0c1b80b2ed
* Refactor layer and ancestry * Add tests * Fix bugs introduced when the queries were moved
145 lines
6.3 KiB
SQL
145 lines
6.3 KiB
SQL
-- initialize entities
|
|
INSERT INTO namespace (id, name, version_format) VALUES
|
|
(1, 'debian:7', 'dpkg'),
|
|
(2, 'debian:8', 'dpkg'),
|
|
(3, 'fake:1.0', 'rpm');
|
|
|
|
INSERT INTO feature (id, name, version, version_format) VALUES
|
|
(1, 'ourchat', '0.5', 'dpkg'),
|
|
(2, 'openssl', '1.0', 'dpkg'),
|
|
(3, 'openssl', '2.0', 'dpkg'),
|
|
(4, 'fake', '2.0', 'rpm');
|
|
|
|
INSERT INTO namespaced_feature(id, feature_id, namespace_id) VALUES
|
|
(1, 1, 1), -- ourchat 0.5, debian:7
|
|
(2, 2, 1), -- openssl 1.0, debian:7
|
|
(3, 2, 2), -- openssl 1.0, debian:8
|
|
(4, 3, 1); -- openssl 2.0, debian:7
|
|
|
|
INSERT INTO detector(id, name, version, dtype) VALUES
|
|
(1, 'os-release', '1.0', 'namespace'),
|
|
(2, 'dpkg', '1.0', 'feature'),
|
|
(3, 'rpm', '1.0', 'feature'),
|
|
(4, 'apt-sources', '1.0', 'namespace');
|
|
|
|
-- initialize layers
|
|
INSERT INTO layer (id, hash) VALUES
|
|
(1, 'layer-0'), -- blank
|
|
(2, 'layer-1'), -- debian:7; ourchat 0.5, openssl 1.0
|
|
(3, 'layer-2'), -- debian:7; ourchat 0.5, openssl 2.0
|
|
(4, 'layer-3a'),-- debian:7;
|
|
(5, 'layer-3b'),-- debian:8; ourchat 0.5, openssl 1.0
|
|
(6, 'layer-4'); -- debian:7, fake:1.0; openssl 2.0 (debian), fake 2.0 (fake)
|
|
|
|
INSERT INTO layer_namespace(id, layer_id, namespace_id, detector_id) VALUES
|
|
(1, 2, 1, 1), -- layer-1: debian:7
|
|
(2, 3, 1, 1), -- layer-2: debian:7
|
|
(3, 4, 1, 1), -- layer-3a: debian:7
|
|
(4, 5, 2, 1), -- layer-3b: debian:8
|
|
(5, 6, 1, 1), -- layer-4: debian:7
|
|
(6, 6, 3, 4); -- layer-4: fake:1.0
|
|
|
|
INSERT INTO layer_feature(id, layer_id, feature_id, detector_id) VALUES
|
|
(1, 2, 1, 2), -- layer-1: ourchat 0.5
|
|
(2, 2, 2, 2), -- layer-1: openssl 1.0
|
|
(3, 3, 1, 2), -- layer-2: ourchat 0.5
|
|
(4, 3, 3, 2), -- layer-2: openssl 2.0
|
|
(5, 5, 1, 2), -- layer-3b: ourchat 0.5
|
|
(6, 5, 2, 2), -- layer-3b: openssl 1.0
|
|
(7, 6, 4, 3), -- layer-4: fake 2.0
|
|
(8, 6, 3, 2); -- layer-4: openssl 2.0
|
|
|
|
INSERT INTO layer_detector(layer_id, detector_id) VALUES
|
|
(1, 1),
|
|
(2, 1),
|
|
(3, 1),
|
|
(4, 1),
|
|
(5, 1),
|
|
(6, 1),
|
|
(6, 4),
|
|
(1, 2),
|
|
(2, 2),
|
|
(3, 2),
|
|
(4, 2),
|
|
(5, 2),
|
|
(6, 2),
|
|
(6, 3);
|
|
|
|
INSERT INTO ancestry (id, name) VALUES
|
|
(1, 'ancestry-1'), -- layer-0, layer-1, layer-2, layer-3a
|
|
(2, 'ancestry-2'), -- layer-0, layer-1, layer-2, layer-3b
|
|
(3, 'ancestry-3'), -- layer-0
|
|
(4, 'ancestry-4'); -- layer-0
|
|
|
|
INSERT INTO ancestry_detector (ancestry_id, detector_id) VALUES
|
|
(1, 2),
|
|
(2, 2),
|
|
(1, 1),
|
|
(2, 1);
|
|
|
|
INSERT INTO ancestry_layer (id, ancestry_id, layer_id, ancestry_index) VALUES
|
|
-- ancestry-1: layer-0, layer-1, layer-2, layer-3a
|
|
(1, 1, 1, 0),(2, 1, 2, 1),(3, 1, 3, 2),(4, 1, 4, 3),
|
|
-- ancestry-2: layer-0, layer-1, layer-2, layer-3b
|
|
(5, 2, 1, 0),(6, 2, 2, 1),(7, 2, 3, 2),(8, 2, 5, 3),
|
|
-- ancestry-3: layer-1
|
|
(9, 3, 2, 0),
|
|
-- ancestry-4: layer-1
|
|
(10, 4, 2, 0);
|
|
|
|
-- assume that ancestry-3 and ancestry-4 are vulnerable.
