Add -skip-broken option [CentOS only] #245

2016-11-07 21:22:38 +09:00
parent f95af9897b
commit 18a92fa1ca
5 changed files with 25 additions and 6 deletions
--- a/README.ja.md
+++ b/README.ja.md
@@ -614,6 +614,7 @@ scan:
                [-ignore-unscored-cves]
                [-ssh-external]
                [-containers-only]
+                [-skip-broken]
                [-report-azure-blob]
                [-report-json]
                [-report-mail]
@@ -686,6 +687,8 @@ scan:
        Write report to XML files ($PWDresults/current)
  -results-dir string
        /path/to/results (default "$PWD/results")
+  -skip-broken
+        [For CentOS] yum update changelog with --skip-broken option
  -ssh-external
        Use external ssh command. Default: Use the Go native implementation
 ```
--- a/README.md
+++ b/README.md
@@ -621,6 +621,7 @@ scan:
                [-ignore-unscored-cves]
                [-ssh-external]
                [-containers-only]
+                [-skip-broken]
                [-report-azure-blob]
                [-report-json]
                [-report-mail]
@@ -693,6 +694,8 @@ scan:
        Write report to XML files ($PWDresults/current)
  -results-dir string
        /path/to/results (default "$PWD/results")
+  -skip-broken
+        [For CentOS] yum update changelog with --skip-broken option
  -ssh-external
        Use external ssh command. Default: Use the Go native implementation
 ```
--- a/commands/scan.go
+++ b/commands/scan.go
@@ -59,6 +59,7 @@ type ScanCmd struct {
 	askKeyPassword  bool

 	containersOnly bool
+	skipBroken     bool

 	// reporting
 	reportSlack     bool
@@ -101,13 +102,14 @@ func (*ScanCmd) Usage() string {
 		[-ignore-unscored-cves]
 		[-ssh-external]
 		[-containers-only]
+		[-skip-broken]
 		[-report-azure-blob]
 		[-report-json]
 		[-report-mail]
 		[-report-s3]
 		[-report-slack]
 		[-report-text]
-                [-report-xml]
+		[-report-xml]
 		[-http-proxy=http://192.168.0.1:8080]
 		[-ask-key-password]
 		[-debug]
@@ -187,6 +189,12 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
 		false,
 		"Scan containers only. Default: Scan both of hosts and containers")

+	f.BoolVar(
+		&p.skipBroken,
+		"skip-broken",
+		false,
+		"[For CentOS] yum update changelog with --skip-broken option")
+
 	f.StringVar(
 		&p.httpProxy,
 		"http-proxy",
@@ -388,6 +396,7 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
 	c.Conf.SSHExternal = p.sshExternal
 	c.Conf.HTTPProxy = p.httpProxy
 	c.Conf.ContainersOnly = p.containersOnly
+	c.Conf.SkipBroken = p.skipBroken

 	Log.Info("Validating Config...")
 	if !c.Conf.Validate() {
--- a/config/config.go
+++ b/config/config.go
@@ -46,6 +46,7 @@ type Config struct {

 	SSHExternal    bool
 	ContainersOnly bool
+	SkipBroken     bool

 	HTTPProxy   string `valid:"url"`
 	ResultsDir  string
@@ -86,7 +87,6 @@ func (c Config) Validate() bool {
 			"CVE DB type must be either 'sqlite3' or 'mysql'.  -cve-dictionary-dbtype: %s", c.CveDBType))
 	}

-
 	if c.CveDBType == "sqlite3" {
 		if len(c.CveDBPath) != 0 {
 			if ok, _ := valid.IsFilePath(c.CveDBPath); !ok {
--- a/scan/redhat.go
+++ b/scan/redhat.go
@@ -126,11 +126,9 @@ func (o *redhat) checkDependencies() error {
 			return fmt.Errorf("Not implemented yet: %s", o.Distro)
 		}

-		var name = ""
+		var name = "yum-plugin-changelog"
 		if majorVersion < 6 {
 			name = "yum-changelog"
-		} else {
-			name = "yum-plugin-changelog"
 		}

 		cmd := "rpm -q " + name
@@ -548,7 +546,13 @@ func (o *redhat) getAllChangelog(packInfoList models.PackageInfoList) (stdout st
 	}

 	// yum update --changelog doesn't have --color option.
-	command += fmt.Sprintf(" LANGUAGE=en_US.UTF-8 yum update --changelog %s", packageNames)
+	if config.Conf.SkipBroken {
+		command += fmt.Sprintf(
+			" LANGUAGE=en_US.UTF-8 yum --skip-broken update --changelog %s", packageNames)
+	} else {
+		command += fmt.Sprintf(
+			" LANGUAGE=en_US.UTF-8 yum update --changelog %s", packageNames)
+	}

 	r := o.ssh(command, sudo)
 	if !r.isSuccess(0, 1) {