From a91453b19c462929b3ab77927b0d0a6807558b92 Mon Sep 17 00:00:00 2001 From: Israel Madueme Date: Mon, 10 Sep 2018 12:34:56 -0400 Subject: Bug 1479466 - Add Security Bugs Report Adds the security bugs report with open count and median age open of sec-critical and sec-high bugs. --- scripts/secbugsreport.pl | 83 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 scripts/secbugsreport.pl (limited to 'scripts/secbugsreport.pl') diff --git a/scripts/secbugsreport.pl b/scripts/secbugsreport.pl new file mode 100644 index 000000000..ae0639e20 --- /dev/null +++ b/scripts/secbugsreport.pl @@ -0,0 +1,83 @@ +#!/usr/bin/perl + +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# This Source Code Form is "Incompatible With Secondary Licenses", as +# defined by the Mozilla Public License, v. 2.0. +# +# Usage secbugsreport.pl YYYY MM DD, e.g. secbugsreport.pl $(date +'%Y %m %d') + +use 5.10.1; +use strict; +use warnings; + +use lib qw(. lib local/lib/perl5); + +use Bugzilla; +use Bugzilla::Component; +use Bugzilla::Constants; +use Bugzilla::Error; +use Bugzilla::Mailer; +use Bugzilla::Report::SecurityRisk; + +use DateTime; +use URI; +use JSON::MaybeXS; + +BEGIN { Bugzilla->extensions } +Bugzilla->usage_mode(USAGE_MODE_CMDLINE); + +exit 0 unless Bugzilla->params->{report_secbugs_active}; +exit 0 unless defined $ARGV[0] && defined $ARGV[1] && defined $ARGV[2]; + +my $html; +my $template = Bugzilla->template(); +my $end_date = DateTime->new( year => $ARGV[0], month => $ARGV[1], day => $ARGV[2] ); +my $start_date = $end_date->clone()->subtract( months => 6 ); +my $report_week = $end_date->ymd('-'); +my $products = decode_json( Bugzilla->params->{report_secbugs_products} ); +my $sec_keywords = [ 'sec-critical', 'sec-high' ]; +my $report = Bugzilla::Report::SecurityRisk->new( + start_date => $start_date, + end_date => $end_date, + products => $products, + sec_keywords => $sec_keywords +); +my $vars = { + urlbase => Bugzilla->localconfig->{urlbase}, + report_week => $report_week, + products => $products, + sec_keywords => $sec_keywords, + results => $report->results, + build_bugs_link => \&build_bugs_link, +}; + +$template->process( 'reports/email/security-risk.html.tmpl', $vars, \$html ) + or ThrowTemplateError( $template->error() ); + +# For now, only send HTML email. +my $email = Email::MIME->create( + header_str => [ + From => Bugzilla->params->{'mailfrom'}, + To => Bugzilla->params->{report_secbugs_emails}, + Subject => "Security Bugs Report for $report_week" + ], + attributes => { + content_type => 'text/html', + charset => 'UTF-8', + encoding => 'quoted-printable', + }, + body_str => $html, +); + +MessageToMTA($email); + +sub build_bugs_link { + my ( $arr, $product ) = @_; + my $uri = URI->new( Bugzilla->localconfig->{urlbase} . 'buglist.cgi' ); + $uri->query_param( bug_id => ( join ',', @$arr ) ); + $uri->query_param( product => $product ) if $product; + return $uri->as_string; +} -- cgit v1.2.3-24-g4f1b From c8b47ef3d5b39ab99065fe387c9ae93301b3aab0 Mon Sep 17 00:00:00 2001 From: Israel Madueme Date: Mon, 10 Sep 2018 13:30:05 -0400 Subject: no bug - add X-Bugzilla-Type to secbugsreport email --- scripts/secbugsreport.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'scripts/secbugsreport.pl') diff --git a/scripts/secbugsreport.pl b/scripts/secbugsreport.pl index ae0639e20..81041b222 100644 --- a/scripts/secbugsreport.pl +++ b/scripts/secbugsreport.pl @@ -62,7 +62,8 @@ my $email = Email::MIME->create( header_str => [ From => Bugzilla->params->{'mailfrom'}, To => Bugzilla->params->{report_secbugs_emails}, - Subject => "Security Bugs Report for $report_week" + Subject => "Security Bugs Report for $report_week", + 'X-Bugzilla-Type' => 'admin' ], attributes => { content_type => 'text/html', -- cgit v1.2.3-24-g4f1b