From 3d9315bb06bae173d4ab8db7905083f1b30766b3 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sat, 4 Jun 2022 13:32:31 +0530 Subject: [PATCH 1/9] Changed the variables name Signed-off-by: AayushSaini101 --- local/tests/test_rest_example.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/local/tests/test_rest_example.py b/local/tests/test_rest_example.py index 8b641886..c2e4d798 100644 --- a/local/tests/test_rest_example.py +++ b/local/tests/test_rest_example.py @@ -21,3 +21,18 @@ def test_version(self, base_endpoint): version_endpoint = base_endpoint + "version" version_response = requests.get(version_endpoint) assert version_response.status_code == 200 + + def test_help_all(self, base_endpoint): + """This test is to check the help endpoint with all argument""" + help_all_endpoint = base_endpoint + "help/all" + help_all_response = requests.get(help_all_endpoint) + assert help_all_response.status_code == 200 + "This test is to check the help endpoint with random argument" + random_arg="arg" + help_random_endpoint = base_endpoint+"help/arg" + help_random_endpoint = requests.get(help_random_endpoint) + assert help_random_endpoint.status_code == 200 + assert ( + help_random_endpoint.json()["data"]["response"] + == f"Unknown section '{random_arg}' in the --help-section option\n" + ) From 850f075acdc883d3cc45729aa4c518764ca96847 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sat, 4 Jun 2022 13:40:22 +0530 Subject: [PATCH 2/9] Resolved variable name issue Signed-off-by: AayushSaini101 --- local/tests/test_rest_example.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/local/tests/test_rest_example.py b/local/tests/test_rest_example.py index c2e4d798..48cce21f 100644 --- a/local/tests/test_rest_example.py +++ b/local/tests/test_rest_example.py @@ -27,7 +27,7 @@ def test_help_all(self, base_endpoint): help_all_endpoint = base_endpoint + "help/all" help_all_response = requests.get(help_all_endpoint) assert help_all_response.status_code == 200 - "This test is to check the help endpoint with random argument" + "This test is to check the help endpoint with random i.e arg argument" random_arg="arg" help_random_endpoint = base_endpoint+"help/arg" help_random_endpoint = requests.get(help_random_endpoint) From 70894449c01de502d5f272502c2fa934819a856e Mon Sep 17 00:00:00 2001 From: HarshCasper Date: Sat, 4 Jun 2022 14:53:24 +0530 Subject: [PATCH 3/9] fix lint issues Signed-off-by: AayushSaini101 --- local/rest_api_flint.example/app.py | 8 +++++--- local/tests/test_rest_example.py | 4 ++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/local/rest_api_flint.example/app.py b/local/rest_api_flint.example/app.py index 7be0518e..e00ed282 100644 --- a/local/rest_api_flint.example/app.py +++ b/local/rest_api_flint.example/app.py @@ -33,10 +33,12 @@ app.register_blueprint(SWAGGERUI_BLUEPRINT, url_prefix=SWAGGER_URL) ### end swagger specific ### -@app.route('/', methods=['GET']) + +@app.route("/", methods=["GET"]) def home(): - return 'FLINT.Example API' - + return "FLINT.Example API" + + @app.route("/spec") def spec(): swag = swagger(app) diff --git a/local/tests/test_rest_example.py b/local/tests/test_rest_example.py index 48cce21f..9d1c196a 100644 --- a/local/tests/test_rest_example.py +++ b/local/tests/test_rest_example.py @@ -28,8 +28,8 @@ def test_help_all(self, base_endpoint): help_all_response = requests.get(help_all_endpoint) assert help_all_response.status_code == 200 "This test is to check the help endpoint with random i.e arg argument" - random_arg="arg" - help_random_endpoint = base_endpoint+"help/arg" + random_arg = "arg" + help_random_endpoint = base_endpoint + "help/arg" help_random_endpoint = requests.get(help_random_endpoint) assert help_random_endpoint.status_code == 200 assert ( From 427b2ab16795c3ab87f5acb99e88eb074d709bb5 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sat, 4 Jun 2022 16:08:25 +0530 Subject: [PATCH 4/9] Resolved the issue Signed-off-by: AayushSaini101 --- local/rest_api_gcbm/app.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/local/rest_api_gcbm/app.py b/local/rest_api_gcbm/app.py index 0f1a186a..51de0a6d 100644 --- a/local/rest_api_gcbm/app.py +++ b/local/rest_api_gcbm/app.py @@ -342,12 +342,13 @@ def gcbm_download(): # Sanitize title title = "".join(c for c in title if c.isalnum()) project_dir = f"{title}" + if not os.path.exists(f"{os.getcwd()}/input/{project_dir}"): + return {"error": "No such simulation exist for this title"}, 400 return send_file( f"{os.getcwd()}/input/{project_dir}/output.zip", attachment_filename="output.zip", ) - @app.route("/gcbm/list", methods=["GET"]) def gcbm_list_simulations(): """ From 8b41ff2003d9aed203e8d2760f416f21d35eeaf0 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sat, 4 Jun 2022 16:12:54 +0530 Subject: [PATCH 5/9] Resolved CI issues Signed-off-by: AayushSaini101 --- local/rest_api_gcbm/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/local/rest_api_gcbm/app.py b/local/rest_api_gcbm/app.py index 51de0a6d..7d78d19c 100644 --- a/local/rest_api_gcbm/app.py +++ b/local/rest_api_gcbm/app.py @@ -343,7 +343,7 @@ def gcbm_download(): title = "".join(c for c in title if c.isalnum()) project_dir = f"{title}" if not os.path.exists(f"{os.getcwd()}/input/{project_dir}"): - return {"error": "No such