From ce8d31bbb323471bf2a69427e4a645b3ce8a25c1 Mon Sep 17 00:00:00 2001 From: Vincent Batts Date: Fri, 12 Aug 2016 15:35:32 -0400 Subject: [PATCH] redhatrelease: override match for RHEL hosts Until https://github.com/coreos/clair/pull/193 is merged, having vulnerabilities that are tagged both rhel and centos would duplicate in the database or use a change that requires a migration. But presently due to the fetcher logic, the rhel provided vulnerabilities are labelled for centos, and then the namespace does not match and therefore not tested against. So until such a day that a vulnerability could have both rhel and centos label, then hack this in. It'll accomplish the same during this interim. Signed-off-by: Vincent Batts --- updater/fetchers/rhel/rhel.go | 1 + .../namespace/redhatrelease/redhatrelease.go | 22 +++++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/updater/fetchers/rhel/rhel.go b/updater/fetchers/rhel/rhel.go index 51f802d9..43d1d5fe 100644 --- a/updater/fetchers/rhel/rhel.go +++ b/updater/fetchers/rhel/rhel.go @@ -291,6 +291,7 @@ func toFeatureVersions(criteria criteria) []database.FeatureVersion { } if osVersion >= firstConsideredRHEL { + // TODO(vbatts) this is where features need multiple labels ('centos' and 'rhel') featureVersion.Feature.Namespace.Name = "centos" + ":" + strconv.Itoa(osVersion) } else { continue diff --git a/worker/detectors/namespace/redhatrelease/redhatrelease.go b/worker/detectors/namespace/redhatrelease/redhatrelease.go index a6569b07..91e236c7 100644 --- a/worker/detectors/namespace/redhatrelease/redhatrelease.go +++ b/worker/detectors/namespace/redhatrelease/redhatrelease.go @@ -20,9 +20,15 @@ import ( "github.com/coreos/clair/database" "github.com/coreos/clair/worker/detectors" + "github.com/coreos/pkg/capnslog" ) -var redhatReleaseRegexp = regexp.MustCompile(`(?P[^\s]*) (Linux release|release) (?P[\d]+)`) +var ( + log = capnslog.NewPackageLogger("github.com/coreos/clair", "worker/detectors/namespace/redhatrelease") + + centosReleaseRegexp = regexp.MustCompile(`(?P[^\s]*) (Linux release|release) (?P[\d]+)`) + redhatReleaseRegexp = regexp.MustCompile(`(?PRed Hat Enterprise Linux) (Client release|Server release|Workstation release) (?P[\d]+)`) +) // RedhatReleaseNamespaceDetector implements NamespaceDetector and detects the OS from the // /etc/centos-release, /etc/redhat-release and /etc/system-release files. @@ -31,6 +37,7 @@ var redhatReleaseRegexp = regexp.MustCompile(`(?P[^\s]*) (Linux release|rele // eg. CentOS release 5.11 (Final) // eg. CentOS release 6.6 (Final) // eg. CentOS Linux release 7.1.1503 (Core) +// eg. Red Hat Enterprise Linux Server release 7.2 (Maipo) type RedhatReleaseNamespaceDetector struct{} func init() { @@ -44,10 +51,21 @@ func (detector *RedhatReleaseNamespaceDetector) Detect(data map[string][]byte) * continue } - r := redhatReleaseRegexp.FindStringSubmatch(string(f)) + var r []string + + // try for RHEL + r = redhatReleaseRegexp.FindStringSubmatch(string(f)) + if len(r) == 4 { + // TODO(vbatts) this is a hack until https://github.com/coreos/clair/pull/193 + return &database.Namespace{Name: "centos" + ":" + r[3]} + } + + // then try centos first + r = centosReleaseRegexp.FindStringSubmatch(string(f)) if len(r) == 4 { return &database.Namespace{Name: strings.ToLower(r[1]) + ":" + r[3]} } + } return nil