Commit Graph

22 Commits

Author SHA1 Message Date
Vincent Batts
ce8d31bbb3 redhatrelease: override match for RHEL hosts
Until https://github.com/coreos/clair/pull/193 is merged, having
vulnerabilities that are tagged both rhel and centos would duplicate in
the database or use a change that requires a migration.

But presently due to the fetcher logic, the rhel provided
vulnerabilities are labelled for centos, and then the namespace does not
match and therefore not tested against.

So until such a day that a vulnerability could have both rhel and centos
label, then hack this in. It'll accomplish the same during this interim.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:35:32 -04:00
Vincent Batts
d88f797821 osrelease-detector: avoid colliding with other detectors
Due to the detector registration and fact that their in a non-ordered
map, it is random whether the osrelease or redhatrelease detector would
hit. And likely resulted in alternately formatted namespace strings.

This change causes the osrelease to not detect when data has
centos-release or redhat-release, which is not _great_ because if the
redhatrelease detector is not compiled in, then that would not be a
fallback that the osrelease detector could rely on. :-\

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:32:12 -04:00
Vincent Batts
c28d2b3a66 namespace: add debug output
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:31:44 -04:00
Quentin Machu
836d37b275 *: use path/filepath instead of path 2016-05-20 12:01:31 -05:00
Jimmy Zelinskie
53e62577bc api/worker: s/Authorization/Headers (#167)
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
2016-05-05 13:48:10 -04:00
Jimmy Zelinskie
9b5afc79ca api/worker: introduce optional authorization
This allows clients to specify the contents of the HTTP Authorization
header so that Clair can access protected resources.
2016-05-04 15:47:14 -04:00
Jimmy Zelinskie
500fc4e407 various: gofmt -s 2016-02-24 19:29:36 -05:00
Quentin Machu
e78d076d02 api/worker: adjust error codes in postLayer 2016-02-24 16:40:40 -05:00
Quentin Machu
bae5a5e3ad worker: remove duplicated tests 2016-02-24 16:40:40 -05:00
Quentin Machu
418ab08c4b api: adjust postLayer error codes
- return 422 when layer could not be analyzed (extraction failed or layer unsupported)
- return 404 if the parent is not found or the download path leads to a 404 page
2016-02-24 16:40:40 -05:00
Quentin Machu
c2605e0bf2 worker: verify download status code 2016-02-24 16:36:45 -05:00
Quentin Machu
41736e4600 worker: DetectData should return an error if the supported detector failed 2016-02-24 16:36:45 -05:00
Quentin Machu
90fe137de8 worker: move each data detector to their own packages and remove image format whitelist 2016-02-24 16:34:54 -05:00
Quentin Machu
4bdbd5e6db *: fix several tests 2016-02-24 16:34:54 -05:00
Quentin Machu
34842fd8f7 worker: fix dpkg detector and adapt tests 2016-02-24 16:34:54 -05:00
Quentin Machu
85fa3f9a38 updater/worker: adapt several tests 2016-02-24 16:34:54 -05:00
Quentin Machu
2c150b015e *: refactor & do initial work towards PostgreSQL implementation 2016-02-24 16:32:21 -05:00
Quentin Machu
343ce39865 worker: detect the status code when downloading a layer and expect 2XX. 2016-02-09 16:55:56 -05:00
Liang Chenye
41509ccd3e add imageFormt to API.md; add xz to Dockerfile; fix bugs
Signed-off-by: Liang Chenye <liangchenye@huawei.com>
2015-12-15 20:29:53 -08:00
liangchenye
354c4b3672 always trim './'
Signed-off-by: liangchenye <liangchenye@huawei.com>
2015-12-15 11:34:22 +08:00
liangchenye
b1775ed3dc add data detector to support ACI and other format in the future
Signed-off-by: liangchenye <liangchenye@huawei.com>
2015-12-11 19:37:25 +08:00
Quentin Machu
3ec262dd51 Initial commit 2015-11-13 14:11:28 -05:00