simulation exist for this title"}, 400 + return {"error": "No such simulation exist for this {title}"}, 400 return send_file( f"{os.getcwd()}/input/{project_dir}/output.zip", attachment_filename="output.zip", From 95d19fd12838e4887b9cb6a78c24d01bedc359f1 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sat, 4 Jun 2022 20:09:21 +0530 Subject: [PATCH 6/9] Removed lint issue Signed-off-by: AayushSaini101 --- local/rest_api_gcbm/app.py | 1 + 1 file changed, 1 insertion(+) diff --git a/local/rest_api_gcbm/app.py b/local/rest_api_gcbm/app.py index 7d78d19c..45805638 100644 --- a/local/rest_api_gcbm/app.py +++ b/local/rest_api_gcbm/app.py @@ -349,6 +349,7 @@ def gcbm_download(): attachment_filename="output.zip", ) + @app.route("/gcbm/list", methods=["GET"]) def gcbm_list_simulations(): """ From 333fd8fc022c0c98299bca8e28673186105d4b68 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Sun, 5 Jun 2022 18:17:48 +0530 Subject: [PATCH 7/9] Update Readme and resolved Doc issue Signed-off-by: AayushSaini101 --- README.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index d50135b2..3323064d 100644 --- a/README.md +++ b/README.md @@ -68,11 +68,11 @@ Currently the REST API has the following endpoints available for access:- | Endpoint | Functionality | | :--------------| :------------------------ | -| **\help\all** | Produces a help message with information on all options for moja.CLI. | -| **\help\arg** | Produces a help message with information on option **arg** for moja.CLI. | -| **\version** | Outputs the version number of moja.CLI. | -| **\point** | Runs point example and outputs point_example.csv as an attachment to be downloaded. Parameters (multipart-form data) `file` for point_example can be passed to override the default configurations. | -| **\rothc** | Runs rothc example and outputs point_rothc_example.csv as an attachment to be downloaded. Parameters (multipart-form data) `file` for rothc_example can be passed to override the default configurations. +| **/help/all** | Produces a help message with information on all options for moja.CLI. | +| **/help/arg** | Produces a help message with information on option **arg** for moja.CLI. | +| **/version** | Outputs the version number of moja.CLI. | +| **/point** | Runs point example and outputs point_example.csv as an attachment to be downloaded. Parameters (multipart-form data) `file` for point_example can be passed to override the default configurations. | +| **/rothc** | Runs rothc example and outputs point_rothc_example.csv as an attachment to be downloaded. Parameters (multipart-form data) `file` for rothc_example can be passed to override the default configurations. This REST API is built using the `flask-restful` package and has been containerized using `Docker`. @@ -87,9 +87,15 @@ Currently the REST API has the following endpoints available for access:- | Endpoint | Functionality | | :------------ | :-----------------| -| **\help\all** | Produces a help message with information on all options for moja.CLI. | -| **\help\arg** | Produces a help message with information on option **arg** for moja.CLI.| -| **\version** | Outputs the version number of moja.CLI.| +| **/help/all** | Produces a help message with information on all options for moja.CLI. | +| **/help/arg** | Produces a help message with information on option **arg** for moja.CLI.| +| **/version** | Outputs the version number of moja.CLI.| +| **/gcbm/new**| This endpoint is used to create new simulation with the suitable title.| +| **/gcbm/upload**| This endpoint is used to upload all the input files that needs to run the GCBM simulation.| +| **/gcbm/dynamic**| This endpoint is used to execute the simulation process.| +| **/gcbm/status**| This endpoint is used to check the status of the simulation process, whether the simulation is completed or not.| +| **/gcbm/download**| This endpoint is used to download a simulation output in the zip format.| +| **/gcbm/list**| This endpoint is used to check the available simulation currently present.| This REST API is built using the `flask-restful` package and has been containerized using `Docker`. From 05257aeb94b4de06730c28202fbb1a1f18ae7878 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Thu, 9 Jun 2022 10:57:34 +0530 Subject: [PATCH 8/9] Resolved vulnerablity issue in the container Signed-off-by: AayushSaini101 --- .github/containerscan/allowedlist.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml index 20ef0a35..59300124 100644 --- a/.github/containerscan/allowedlist.yaml +++ b/.github/containerscan/allowedlist.yaml @@ -31,6 +31,8 @@ general: - CVE-2022-0002 - CVE-2022-0847 - CVE-2022-1015 + - CVE-2022-21499 + - CVE-2022-29581 bestPracticeViolations: - CIS-DI-0007 From c54f893f53de4874d9ac89726d3c0dfde14f1684 Mon Sep 17 00:00:00 2001 From: AayushSaini101 Date: Thu, 9 Jun 2022 22:30:18 +0530 Subject: [PATCH 9/9] Added vulnerablities Signed-off-by: AayushSaini101 --- .github/containerscan/allowedlist.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml index 59300124..afee8107 100644 --- a/.github/containerscan/allowedlist.yaml +++ b/.github/containerscan/allowedlist.yaml @@ -33,6 +33,8 @@ general: - CVE-2022-1015 - CVE-2022-21499 - CVE-2022-29581 + - CVE-2022-1966 + - CVE-2022-29361 bestPracticeViolations: - CIS-DI-0007