2016-01-19 20:16:45 +00:00
|
|
|
// Copyright 2015 clair authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
package pgsql
|
|
|
|
|
|
|
|
import (
|
2016-01-12 15:40:46 +00:00
|
|
|
"database/sql"
|
2016-01-24 03:02:34 +00:00
|
|
|
"time"
|
2016-01-12 15:40:46 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
"github.com/coreos/clair/database"
|
2016-01-08 15:27:30 +00:00
|
|
|
cerrors "github.com/coreos/clair/utils/errors"
|
2015-12-28 20:03:29 +00:00
|
|
|
"github.com/coreos/clair/utils/types"
|
|
|
|
)
|
|
|
|
|
2016-01-08 15:27:30 +00:00
|
|
|
func (pgSQL *pgSQL) insertFeature(feature database.Feature) (int, error) {
|
2015-12-28 20:03:29 +00:00
|
|
|
if feature.Name == "" {
|
|
|
|
return 0, cerrors.NewBadRequestError("could not find/insert invalid Feature")
|
|
|
|
}
|
|
|
|
|
2016-01-24 03:02:34 +00:00
|
|
|
// Do cache lookup.
|
2015-12-28 20:03:29 +00:00
|
|
|
if pgSQL.cache != nil {
|
2016-03-22 08:30:43 +00:00
|
|
|
database.PromCacheQueriesTotal.WithLabelValues("feature").Inc()
|
2016-01-20 00:37:20 +00:00
|
|
|
id, found := pgSQL.cache.Get("feature:" + feature.Namespace.Name + ":" + feature.Name)
|
|
|
|
if found {
|
2016-03-22 08:30:43 +00:00
|
|
|
database.PromCacheHitsTotal.WithLabelValues("feature").Inc()
|
2015-12-28 20:03:29 +00:00
|
|
|
return id.(int), nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-03-22 08:30:43 +00:00
|
|
|
// We do `defer database.ObserveQueryTime` here because we don't want to observe cached features.
|
|
|
|
defer database.ObserveQueryTime("insertFeature", "all", time.Now())
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
// Find or create Namespace.
|
|
|
|
namespaceID, err := pgSQL.insertNamespace(feature.Namespace)
|
|
|
|
if err != nil {
|
2016-01-08 15:27:30 +00:00
|
|
|
return 0, err
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Find or create Feature.
|
2016-01-08 15:27:30 +00:00
|
|
|
var id int
|
2016-02-23 00:15:38 +00:00
|
|
|
err = pgSQL.QueryRow(soiFeature, feature.Name, namespaceID).Scan(&id)
|
2016-01-08 15:27:30 +00:00
|
|
|
if err != nil {
|
2016-02-23 00:15:38 +00:00
|
|
|
return 0, handleError("soiFeature", err)
|
2016-01-08 15:27:30 +00:00
|
|
|
}
|
2015-12-28 20:03:29 +00:00
|
|
|
|
|
|
|
if pgSQL.cache != nil {
|
2016-01-20 00:37:20 +00:00
|
|
|
pgSQL.cache.Add("feature:"+feature.Namespace.Name+":"+feature.Name, id)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
2016-01-08 15:27:30 +00:00
|
|
|
return id, nil
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (pgSQL *pgSQL) insertFeatureVersion(featureVersion database.FeatureVersion) (id int, err error) {
|
2016-01-08 15:27:30 +00:00
|
|
|
if featureVersion.Version.String() == "" {
|
|
|
|
return 0, cerrors.NewBadRequestError("could not find/insert invalid FeatureVersion")
|
|
|
|
}
|
2015-12-28 20:03:29 +00:00
|
|
|
|
2016-01-24 03:02:34 +00:00
|
|
|
// Do cache lookup.
|
2016-01-27 21:49:22 +00:00
|
|
|
cacheIndex := "featureversion:" + featureVersion.Feature.Namespace.Name + ":" + featureVersion.Feature.Name + ":" + featureVersion.Version.String()
|
2016-01-08 15:27:30 +00:00
|
|
|
if pgSQL.cache != nil {
|
2016-03-22 08:30:43 +00:00
|
|
|
database.PromCacheQueriesTotal.WithLabelValues("featureversion").Inc()
|
2016-01-27 21:49:22 +00:00
|
|
|
id, found := pgSQL.cache.Get(cacheIndex)
|
2016-01-20 00:37:20 +00:00
|
|
|
if found {
|
2016-03-22 08:30:43 +00:00
|
|
|
database.PromCacheHitsTotal.WithLabelValues("featureversion").Inc()
|
2015-12-28 20:03:29 +00:00
|
|
|
return id.(int), nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-03-22 08:30:43 +00:00
|
|
|
// We do `defer database.ObserveQueryTime` here because we don't want to observe cached featureversions.
|
|
|
|
defer database.ObserveQueryTime("insertFeatureVersion", "all", time.Now())
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
// Find or create Feature first.
