Skip to content

Commit f2c940f

Browse files
chadlwilsonchadlwilson
authored
ci: fix FP ops workflow to generate CPE regex for optional suffix matches (#8531)
Signed-off-by: Chad Wilson <29788154+chadlwilson@users.noreply.github.com>
1 parent 115aad9 commit f2c940f

1 file changed

Lines changed: 12 additions & 22 deletions

File tree

.github/workflows/false-positive-ops.yml

Lines changed: 12 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -171,12 +171,9 @@ jobs:
171171
}
172172
purl += '@.*$';
173173
var cpe = process.env.CPE.trim().replaceAll(/^`|`$/g,'').split(':');
174-
var cpe22UriPrefix;
175-
if (cpe[1] == '2.3') {
176-
cpe22UriPrefix = 'cpe:/a:' + cpe[3] + ':' + cpe[4] + ':';
177-
} else {
178-
cpe22UriPrefix = 'cpe:/a:' + cpe[2] + ':' + cpe[3] + ':';
179-
}
174+
var vendor = cpe[1] === '2.3' ? cpe[3] : cpe[2];
175+
var product = cpe[1] === '2.3' ? cpe[4] : cpe[3];
176+
var cpe22UriRegex = 'cpe:/a:' + vendor.replaceAll('.','\\.') + ':' + product.replaceAll('.','\\.') + '(:.*)?$';
180177
181178
await github.rest.issues.createComment({
182179
issue_number: context.issue.number,
@@ -189,7 +186,7 @@ jobs:
189186
' FP per issue #' + context.issue.number + '\n' +
190187
' ]]></notes>\n' +
191188
' <packageUrl regex="true">' + purl + '</packageUrl>\n' +
192-
' <cpe>' + cpe22UriPrefix + '</cpe>\n' +
189+
' <cpe regex="true">' + cpe22UriRegex + '</cpe>\n' +
193190
'</suppress>\n```\n\n' +
194191
'Link to test results: ' + context.serverUrl + '/' + context.repo.owner + '/' + context.repo.repo + '/actions/runs/' + context.runId
195192
})
@@ -217,13 +214,9 @@ jobs:
217214
}
218215
purl += '@.*$';
219216
var cpe = process.env.CPE.trim().replaceAll(/^`|`$/g,'').split(':');
220-
console.log(cpe);
221-
var cpe22UriPrefix;
222-
if (cpe[1] == '2.3') {
223-
cpe22UriPrefix = 'cpe:/a:' + cpe[3] + ':' + cpe[4] + ':';
224-
} else {
225-
cpe22UriPrefix = 'cpe:/a:' + cpe[2] + ':' + cpe[3] + ':';
226-
}
217+
var vendor = cpe[1] === '2.3' ? cpe[3] : cpe[2];
218+
var product = cpe[1] === '2.3' ? cpe[4] : cpe[3];
219+
var cpe22UriRegex = 'cpe:/a:' + vendor.replaceAll('.','\\.') + ':' + product.replaceAll('.','\\.') + '(:.*)?$';
227220
228221
await github.rest.issues.createComment({
229222
issue_number: context.issue.number,
@@ -236,7 +229,7 @@ jobs:
236229
' FP per issue #' + context.issue.number + '\n' +
237230
' ]]></notes>\n' +
238231
' <packageUrl regex="true">' + purl + '</packageUrl>\n' +
239-
' <cpe>' + cpe22UriPrefix + '</cpe>\n' +
232+
' <cpe regex="true">' + cpe22UriRegex + '</cpe>\n' +
240233
'</suppress>\n```\n\n' +
241234
'Link to test results: ' + context.serverUrl + '/' + context.repo.owner + '/' + context.repo.repo + '/actions/runs/' + context.runId
242235
})
@@ -264,12 +257,9 @@ jobs:
264257
}
265258
purl += '@.*$';
266259
var cpe = process.env.CPE.trim().replaceAll(/^`|`$/g,'').split(':');
267-
var cpe22UriPrefix;
268-
if (cpe[1] == '2.3') {
269-
cpe22UriPrefix = 'cpe:/a:' + cpe[3] + ':' + cpe[4] + ':';
270-
} else {
271-
cpe22UriPrefix = 'cpe:/a:' + cpe[2] + ':' + cpe[3] + ':';
272-
}
260+
var vendor = cpe[1] === '2.3' ? cpe[3] : cpe[2];
261+
var product = cpe[1] === '2.3' ? cpe[4] : cpe[3];
262+
var cpe22UriRegex = 'cpe:/a:' + vendor.replaceAll('.','\\.') + ':' + product.replaceAll('.','\\.') + '(:.*)?$';
273263
274264
await github.rest.issues.createComment({
275265
issue_number: context.issue.number,
@@ -282,7 +272,7 @@ jobs:
282272
' FP per issue #' + context.issue.number + '\n' +
283273
' ]]></notes>\n' +
284274
' <packageUrl regex="true">' + purl + '</packageUrl>\n' +
285-
' <cpe>' + cpe22UriPrefix + '</cpe>\n' +
275+
' <cpe regex="true">' + cpe22UriRegex + '</cpe>\n' +
286276
'</suppress>\n```\n\n' +
287277
'Link to test results: ' + context.serverUrl + '/' + context.repo.owner + '/' + context.repo.repo + '/actions/runs/' + context.runId
288278
})

0 commit comments

Comments
 (0)