2018-08-30 19:09:24 +00:00
|
|
|
package v3
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/coreos/clair"
|
|
|
|
pb "github.com/coreos/clair/api/v3/clairpb"
|
|
|
|
"github.com/coreos/clair/database"
|
|
|
|
"github.com/golang/protobuf/ptypes"
|
2018-09-07 15:31:35 +00:00
|
|
|
"google.golang.org/grpc/codes"
|
|
|
|
"google.golang.org/grpc/status"
|
2018-08-30 19:09:24 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// GetClairStatus retrieves the current status of Clair and wrap it inside
|
|
|
|
// protobuf struct.
|
|
|
|
func GetClairStatus(store database.Datastore) (*pb.ClairStatus, error) {
|
|
|
|
status := &pb.ClairStatus{
|
2018-09-20 19:39:10 +00:00
|
|
|
Detectors: pb.DetectorsFromDatabaseModel(clair.EnabledDetectors),
|
2018-08-30 19:09:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
t, firstUpdate, err := clair.GetLastUpdateTime(store)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if firstUpdate {
|
|
|
|
return status, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
status.LastUpdateTime, err = ptypes.TimestampProto(t)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return status, nil
|
|
|
|
}
|
2018-09-07 15:31:35 +00:00
|
|
|
|
|
|
|
// GetPbAncestryLayer retrieves an ancestry layer with vulnerabilities and
|
|
|
|
// features in an ancestry based on the provided database layer.
|
2018-09-20 19:39:10 +00:00
|
|
|
func GetPbAncestryLayer(tx database.Session, layer database.AncestryLayer) (*pb.GetAncestryResponse_AncestryLayer, error) {
|
2018-09-07 15:31:35 +00:00
|
|
|
pbLayer := &pb.GetAncestryResponse_AncestryLayer{
|
|
|
|
Layer: &pb.Layer{
|
|
|
|
Hash: layer.Hash,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2018-09-20 19:39:10 +00:00
|
|
|
features := layer.GetFeatures()
|
|
|
|
affectedFeatures, err := tx.FindAffectedNamespacedFeatures(features)
|
|
|
|
if err != nil {
|
2018-09-07 15:31:35 +00:00
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
|
2018-09-12 20:41:45 +00:00
|
|
|
// NOTE(sidac): It's quite inefficient, but the easiest way to implement
|
|
|
|
// this feature for now, we should refactor the implementation if there's
|
|
|
|
// any performance issue. It's expected that the number of features is less
|
|
|
|
// than 1000.
|
|
|
|
for _, feature := range affectedFeatures {
|
2018-09-07 15:31:35 +00:00
|
|
|
if !feature.Valid {
|
|
|
|
return nil, status.Error(codes.Internal, "ancestry feature is not found")
|
|
|
|
}
|
|
|
|
|
2018-09-20 19:39:10 +00:00
|
|
|
for _, detectedFeature := range layer.Features {
|
|
|
|
if detectedFeature.NamespacedFeature != feature.NamespacedFeature {
|
|
|
|
continue
|
2018-09-07 15:31:35 +00:00
|
|
|
}
|
|
|
|
|
2018-09-20 19:39:10 +00:00
|
|
|
var (
|
|
|
|
pbFeature = pb.NamespacedFeatureFromDatabaseModel(detectedFeature)
|
|
|
|
pbVuln *pb.Vulnerability
|
|
|
|
err error
|
|
|
|
)
|
|
|
|
|
|
|
|
for _, vuln := range feature.AffectedBy {
|
|
|
|
if pbVuln, err = pb.VulnerabilityWithFixedInFromDatabaseModel(vuln); err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
2018-09-07 15:31:35 +00:00
|
|
|
|
2018-09-20 19:39:10 +00:00
|
|
|
pbFeature.Vulnerabilities = append(pbFeature.Vulnerabilities, pbVuln)
|
|
|
|
}
|
|
|
|
|
|
|
|
pbLayer.DetectedFeatures = append(pbLayer.DetectedFeatures, pbFeature)
|
|
|
|
}
|
2018-09-07 15:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return pbLayer, nil
|
|
|
|
}
|