|
2016-01-24 03:02:34 +00:00
|
|
|
t := time.Now()
|
2015-12-28 20:03:29 +00:00
|
|
|
featureID, err := pgSQL.insertFeature(featureVersion.Feature)
|
2016-03-22 08:30:43 +00:00
|
|
|
database.ObserveQueryTime("insertFeatureVersion", "insertFeature", t)
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
if err != nil {
|
2016-01-08 15:27:30 +00:00
|
|
|
return 0, err
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
featureVersion.Feature.ID = featureID
|
2015-12-28 20:03:29 +00:00
|
|
|
|
2016-03-03 19:15:06 +00:00
|
|
|
// Try to find the FeatureVersion.
|
|
|
|
//
|
|
|
|
// In a populated database, the likelihood of the FeatureVersion already being there is high.
|
|
|
|
// If we can find it here, we then avoid using a transaction and locking the database.
|
|
|
|
err = pgSQL.QueryRow(searchFeatureVersion, featureID, &featureVersion.Version).
|
|
|
|
Scan(&featureVersion.ID)
|
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
return 0, handleError("searchFeatureVersion", err)
|
|
|
|
}
|
|
|
|
if err == nil {
|
|
|
|
if pgSQL.cache != nil {
|
|
|
|
pgSQL.cache.Add(cacheIndex, featureVersion.ID)
|
|
|
|
}
|
|
|
|
|
|
|
|
return featureVersion.ID, nil
|
|
|
|
}
|
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
// Begin transaction.
|
|
|
|
tx, err := pgSQL.Begin()
|
|
|
|
if err != nil {
|
|
|
|
tx.Rollback()
|
2016-01-08 16:17:32 +00:00
|
|
|
return 0, handleError("insertFeatureVersion.Begin()", err)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
2016-01-24 03:02:34 +00:00
|
|
|
// Lock Vulnerability_Affects_FeatureVersion exclusively.
|
|
|
|
// We want to prevent InsertVulnerability to modify it.
|
2016-03-22 08:30:43 +00:00
|
|
|
database.PromConcurrentLockVAFV.Inc()
|
|
|
|
defer database.PromConcurrentLockVAFV.Dec()
|
2016-01-27 21:49:22 +00:00
|
|
|
t = time.Now()
|
2016-02-23 00:15:38 +00:00
|
|
|
_, err = tx.Exec(lockVulnerabilityAffects)
|
2016-03-22 08:30:43 +00:00
|
|
|
database.ObserveQueryTime("insertFeatureVersion", "lock", t)
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
if err != nil {
|
|
|
|
tx.Rollback()
|
2016-02-23 00:15:38 +00:00
|
|
|
return 0, handleError("insertFeatureVersion.lockVulnerabilityAffects", err)
|
2016-01-12 15:40:46 +00:00
|
|
|
}
|
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
// Find or create FeatureVersion.
|
|
|
|
var newOrExisting string
|
2016-01-24 03:02:34 +00:00
|
|
|
|
|
|
|
t = time.Now()
|
2016-02-23 00:15:38 +00:00
|
|
|
err = tx.QueryRow(soiFeatureVersion, featureID, &featureVersion.Version).
|
2015-12-28 20:03:29 +00:00
|
|
|
Scan(&newOrExisting, &featureVersion.ID)
|
2016-03-22 08:30:43 +00:00
|
|
|
database.ObserveQueryTime("insertFeatureVersion", "soiFeatureVersion", t)
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
if err != nil {
|
|
|
|
tx.Rollback()
|
2016-02-23 00:15:38 +00:00
|
|
|
return 0, handleError("soiFeatureVersion", err)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
if newOrExisting == "exi" {
|
|
|
|
// That featureVersion already exists, return its id.
|
2016-01-15 20:22:52 +00:00
|
|
|
tx.Commit()
|
2016-01-28 16:29:29 +00:00
|
|
|
|
|
|
|
if pgSQL.cache != nil {
|
|
|
|
pgSQL.cache.Add(cacheIndex, featureVersion.ID)
|
|
|
|
}
|
|
|
|
|
2015-12-28 20:03:29 +00:00
|
|
|
return featureVersion.ID, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Link the new FeatureVersion with every vulnerabilities that affect it, by inserting in
|
|
|
|
// Vulnerability_Affects_FeatureVersion.
|
2016-01-24 03:02:34 +00:00
|
|
|
t = time.Now()
|
2016-01-12 15:40:46 +00:00
|
|
|
err = linkFeatureVersionToVulnerabilities(tx, featureVersion)
|
2016-03-22 08:30:43 +00:00
|
|
|
database.ObserveQueryTime("insertFeatureVersion", "linkFeatureVersionToVulnerabilities", t)
|
2016-01-24 03:02:34 +00:00
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
if err != nil {
|
2016-01-15 20:22:52 +00:00
|
|
|
tx.Rollback()
|
2016-01-12 15:40:46 +00:00
|
|
|
return 0, err
|
|
|
|
}
|
2015-12-28 20:03:29 +00:00
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
// Commit transaction.
