Commit Graph

99 Commits

Author SHA1 Message Date
Jimmy Zelinskie
4491bedf2e database/pgsql: move token lib 2017-08-21 16:25:13 -04:00
Sida Chen
0151dbaef8 API: change api port to api addr, rename RunV2 to Run.
Fixes #446
2017-08-18 18:24:34 -04:00
Sida Chen
58022d97e3 api: renamed V2 API to V3 API for consistency. 2017-08-16 17:26:53 -04:00
Sida Chen
a378cb070c API: drop v1 api, changed v2 api for Clair v3. 2017-08-10 11:19:08 -04:00
Jimmy Zelinskie
6c9a131b09 Merge pull request #408 from KeyboardNerd/grpc
v2 api with gRPC and gRPC gateway
2017-06-30 17:33:57 -04:00
Sida Chen
c6f0eaa3c8 api: fix remote addr shows reverse proxy addr problem
Uses the first ip addr in X-forwarded-for as the client's remote addr if it exists
otherwise, fall back to use default http.Request.RemoteAddr
2017-06-16 10:08:58 -04:00
Sida Chen
a4edf38566 api: v2 api with gRPC and gRPC-gateway
Newly designed API defines Ancestry as a set of layers
and shrinked the api to only the most used apis:
post ancestry, get layer, get notification, delete notification

Fixes #98
2017-06-13 15:58:10 -04:00
Sida Chen
bffa6499b7 added support for detect multiple namespaces in a layer
created table layer_namespace to store the many to many unique mapping of layers and namespaces
changed v1 api to provide a list of namespaces for each layer
changed namespace detector to use all registered detectors to detect namespaces
updated tests for multiple namespaces

Fixes #150
2017-05-24 17:01:51 -04:00
Sida Chen
9306e99368 converted to structured logging by using logrus
changed from capnslog to logrus for logging JSON structured message.

finished issue #383
2017-05-04 13:59:57 -04:00
Kevin Burke
6a50bbb8b8
api: fix 404 error logging
The first value is an integer and the second value is a string and the
format string has these backwards, leading to %!s(int=404) appearing
in the logs instead of "404".
2017-04-03 16:08:18 -07:00
Jimmy Zelinskie
6a569fd945 move config to main / decentralize config
This puts config in its relevant location and moves functions around
loading config files into the main package.

As a side effect of removing cyclic imports for the API config, the
context library is no longer used.
2017-01-27 00:36:13 -05:00
Jimmy Zelinskie
889615276a clair: move worker to top level package 2017-01-26 18:24:04 -05:00
Jimmy Zelinskie
9c63a63944 clair: mv updater clair and mv severity to db 2017-01-22 23:20:56 -05:00
Jimmy Zelinskie
00e4f70972 pkg/stopper: init from utils.Stopper 2017-01-22 23:02:51 -05:00
Jimmy Zelinskie
e7f72ef5ad utils: rm prometheus.go 2017-01-22 23:02:51 -05:00
Jimmy Zelinskie
343e24eb7e clair: remove types package
This removes the `types` package instead moving the contents to the
top-level clair package.
This change also renames the `Priority` type to `Severity` in order to
reduce confusion.
This change also removes the IsValid method and replaces it with a safe
constructor to avoid the creation of invalid values.
Many docstrings were tweaked in the making of this commit.
2017-01-22 23:02:51 -05:00
Jimmy Zelinskie
78cef02fda pkg: cerrors -> commonerr 2017-01-22 23:02:50 -05:00
Jimmy Zelinskie
03bac0f1b6 pkg: utils/tar.go -> pkg/tarutil 2017-01-22 23:02:50 -05:00
Jimmy Zelinskie
ebd0170f5b api/v1: fix JSON struct tag misnomer 2017-01-03 15:59:51 -05:00
Jimmy Zelinskie
033709eaea add registerable version formats
Since we only ever used dpkg, this change shims everything into using
dpkg.
2016-12-30 12:51:24 -05:00
Jimmy Zelinskie
d4522e9c6e api/v1: indexed layers for notifications
This change deprecates the old LayersIntroducingVulnerability for a new
one that orders output and contains an Index. This index is not
guaranteed to be consistent across multiple notifications, despite the
current Postgres implementation using the primary key of Layer table.
2016-12-06 19:23:33 -05:00
Jimmy Zelinskie
eb6117c372 Merge pull request #235 from jzelinskie/doc-move
docs: move to standard Documentation dir
2016-09-06 15:08:08 -04:00
Jimmy Zelinskie
b45b625fc8 improve v1 api docs header legibility
GitHub has changed fonts and as a result h6s are extremely small.
2016-07-11 14:35:35 -04:00
Tobias Sarnowski
ad11393a28 Updated API documentation to reflect changes to authentication scheme. (#180)
With #167, the API was changed to provide a more generic way of how Clair can retrieve the layers from a registry. This change reflects it in the documentation.
2016-05-19 10:09:43 -04:00
Jimmy Zelinskie
53e62577bc api/worker: s/Authorization/Headers (#167)
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
2016-05-05 13:48:10 -04:00
Jimmy Zelinskie
9b5afc79ca api/worker: introduce optional authorization
This allows clients to specify the contents of the HTTP Authorization
header so that Clair can access protected resources.
2016-05-04 15:47:14 -04:00
Jimmy Zelinskie
7aa88690af api: WriteHeader on health endpoint
Fixes #141.
2016-04-19 12:17:13 -04:00
Jimmy Zelinskie
68250f392b api/v1: create namespace type
This change creates a struct type for namespaces rather than using a
string. This enables us to extend namespaces in the future to contain
metadata. This change also required renaming other field references of
namespaces to "NamespaceName".

