# CVE Pages Generator  
![status](https://api.travis-ci.com/SUSE/suse-it-app-cve-content.svg?token=42Qtc9JzPR2jaCeSWxKd&branch=master)  
Static page generator for `suse.com/security/cve` and `suse.com/??-??/security/cve`. Main content is displayed in English, header and footer is translated into 7 languages.  
  
## Links  
Application URL: https://suse.com/security/cve  
GIT Repository: https://github.com/SUSE/suse-it-app-cve-content  
TravisCI CI/CD Builds: https://travis-ci.com/github/SUSE/suse-it-app-cve-content  
S3 prod bucket URL: `https://s3.console.aws.amazon.com/s3/buckets/susecom-web-cve-prd`  
S3 stage bucket URL: `https://s3.console.aws.amazon.com/s3/buckets/susecom-web-cve-prd`  
  
## Branches  
`master` production    
`stage-s3` staging  
  
## Usage — generation, tagging and deployment  
#### Generation  
The source CVE files are stored in `cve` directory. The script then fetches the current headers and renders the files using a YANG template `cve-template.html` into *en-us*, *de-de*, *es-es*, *fr-fr*, *ja-jp*, *pt-br* and *zh-cn* languages.  
#### Tagging  
Two tags are used to deploy the content to the S3 bucket.  
`deploy` tag will only generate files that were changed in the last commit (push).  
`redeploy` tag will generate and upload **all files** to the S3.  
#### Deployment  
Generated files are uploaded to their respective S3 directories and then disposed.  
Deployment is done using `aws s3` utility, role is reassumed between the commands as the **token expires after just 1 hour**.  
(Native Travis' S3 deployment feature is not used as it does not allow to assume role.)  
  
## Routing  
The application lives behind a CloudFront service that manages suse.com* content delivery caching.  
Two routes are used to catch all cases:  
`/security/cve*`  
`/??-??/security/cve*` where ??-?? stands for any language variation.  
  
Both are pointing to the S3 production bucket origin  
`https://s3.console.aws.amazon.com/s3/buckets/susecom-web-cve-prd`  
  
  
## Estimated pipeline speed  
|                         | Generation | Upload  |Total|  
|-------------------------|------------|---------|---------|  
| ~1000 files             | 0:20       | 1:00    |1:20|  
| ~28000 files (1 lang)   | 1:45       | 15:00   |16:45|  
| ~200000 files (7 langs) | 14:00      | 1:26:00 |1:40:00|  
  
### Directory structure  
```bash  
├───.travis  
│   awscli_key.pub                #File containing aws cli gpg check  
│   generate_static_diff.py       #Generation of static files (changed from last commit)   
│   generate_static.py            #Generation of static files (all files)   
│   login.sh                      #AWS Login helper   
│   preinstall.sh                 #Utility installer  
│   requirements.txt              #Python module requirements  
├───container                     #Obsolete  
├───cve                           #Folder containing the source HTMLs  
├───terraform                     #Obsolete  
.travis.yml                       #File containing the ci/cd definition  
README.md                         #This page  
.gitignore                        #gitignore  
cve-template.html                 #Base HTML YANG template  
```