|
|
|
|
err = tx.Commit()
|
2015-12-28 20:03:29 +00:00
|
|
|
if err != nil {
|
2016-01-12 15:40:46 +00:00
|
|
|
return 0, handleError("insertFeatureVersion.Commit()", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if pgSQL.cache != nil {
|
2016-01-27 21:49:22 +00:00
|
|
|
pgSQL.cache.Add(cacheIndex, featureVersion.ID)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
return featureVersion.ID, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO(Quentin-M): Batch me
|
|
|
|
func (pgSQL *pgSQL) insertFeatureVersions(featureVersions []database.FeatureVersion) ([]int, error) {
|
|
|
|
IDs := make([]int, 0, len(featureVersions))
|
|
|
|
|
|
|
|
for i := 0; i < len(featureVersions); i++ {
|
|
|
|
id, err := pgSQL.insertFeatureVersion(featureVersions[i])
|
|
|
|
if err != nil {
|
|
|
|
return IDs, err
|
|
|
|
}
|
|
|
|
IDs = append(IDs, id)
|
|
|
|
}
|
|
|
|
|
|
|
|
return IDs, nil
|
|
|
|
}
|
|
|
|
|
2016-01-15 20:22:52 +00:00
|
|
|
type vulnerabilityAffectsFeatureVersion struct {
|
|
|
|
vulnerabilityID int
|
|
|
|
fixedInID int
|
|
|
|
fixedInVersion types.Version
|
|
|
|
}
|
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
func linkFeatureVersionToVulnerabilities(tx *sql.Tx, featureVersion database.FeatureVersion) error {
|
2015-12-28 20:03:29 +00:00
|
|
|
// Select every vulnerability and the fixed version that affect this Feature.
|
2016-01-12 15:40:46 +00:00
|
|
|
// TODO(Quentin-M): LIMIT
|
2016-02-23 00:15:38 +00:00
|
|
|
rows, err := tx.Query(searchVulnerabilityFixedInFeature, featureVersion.Feature.ID)
|
2015-12-28 20:03:29 +00:00
|
|
|
if err != nil {
|
2016-02-23 00:15:38 +00:00
|
|
|
return handleError("searchVulnerabilityFixedInFeature", err)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
defer rows.Close()
|
|
|
|
|
2016-01-15 20:22:52 +00:00
|
|
|
var affects []vulnerabilityAffectsFeatureVersion
|
2015-12-28 20:03:29 +00:00
|
|
|
for rows.Next() {
|
2016-01-15 20:22:52 +00:00
|
|
|
var affect vulnerabilityAffectsFeatureVersion
|
|
|
|
|
|
|
|
err := rows.Scan(&affect.fixedInID, &affect.vulnerabilityID, &affect.fixedInVersion)
|
2015-12-28 20:03:29 +00:00
|
|
|
if err != nil {
|
2016-02-23 00:15:38 +00:00
|
|
|
return handleError("searchVulnerabilityFixedInFeature.Scan()", err)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
|
2016-01-15 20:22:52 +00:00
|
|
|
if featureVersion.Version.Compare(affect.fixedInVersion) < 0 {
|
2015-12-28 20:03:29 +00:00
|
|
|
// The version of the FeatureVersion we are inserting is lower than the fixed version on this
|
|
|
|
// Vulnerability, thus, this FeatureVersion is affected by it.
|
2016-01-15 20:22:52 +00:00
|
|
|
affects = append(affects, affect)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
|
|
|
}
|
2016-01-08 16:17:32 +00:00
|
|
|
if err = rows.Err(); err != nil {
|
2016-02-23 00:15:38 +00:00
|
|
|
return handleError("searchVulnerabilityFixedInFeature.Rows()", err)
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|
2016-01-15 20:22:52 +00:00
|
|
|
rows.Close()
|
|
|
|
|
|
|
|
// Insert into Vulnerability_Affects_FeatureVersion.
|
|
|
|
for _, affect := range affects {
|
2016-01-18 23:52:16 +00:00
|
|
|
// TODO(Quentin-M): Batch me.
|
2016-02-23 00:15:38 +00:00
|
|
|
_, err := tx.Exec(insertVulnerabilityAffectsFeatureVersion, affect.vulnerabilityID,
|
2016-01-15 20:22:52 +00:00
|
|
|
featureVersion.ID, affect.fixedInID)
|
|
|
|
if err != nil {
|
2016-02-23 00:15:38 +00:00
|
|
|
return handleError("insertVulnerabilityAffectsFeatureVersion", err)
|
2016-01-15 20:22:52 +00:00
|
|
|
}
|
|
|
|
}
|
2015-12-28 20:03:29 +00:00
|
|
|
|
2016-01-12 15:40:46 +00:00
|
|
|
return nil
|
2015-12-28 20:03:29 +00:00
|
|
|
}
|