
+            if os.path.basename(obj.key) != '':
+                res['objects'].append(obj.key)
+        return res
+
 
 _s3_helper = S3Helper()
 

diff --git a/swagger.yaml b/swagger.yaml
@@ -240,6 +240,128 @@ paths:
             $ref: '#/definitions/ComparisonReport'
         '404':
           description: No comparison data could be found
+  /cve-report/list/{frequency}:
+    get:
+      tags:
+        - CVE Aggregated Reports
+      summary: Lists the available CVE reports.
+      description: >
+        Lists the available CVE reports that have been generated. The frequency of these generated reports are daily, weekly and monthly.
+        For listing daily reports call `cve-report/list/daily`; similarly for weekly and monthly.
+        Also filters out and lists CVE reports by date.
+        For filtering daily reports between 2 dates call 'cve-report/list/daily?fromdate=2019-01-01&todate=2019-04-01'; similarly for weekly and monthly.
+      operationId: f8a_scanner.api_v1.cve_list_reports
+      produces:
+        - application/json
+      parameters:
+        - name: frequency
+          in: path
+          description: frequency of the report
+          required: true
+          type: string
+        - name: fromdate
+          in: query
+          description: reports filtered on or after this date
+          required: false
+          type: string
+        - name: todate
+          in: query
+          description: reports filtered on or before this date
+          required: false
+          type: string
+      responses:
+        '200':
+          description: Listing successful
+          schema:
+            $ref: '#/definitions/CVEReportsList'
+        '404':
+          description: No listing available
+  /epv-report/list:
+    get:
+      tags:
+        - EPV Aggregated Reports
+      summary: Lists the available EPV reports.
+      description: >
+        Lists the available EPV reports that have been generated. The frequency of these generated reports are daily.
+        For listing reports call `epv-report/list`.
+        Also filters out and lists EPV reports by date.
+        For filtering reports between 2 dates call 'epv-report/list?fromdate=2018-12-31&todate=2019-04-01'.
+      operationId: f8a_scanner.api_v1.epv_list_reports
+      produces:
+        - application/json
+      parameters:
+        - name: frequency
+          in: path
+          description: frequency of the report
+          required: true
+          type: string
+        - name: fromdate
+          in: query
+          description: reports filtered on or after this date
+          required: false
+          type: string
+        - name: todate
+          in: query
+          description: reports filtered on or before this date
+          required: false
+          type: string
+      responses:
+        '200':
+          description: Listing successful
+          schema:
+            $ref: '#/definitions/EPVReportsList'
+        '404':
+          description: No listing available
+  /cve-report/report/{report-name}:
+    get:
+      tags:
+        - CVE Aggregated Reports
+      summary: The CVE analyses aggregation report
+      description: >
+        Retrieves the aggregated CVE report.
+        Usage: '/cve-report/report/Dir1/Dir2/2019-01-14.json' where '/Dir1/Dir2' is the path in S3 bucket
+        and '2019-01-14.json' is the filename.
+      operationId: f8a_scanner.api_v1.cve_report_name
+      produces:
+        - application/json
+      parameters:
+        - name: report-name
+          in: path
+          description: Name of CVE report to be retrieved
+          required: true
+          type: string
+      responses:
+        '200':
+          description: Report available for viewing
+          schema:
+            $ref: '#/definitions/CVEReport'
+        '404':
+          description: No repo
+  /epv-report/report/{report-name}:
+    get:
+      tags:
+        - EPV Aggregated Reports
+      summary: The EPV analyses aggregation report
+      description: >
+        Retrieves the aggregated EPV report.
+        Usage: '/epv-report/report/Dir1/Dir2/2019-01-21.json' where '/Dir1/Dir2' is the path in S3 bucket
+        and '2019-01-21.json' is the filename.
+      operationId: f8a_scanner.api_v1.epv_report_name
+      produces:
+        - application/json
+      parameters:
+        - name: report-name
+          in: path
+          description: Name of EPV report to be retrieved
+          required: true
+          type: string
+      responses:
+        '200':
+          description: Report available for viewing
+          schema:
+            $ref: '#/definitions/EPVReport'
+        '404':
+          description: No repo
 definitions:
   ComparisonReport:
     title: Comparison Report
@@ -347,6 +469,36 @@ definitions:
         type: array
         items:
           type: string
+  CVEReportsList:
+    title: CVE Analyses Reports List
+    description: List of all CVE analyses aggregation reports
+    properties:
+      cve_report_list:
+        type: array
+        items:
+          type: string
+  EPVReportsList:
+    title: EPV Analyses Reports List
+    description: List of all EPV analyses aggregation reports
+    properties:
+      epv_report_list:
+        type: array
+        items:
+          type: string
+  CVEReport:
+    title: CVE analyses report
+    description: CVE analyses detailed report for a particular frequency, that is, either daily, weekly or monthly
+    properties:
+      cve_report:
+        type: object
+        description: CVE report details
+  EPVReport:
+    title: EPV analyses report
+    description: EPV analyses detailed report for a particular frequency, daily as of now
+    properties:
+      epv_report:
+        type: object
+        description: EPV report details
   StacksReport:
     title: Stack analyses report
     description: Staack analyses detailed report for a particular frequency, that is, either weekly or monthly