Commit Graph

647 Commits

Author SHA1 Message Date
Sida Chen
0151dbaef8 API: change api port to api addr, rename RunV2 to Run.
Fixes #446
2017-08-18 18:24:34 -04:00
Jimmy Zelinskie
d5b987440a Merge pull request #448 from jzelinskie/woops
README: fix IRC copypasta
2017-08-18 13:43:26 -04:00
Jimmy Zelinskie
6c3b398607 README: fix IRC copypasta 2017-08-18 13:41:26 -04:00
Jimmy Zelinskie
9fd691ac9e Merge pull request #444 from jzelinskie/docs-refresh
spring cleaning
2017-08-17 20:37:02 -04:00
Jimmy Zelinskie
033cae7d35 *: regenerate bill of materials 2017-08-17 16:20:19 -04:00
Jimmy Zelinskie
ac1cdd03c9 contrib: move grafana and compose here 2017-08-17 16:11:11 -04:00
Jimmy Zelinskie
1f5bc26320 *: rename example config 2017-08-17 16:09:04 -04:00
Jimmy Zelinskie
3f91bd2a9b docs: turn README into full articles 2017-08-17 16:04:02 -04:00
Jimmy Zelinskie
6663bcef27 Merge pull request #432 from KeyboardNerd/ancestry_
gRPC API & internals redesign
2017-08-17 13:07:19 -04:00
Sida Chen
58022d97e3 api: renamed V2 API to V3 API for consistency. 2017-08-16 17:26:53 -04:00
Sida Chen
57a4f97780 pgSQL: fixed invalidating vulnerability cache query. 2017-08-14 16:14:55 -04:00
Sida Chen
a5c6400065 database: postgres implementation with tests. 2017-08-10 11:25:29 -04:00
Sida Chen
fb32dcfa58 Clair Logic, Extensions: updated mock tests, extensions, basic logic
Main Clair logic is changed in worker, updater, notifier for better adapting
ancestry schema. Extensions are updated with the new model and feature lister
 and namespace detector drivers are able to specify the specific listers and
detectors used to process layer's content. InRange and GetFixedIn interfaces
are added to Version format for adapting ranged affected features and next
available fixed in in the future. Tests for worker, updater and extensions
are fixed.
2017-08-10 11:24:40 -04:00
Sida Chen
57b146d0d8 Datastore: updated for Clair V3, decoupled interfaces and models 2017-08-10 11:22:44 -04:00
Sida Chen
a378cb070c API: drop v1 api, changed v2 api for Clair v3. 2017-08-10 11:19:08 -04:00
Jimmy Zelinskie
2f08cf52f6 Merge pull request #442 from arminc/add-integration-clari-scanner
Adding 'clair-scanner' cli tool as one of integration tools
2017-08-07 18:52:16 -04:00
Armin
865b92da04 Fix the confusing text 2017-08-07 17:24:42 +02:00
Armin
ebc6bff36e Adding clair-scanner as an integration tool 2017-08-06 13:56:50 +02:00
Jimmy Zelinskie
71cce52d3f Merge pull request #433 from mssola/portus-integration
Added Portus integration
2017-07-18 10:43:49 -04:00
Miquel Sabaté Solà
30ced21b74 Added Portus integration
Since SUSE/Portus#1289 got merged, Portus now integrates security
scanners in order to fetch vulnerabilities for the images stored in the
on-premise Docker registry. CoreOS Clair is a supported backend, so you
can now use Clair for this. This is all explained in the documentation:

  http://port.us.org/features/6_security_scanning.html

Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
2017-07-18 13:15:46 +02:00
Jimmy Zelinskie
6c9a131b09 Merge pull request #408 from KeyboardNerd/grpc
v2 api with gRPC and gRPC gateway
2017-06-30 17:33:57 -04:00
Jimmy Zelinskie
74edd854ee Merge pull request #423 from jzelinskie/sleep-updater
updater: sleep before continuing the lock loop
2017-06-29 15:59:10 -04:00
Jimmy Zelinskie
0d18a629ca updater: sleep before continuing the lock loop
This change makes the updater sleep for a small portion of time before
it continues to try and obtain a lock for running the updates. This will
prevent the CPU from being pinned in the case where an error is
consistently failing an update.

