chore(rhel): filter by product name when retrieving summary cves

The RHEL provider only gathers security data for Red Hat Enterprise Linux packages, so filtering by product up front when retrieving the applicable CVE's will be more efficient. Signed-off-by: Weston Steimel <[email protected]>
anchore · Jan 8, 2024 · 323a649 · 323a649
1 parent 396bdec
commit 323a649
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/src/vunnel/providers/rhel/parser.py b/src/vunnel/providers/rhel/parser.py
@@ -34,7 +34,8 @@
 
 
 class Parser:
-    __rhel_release_pattern__ = re.compile(r"Red Hat Enterprise Linux\s*(\d+)$")
+    __cve_rhel_product_name_base__ = "Red Hat Enterprise Linux"
+    __rhel_release_pattern__ = re.compile(__cve_rhel_product_name_base__ + r"\s*(\d+)$")
     __summary_url__ = "https://access.redhat.com/hydra/rest/securitydata/cve.json"
     __rhsa_url__ = "https://access.redhat.com/hydra/rest/securitydata/oval/{}.json"
     __last_synced_filename__ = "last_synced"
@@ -73,10 +74,10 @@ def __init__(  # noqa: PLR0913
         self.logger = logger
 
     def _download_minimal_cves(self, page, limit=1000):
-        path_params = {"per_page": str(limit), "page": page}
+        path_params = {"per_page": str(limit), "page": page, "product": self.__cve_rhel_product_name_base__}
 
         self.logger.info(
-            f"downloading CVE list from url={self.__summary_url__} count={path_params['per_page']} page={path_params['page']}",
+            f"downloading CVE list from url={self.__summary_url__} count={path_params['per_page']} page={path_params['page']}, product={path_params['product']}",  # noqa: E501
         )
         r = http.get(
             self.__summary_url__,