Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix redhat import failure #418

Merged
merged 4 commits into from
Apr 2, 2021
Merged

Fix redhat import failure #418

merged 4 commits into from
Apr 2, 2021

Conversation

Hritik14
Copy link
Collaborator

@Hritik14 Hritik14 commented Apr 1, 2021
edited
Loading

This fixes #398.
This PR is mainly comprises of following two commits.

requests_with_5xx_retry: Retry on 5xx errors

Introduced and used a helper function for retries on 5xx errors. This is
important and some servers like bugzilla.redhat.com return 502 Proxy Error
which was the cause of #398

A ticket has been raised in RedHat here https://redhat.service-now.com/help?id=rh_ticket&table=sc_req_item&sys_id=278239541b1ba010477e43fccd4bcb4a

Here is the response from [email protected]

Yes, just back off a bit and retry when this happens. It's been a long-term issue and we're working on a way to address it but it will still take time. There's also a time-out on individual queries - if you're hitting that sometimes on other requests then you'll need to optimise them or break them up into smaller ones

Not all RHSA errata have a CVRF document

This is mentioned in the NOTE of "2.1 List all CVRFs" of
https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/cvrf

Such a case would lead to a crash before this commit.
Eg: https://access.redhat.com/hydra/rest/securitydata/cvrf/RHSA-2005:835.json
No cvrfdoc would be found in the statement
value = rhsa_data["cvrfdoc"]["aggregate_severity"]

@Hritik14 Hritik14 marked this pull request as draft April 1, 2021 10:55
@Hritik14 Hritik14 changed the title Fix redhat import failure [WIP] Fix redhat import failure Apr 1, 2021
@Hritik14 Hritik14 changed the title [WIP] Fix redhat import failure Fix redhat import failure Apr 1, 2021
Hritik14 added 4 commits April 2, 2021 01:08
@Hritik14
requests_with_5xx_retry: Retry on 5xx errors
2684f05 
Introduced and used a helper function for retries on 5xx errors. This is
important and some servers like bugzilla.redhat.com return 502 Proxy Error
which was the cause of aboutcode-org#398

A ticket has been raised in RedHat here https://redhat.service-now.com/help?id=rh_ticket&table=sc_req_item&sys_id=278239541b1ba010477e43fccd4bcb4a

Signed-off-by: Hritik Vijay <[email protected]>
@Hritik14
Not all RHSA errata have a CVRF document
aff0065 
This is mentioned in the NOTE of "2.1 List all CVRFs" of
https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/cvrf

Such a case would lead to a crash before this commit.
Eg: https://access.redhat.com/hydra/rest/securitydata/cvrf/RHSA-2005:835.json
No cvrfdoc would be found in the statement
                    value = rhsa_data["cvrfdoc"]["aggregate_severity"]

Signed-off-by: Hritik Vijay <[email protected]>
@Hritik14
Remove debugging symbols and black -l 100
b0329fa 
This finally fixes aboutcode-org#398

Signed-off-by: Hritik Vijay <[email protected]>
@Hritik14
Mock requests_session in redhat importer
c90a871 
Previous commits replace the usage of requests.get() altogether with a
custom requests_session which provides better 5xx error handling.
It is now required to mock that object in this test.
IMHO it would make more sense to update this test altogether to use the
real endpoints against some real data.

Signed-off-by: Hritik Vijay <[email protected]>
@Hritik14 Hritik14 marked this pull request as ready for review April 1, 2021 19:41
sbs2001
sbs2001 approved these changes Apr 2, 2021
View reviewed changes
Copy link
Collaborator

@sbs2001 sbs2001 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, though I hate we need to do this low level requests things ;)

vulnerabilities/helpers.py
@@ -79,3 +80,21 @@ def create_etag(data_src, url, etag_key):


is_cve = re.compile(r"CVE-\d+-\d+", re.IGNORECASE).match


def requests_with_5xx_retry(max_retries=5, backoff_factor=0.5):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You said there were 104 errors, how are they addressed ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

104 came after retrying with short delays for multiple times. I increased the backoff_factor to 1 in the redhat importer.

@Hritik14
Copy link
Collaborator Author

Hritik14 commented Apr 2, 2021

@sbs2001 Perhaps we would be able to revert back after redhat fixes the problem on their side. Until then, this is what we got.

@sbs2001 sbs2001 merged commit 9634400 into aboutcode-org:main Apr 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbs2001 sbs2001 sbs2001 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Investigate and fix redhat import failure
2 participants
@Hritik14 @sbs2001