Fixes #415.
2017-06-28 17:13:27 -04:00
Jimmy Zelinskie
04847a016d Merge pull request #418 from KeyboardNerd/multiplens
use namespace's versionfmt to specify listers scanning features
2017-06-28 13:53:21 -04:00
Sida Chen
9561d623c2 featurefmt: use namespace's versionfmt to specify listers
use namespace's versionfmt to specify listers used to scan features
the content detection functions are changed accordingly in worker
2017-06-22 15:36:07 -04:00
Sida Chen
50437f32a1 featurens: fix detecting duplicated namespaces problem 2017-06-22 11:41:18 -04:00
Jimmy Zelinskie
33c623427f Merge pull request #410 from KeyboardNerd/xforward
api: fix remote addr shows reverse proxy addr problem
2017-06-21 15:59:40 -04:00
Jimmy Zelinskie
6e8d52d020 Merge pull request #416 from tianon/debian-buster
Add Debian Buster (10) and update "*stable" aliases
2017-06-19 11:43:18 -04:00
Tianon Gravi
de271820a8 Add Debian Buster (10) and update "*stable" aliases
See https://lists.debian.org/debian-announce/2017/msg00003.html for the
official release announcement for Debian Stretch.
2017-06-19 07:54:51 -07:00
Sida Chen
c6f0eaa3c8 api: fix remote addr shows reverse proxy addr problem
Uses the first ip addr in X-forwarded-for as the client's remote addr if it exists
otherwise, fall back to use default http.Request.RemoteAddr
2017-06-16 10:08:58 -04:00
Sida Chen
1533dd1d51 vendor: updated vendor dir for grpc v2 api 2017-06-13 15:58:11 -04:00
Sida Chen
a4edf38566 api: v2 api with gRPC and gRPC-gateway
Newly designed API defines Ancestry as a set of layers
and shrinked the api to only the most used apis:
post ancestry, get layer, get notification, delete notification

Fixes #98
2017-06-13 15:58:10 -04:00
Jimmy Zelinskie
fec86b6211 Merge pull request #413 from transcedentalia/master
Fixing the always database revision 0 for Ubuntu
2017-06-12 11:13:59 -04:00
alinar
d4a967e6e6 Fixing always revision 0 for ubuntu 2017-06-07 12:37:24 +01:00
Jimmy Zelinskie
ce162f5524 Merge pull request #403 from KeyboardNerd/multiplens
worker: fixed duplicated ns and ns not inherited bug
2017-06-05 13:32:48 -07:00
Sida Chen
f0e21df783 worker: fixed duplicated ns and ns not inherited bug 2017-06-05 10:45:11 -04:00
Jimmy Zelinskie
044425ec07 Merge pull request #407 from swestcott/kubernetes-config-fix
Updated Kubernetes config with new db connection string config
2017-06-02 17:40:15 -07:00
Simon Westcott
303bc9800a Updated Kubernetes config with new db connection string config 2017-06-01 23:51:46 +01:00
Jimmy Zelinskie
abd7d2e013 Merge pull request #394 from KeyboardNerd/multiplens
added support for detecting multiple namespaces in a layer
2017-05-24 17:22:08 -04:00
Sida Chen
75d5d40d79 featurens: added multiple namespace testing for namespace detector 2017-05-24 17:18:11 -04:00
Sida Chen
bffa6499b7 added support for detect multiple namespaces in a layer
created table layer_namespace to store the many to many unique mapping of layers and namespaces
changed v1 api to provide a list of namespaces for each layer
changed namespace detector to use all registered detectors to detect namespaces
updated tests for multiple namespaces

Fixes #150
2017-05-24 17:01:51 -04:00
Jimmy Zelinskie
c2d8aec157 Merge pull request #382 from caipre/patch-1
pgsql: Change layer name column data type
2017-05-19 20:07:53 -04:00
Nick Platt
aea74550e1 pgsql: Expand layer, namespace column widths
Presently the layer and namespace tables use type `varchar(128)` for
their respective name columns. For layer, this width works fine enough
using the sha256 digests provided by docker. However, if one wishes to
encode the image name into the layer  name (eg, to avoid collisions like
in [0]), the limit of 128 bytes starts to feel a bit cramped. Bump to
256 bytes, since that "ought to be enough for anybody." (TM)

[0]: https://github.com/coreos/clair/issues/319
2017-05-19 18:22:04 -04:00
Jimmy Zelinskie
f2f213470b Merge pull request #395 from knqyf263/handle_tilde
versionfmt/rpm: handle a tilde correctly
2017-05-15 14:52:31 -04:00
knqyf263
db8a133d21 versionfmt/rpm: handle a tilde correctly 2017-05-14 19:18:57 +09:00
Jimmy Zelinskie
8816aedb68 Merge pull request #392 from jzelinskie/https-sec-db
ext/vulnsrc/alpine: use HTTPS
2017-05-11 15:31:13 -04:00
Jimmy Zelinskie
0891bbac00 ext/vulnsrc/alpine: use HTTPS 2017-05-11 15:18:37 -04:00
Jimmy Zelinskie
1119fdfea6 Merge pull request #390 from KeyboardNerd/fernet
cmd: make pagination key error clearer
2017-05-09 18:59:10 -04:00
Sida Chen
0342a2a3e5 cmd: make pagination key error clearer 2017-05-09 15:13:42 -04:00
Jimmy Zelinskie
d07183ee74 Merge pull request #389 from jzelinskie/revendor
Regenerate vendor redirectory
2017-05-08 16:26:37 -04:00