Fixes #99
2016-03-16 15:28:59 -04:00
Quentin Machu
f14e4de4d8 api: fix anchor link in docs 2016-03-15 12:46:56 -04:00
liangchenye
1a863a06cf remove the useless pointer of NextPage field; check namespace notfound error
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-08 11:48:52 +08:00
liangchenye
27e5e42340 use tokenMarshal/unmarshal in page encoding
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:59:26 +08:00
liangchenye
48ffb2687a use encrypt page in listVuln api
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:07:07 +08:00
liangchenye
a541e964e0 New API: list vulnerabilities by namespace
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:07:07 +08:00
liangchenye
d47616a339 readme: make API description consistence
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-02-26 15:54:59 +08:00
Jimmy Zelinskie
af0ddceaa2 readme: s/notification/notifications 2016-02-25 15:52:21 -05:00
Jimmy Zelinskie
2140995a54 readme: clarify "marked as read" notifications 2016-02-25 13:49:24 -05:00
Jimmy Zelinskie
1557a27a8c Revert "v1: pagination now deterministic"
This reverts commit 24f329fea674e04c76f5e87c22eea1800e6bc413.

This was unnecessary.
2016-02-24 16:40:40 -05:00
Quentin Machu
3563cf9061 api: fix pagination token that's returned to match what has been passed 2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
4fd4049fee v1: update documented error codes 2016-02-24 16:40:40 -05:00
Quentin Machu
e78d076d02 api/worker: adjust error codes in postLayer 2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
452c32d7d7 v1: pagination now deterministic
The standard JSON encoding has no guarantee of the order of keys, thus
token values could differ, but still be equivalent.
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
dc431c22f3 v1: add readme 2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
771e35def0 v1: return object on PUT/POST
This change also improves error handling around InsertVulnerability.
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
c06df1affd v1: 200 on PUT 2016-02-24 16:40:40 -05:00
Quentin Machu
274a1620a5 api: log instead of panic when a response could not be marshaled
In order to avoid killing Clair when there is simply a broken pipe..
2016-02-24 16:40:40 -05:00
Quentin Machu
8d76700506 api: add call duration in logs 2016-02-24 16:40:40 -05:00
Quentin Machu
418ab08c4b api: adjust postLayer error codes
- return 422 when layer could not be analyzed (extraction failed or layer unsupported)
- return 404 if the parent is not found or the download path leads to a 404 page
2016-02-24 16:40:40 -05:00
Quentin Machu
f40f6a5ab6 api: add missing link field in vulnerability in getLayer 2016-02-24 16:39:25 -05:00
Quentin Machu
6d2eedf121 api/database: add the layer name that add each feature in getLayer 2016-02-24 16:39:25 -05:00
Quentin Machu
0e9a7e1740 api: close gzip writer to flush it 2016-02-24 16:36:45 -05:00