From d94b83df0de95db7ae63726fd11ddd30dff72f39 Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Sat, 19 Mar 2022 03:50:06 -0400
Subject: cmd: working update cmd

---
 cmd/update.go | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 61 insertions(+), 1 deletion(-)

(limited to 'cmd/update.go')

diff --git a/cmd/update.go b/cmd/update.go
index b6f2882..86e6c7a 100644
--- a/cmd/update.go
+++ b/cmd/update.go
@@ -2,8 +2,14 @@ package cmd
 
 import (
   // "encoding/json"
+  "context"
+  "github.com/pablotron/cvez/cisa"
   "github.com/pablotron/cvez/nvdmirror"
+  "github.com/rs/zerolog/log"
   "github.com/spf13/cobra"
+  nvd_feed "github.com/pablotron/cvez/feed"
+  "os"
+  "path/filepath"
 )
 
 var updateCmd = &cobra.Command{
@@ -28,6 +34,60 @@ var updateCmd = &cobra.Command{
 
     // sync data, get updates
     updates := nvdmirror.Sync(config, &cache, cacheDir)
-    jsonEncode(updates)
+    if len(updates) > 0 {
+      // connect to db
+      ctx := context.Background()
+      db := getDb()
+
+      // build list of feeds to add
+      log.Info().Msg("load feeds")
+      var feeds []nvd_feed.Feed
+      for _, row := range(updates) {
+        if row.Type == nvdmirror.UpdateCveYear {
+          feeds = append(feeds, getFeed(filepath.Join(cacheDir, row.Path)))
+        }
+      }
+
+      if len(feeds) > 0 {
+        log.Info().Msg("AddCveFeeds")
+        if _, err := db.AddCveFeeds(ctx, feeds); err != nil {
+          // FIXME: failing like this leaves an invalid cache
+          log.Error().Err(err).Msg("AddCveFeeds")
+          os.Exit(-1)
+        }
+      }
+
+      // process cpe dictionary before cpe matches to prevent FK
+      // constraint violations
+      for _, row := range(updates) {
+        if row.Type == nvdmirror.UpdateCpeDict {
+          log.Info().Msg("AddCpeDictionary")
+          dict := getCpeDict(filepath.Join(cacheDir, row.Path))
+          if err := db.AddCpeDictionary(ctx, dict); err != nil {
+            log.Error().Err(err).Msg("AddCpeDictionary")
+            os.Exit(-1)
+          }
+        }
+      }
+
+      for _, row := range(updates) {
+        switch row.Type {
+        case nvdmirror.UpdateCpeMatch:
+          log.Info().Msg("AddCpeMatches")
+          matches := getCpeMatches(filepath.Join(cacheDir, row.Path))
+          if err := db.AddCpeMatches(ctx, matches); err != nil {
+            log.Error().Err(err).Msg("AddCpeMatches")
+            os.Exit(-1)
+          }
+        case nvdmirror.UpdateCisaKevc:
+          log.Info().Msg("AddCisaCatalogs")
+          cat := getCisaCatalog(filepath.Join(cacheDir, row.Path))
+          if _, err := db.AddCisaCatalogs(ctx, []cisa.Catalog { cat }); err != nil {
+            log.Error().Err(err).Msg("AddCisaCatalogs")
+            os.Exit(-1)
+          }
+        }
+      }
+    }
   },
 }
-- 
cgit v1.2.3