From 766418f337b83c2a242a448239477d6015930737 Mon Sep 17 00:00:00 2001
From: Ben Dalling <b.dalling@cbdq.io>
Date: Sun, 24 Mar 2024 08:02:20 +0000
Subject: [PATCH 1/3] fix: Make restore more robust to failure.

---
 restore.sh | 36 +++++++++++++++++++++++++++++-------
 1 file changed, 29 insertions(+), 7 deletions(-)

diff --git a/restore.sh b/restore.sh
index 678c23e..77b10be 100755
--- a/restore.sh
+++ b/restore.sh
@@ -1,16 +1,19 @@
-#!/bin/sh -e
+#!/bin/bash
 
 BASE_URL='http://localhost:8069'
+MAX_ATTEMPTS=6
+PROG=$( basename "$0" )
 
-while getopts "a:d:f:u:" arg; do
+while getopts "a:d:f:hm:u:" arg; do
   case $arg in
     a) ADMIN_PASSWORD="${OPTARG}" ;;
     d) DB_NAME="${OPTARG}" ;;
     f) FILE_NAME="${OPTARG}" ;;
     h)
-      echo "usage: $( basname $0 ) -a admin_password -d db_name -u base_URL"
+      echo "usage: ${PROG} -a admin_password -d db_name -u base_URL"
       exit 0
       ;;
+    m) MAX_ATTEMPTS="${OPTARG}" ;;
     u) BASE_URL="${OPTARG}" ;;
     *) exit 2 ;;
   esac
@@ -36,8 +39,27 @@ if [ -z "$BASE_URL" ]; then
   exit 1
 fi
 
-curl -s -F "master_pwd=${ADMIN_PASSWORD}" \
-  -F "name=${DB_NAME}" "${BASE_URL}/web/database/drop"
-curl -s -F "master_pwd=${ADMIN_PASSWORD}" \
+status=1
+attempts=0
+
+while (( status != 0 )); do
+  curl -sL --fail "${BASE_URL}/web_editor/static/src/xml/ace.xml" > /dev/null
+  status="$?"
+  (( attempts += 1 ))
+
+  if (( status == 0 )); then
+    echo "INFO: Odoo is ready for a restore."
+  elif (( attempts > MAX_ATTEMPTS )); then
+    echo "ERROR: Odoo not ready on ${BASE_URL}"
+    exit 1
+  else
+    echo "WARNING: Odoo on ${BASE_URL} is not ready (attempt ${attempts} of ${MAX_ATTEMPTS})."
+    sleep 10
+  fi
+done
+
+curl -sL -F "master_pwd=${ADMIN_PASSWORD}" \
+  -F "name=${DB_NAME}" "${BASE_URL}/web/database/drop" > /dev/null
+curl --fail -sL -F "master_pwd=${ADMIN_PASSWORD}" \
   -F "backup_file=@${FILE_NAME}" -F 'copy=true' \
-  -F "name=${DB_NAME}" "${BASE_URL}/web/database/restore"
+  -F "name=${DB_NAME}" "${BASE_URL}/web/database/restore" > /dev/null

From 77a77e9665fa219b4ad4170b091e121d71c5ef7e Mon Sep 17 00:00:00 2001
From: Ben Dalling <b.dalling@cbdq.io>
Date: Sun, 24 Mar 2024 08:05:29 +0000
Subject: [PATCH 2/3] fix: dev: Correct image name for Trivvy update.

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index fc1a3ed..36d7454 100644
--- a/Makefile
+++ b/Makefile
@@ -34,4 +34,4 @@ trivy:
 	trivy image --ignore-unfixed odoo:latest
 
 update-trivy-ignore:
-	trivy image --format json --ignore-unfixed --severity HIGH,CRITICAL flyte:latest | jq -r '.Results[1].Vulnerabilities[].VulnerabilityID' | sort -u | tee .trivyignore
+	trivy image --format json --ignore-unfixed --severity HIGH,CRITICAL odoo:latest | jq -r '.Results[1].Vulnerabilities[].VulnerabilityID' | sort -u | tee .trivyignore

From c8fe5dc1e54eb1e15c048b6f7367264d0313a9a1 Mon Sep 17 00:00:00 2001
From: Ben Dalling <b.dalling@cbdq.io>
Date: Sun, 24 Mar 2024 08:06:19 +0000
Subject: [PATCH 3/3] fix: dev: Update allowed vulnerabilities list.

---
 .trivyignore | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 7ccd972..e69de29 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,20 +0,0 @@
-CVE-2018-1330
-CVE-2019-0205
-CVE-2020-13949
-CVE-2021-22569
-CVE-2021-22570
-CVE-2021-31684
-CVE-2022-25647
-CVE-2022-3509
-CVE-2022-3510
-CVE-2022-42003
-CVE-2022-42004
-CVE-2022-46337
-CVE-2022-46751
-CVE-2023-1370
-CVE-2023-39410
-CVE-2023-43642
-CVE-2023-44981
-CVE-2024-25710
-CVE-2024-26308
-GHSA-xpw8-rcwv-8f8p