|
|
INSERT INTO ancestry_feature (id, ancestry_layer_id, namespaced_feature_id, feature_detector_id, namespace_detector_id) VALUES
|
|
-- ancestry-1:
|
|
-- layer-2: ourchat 0.5 <- detected by dpkg 1.0 (2); debian: 7 <- detected by os-release 1.0 (1)
|
|
-- layer-2: openssl 2.0, debian:7
|
|
(1, 3, 1, 2, 1), (2, 3, 4, 2, 1),
|
|
-- ancestry 2:
|
|
-- 1(ourchat 0.5; debian:7 layer-2)
|
|
-- 3(openssl 1.0; debian:8 layer-3b)
|
|
(3, 7, 1, 2, 1), (4, 8, 3, 2, 1),
|
|
-- ancestry-3:
|
|
-- 2(openssl 1.0, debian:7 layer-1)
|
|
-- 1(ourchat 0.5, debian:7 layer-1)
|
|
(5, 9, 2, 2, 1), (6, 9, 1, 2, 1), -- vulnerable
|
|
-- ancestry-4:
|
|
-- same as ancestry-3
|
|
(7, 10, 2, 2, 1), (8, 10, 1, 2, 1); -- vulnerable
|
|
|
|
INSERT INTO vulnerability (id, namespace_id, name, description, link, severity) VALUES
|
|
(1, 1, 'CVE-OPENSSL-1-DEB7', 'A vulnerability affecting OpenSSL < 2.0 on Debian 7.0', 'http://google.com/#q=CVE-OPENSSL-1-DEB7', 'High'),
|
|
(2, 1, 'CVE-NOPE', 'A vulnerability affecting nothing', '', 'Unknown');
|
|
|
|
INSERT INTO vulnerability (id, namespace_id, name, description, link, severity, deleted_at) VALUES
|
|
(3, 1, 'CVE-DELETED', '', '', 'Unknown', '2017-08-08 17:49:31.668483');
|
|
|
|
INSERT INTO vulnerability_affected_feature(id, vulnerability_id, feature_name, affected_version, fixedin) VALUES
|
|
(1, 1, 'openssl', '2.0', '2.0'),
|
|
(2, 1, 'libssl', '1.9-abc', '1.9-abc');
|
|
|
|
INSERT INTO vulnerability_affected_namespaced_feature(id, vulnerability_id, namespaced_feature_id, added_by) VALUES
|
|
(1, 1, 2, 1);
|
|
|
|
INSERT INTO vulnerability_notification(id, name, created_at, notified_at, deleted_at, old_vulnerability_id, new_vulnerability_id) VALUES
|
|
(1, 'test', NULL, NULL, NULL, 2, 1); -- 'CVE-NOPE' -> 'CVE-OPENSSL-1-DEB7'
|
|
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('feature', 'id'), (SELECT MAX(id) FROM feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('namespace', 'id'), (SELECT MAX(id) FROM namespace)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('namespaced_feature', 'id'), (SELECT MAX(id) FROM namespaced_feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('detector', 'id'), (SELECT MAX(id) FROM detector)+1);
|
|
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('ancestry', 'id'), (SELECT MAX(id) FROM ancestry)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('ancestry_layer', 'id'), (SELECT MAX(id) FROM ancestry_layer)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('ancestry_feature', 'id'), (SELECT MAX(id) FROM ancestry_feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('ancestry_detector', 'id'), (SELECT MAX(id) FROM ancestry_detector)+1);
|
|
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('layer', 'id'), (SELECT MAX(id) FROM layer)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('layer_feature', 'id'), (SELECT MAX(id) FROM layer_feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('layer_namespace', 'id'), (SELECT MAX(id) FROM layer_namespace)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('layer_detector', 'id'), (SELECT MAX(id) FROM layer_detector)+1);
|
|
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('vulnerability', 'id'), (SELECT MAX(id) FROM vulnerability)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('vulnerability_affected_feature', 'id'), (SELECT MAX(id) FROM vulnerability_affected_feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('vulnerability_affected_namespaced_feature', 'id'), (SELECT MAX(id) FROM vulnerability_affected_namespaced_feature)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('vulnerability_notification', 'id'), (SELECT MAX(id) FROM vulnerability_notification)+1);
|
|
SELECT pg_catalog.setval(pg_get_serial_sequence('detector', 'id'), (SELECT MAX(id) FROM detector)+1);
|