2017-01-04 02:44:32 +00:00
|
|
|
// Copyright 2017 clair authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
// Package vulnsrc exposes functions to dynamically register vulnerability
|
|
|
|
// sources used to update a Clair database.
|
|
|
|
package vulnsrc
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
2017-01-13 07:33:19 +00:00
|
|
|
"sync"
|
2017-01-04 02:44:32 +00:00
|
|
|
|
|
|
|
"github.com/coreos/clair/database"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// ErrFilesystem is returned when a fetcher fails to interact with the local filesystem.
|
|
|
|
ErrFilesystem = errors.New("vulnsrc: something went wrong when interacting with the fs")
|
|
|
|
|
|
|
|
// ErrGitFailure is returned when a fetcher fails to interact with git.
|
|
|
|
ErrGitFailure = errors.New("vulnsrc: something went wrong when interacting with git")
|
2017-01-13 07:33:19 +00:00
|
|
|
|
|
|
|
updatersM sync.RWMutex
|
|
|
|
updaters = make(map[string]Updater)
|
2017-01-04 02:44:32 +00:00
|
|
|
)
|
|
|
|
|
2017-01-13 07:33:19 +00:00
|
|
|
// UpdateResponse represents the sum of results of an update.
|
|
|
|
type UpdateResponse struct {
|
|
|
|
FlagName string
|
|
|
|
FlagValue string
|
|
|
|
Notes []string
|
2017-07-26 23:22:29 +00:00
|
|
|
Vulnerabilities []database.VulnerabilityWithAffected
|
2017-01-13 07:33:19 +00:00
|
|
|
}
|
|
|
|
|
2017-07-26 23:22:29 +00:00
|
|
|
// Updater represents anything that can fetch vulnerabilities.
|
2017-01-04 02:44:32 +00:00
|
|
|
type Updater interface {
|
|
|
|
// Update gets vulnerability updates.
|
|
|
|
Update(database.Datastore) (UpdateResponse, error)
|
|
|
|
|
|
|
|
// Clean deletes any allocated resources.
|
|
|
|
// It is invoked when Clair stops.
|
|
|
|
Clean()
|
2017-08-31 07:17:12 +00:00
|
|
|
|
|
|
|
// Sets the source of vulnerability data to be used by the updater
|
|
|
|
SetSourceUrl(string)
|
2017-01-04 02:44:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// RegisterUpdater makes an Updater available by the provided name.
|
|
|
|
//
|
2017-01-13 07:33:19 +00:00
|
|
|
// If called twice with the same name, the name is blank, or if the provided
|
|
|
|
// Updater is nil, this function panics.
|
2017-01-04 02:44:32 +00:00
|
|
|
func RegisterUpdater(name string, u Updater) {
|
|
|
|
if name == "" {
|
|
|
|
panic("vulnsrc: could not register an Updater with an empty name")
|
|
|
|
}
|
|
|
|
|
|
|
|
if u == nil {
|
|
|
|
panic("vulnsrc: could not register a nil Updater")
|
|
|
|
}
|
|
|
|
|
2017-01-13 07:33:19 +00:00
|
|
|
updatersM.Lock()
|
|
|
|
defer updatersM.Unlock()
|
|
|
|
|
|
|
|
if _, dup := updaters[name]; dup {
|
2017-01-04 02:44:32 +00:00
|
|
|
panic("vulnsrc: RegisterUpdater called twice for " + name)
|
|
|
|
}
|
|
|
|
|
2017-01-13 07:33:19 +00:00
|
|
|
updaters[name] = u
|
|
|
|
}
|
|
|
|
|
|
|
|
// Updaters returns the list of the registered Updaters.
|
|
|
|
func Updaters() map[string]Updater {
|
|
|
|
updatersM.RLock()
|
|
|
|
defer updatersM.RUnlock()
|
|
|
|
|
|
|
|
ret := make(map[string]Updater)
|
|
|
|
for k, v := range updaters {
|
|
|
|
ret[k] = v
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret
|
2017-01-04 02:44:32 +00:00
|
|
|
}
|
2017-07-26 23:22:29 +00:00
|
|
|
|
|
|
|
// ListUpdaters returns the names of registered vulnerability updaters.
|
|
|
|
func ListUpdaters() []string {
|
|
|
|
r := []string{}
|
|
|
|
for u := range updaters {
|
|
|
|
r = append(r, u)
|
|
|
|
}
|
|
|
|
return r
|
|
|
|
}
|