Until https://github.com/coreos/clair/pull/193 is merged, having
vulnerabilities that are tagged both rhel and centos would duplicate in
the database or use a change that requires a migration.
But presently due to the fetcher logic, the rhel provided
vulnerabilities are labelled for centos, and then the namespace does not
match and therefore not tested against.
So until such a day that a vulnerability could have both rhel and centos
label, then hack this in. It'll accomplish the same during this interim.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
Due to the detector registration and fact that their in a non-ordered
map, it is random whether the osrelease or redhatrelease detector would
hit. And likely resulted in alternately formatted namespace strings.
This change causes the osrelease to not detect when data has
centos-release or redhat-release, which is not _great_ because if the
redhatrelease detector is not compiled in, then that would not be a
fallback that the osrelease detector could rely on. :-\
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
The RHEL updater currently ignores vulnerabilities for CentOS <= 5.
s the naming of the constant firstConsideredRHEL suggests it, it
should actually considers CentOS 5 and ignores CentOS < 5.
Fixes#215
By deleting an Ubuntu repository that may be in a bad state,
Clair will eventually be able to perform the update, instead of retrying naively.
Fixes#169
When opening the URL in the browser the section about "Connection Strings" is directly displayed. This way there's no need to scroll to it. (Also use HTTPS)
This change enables the query planner to wait and sort the result set of
our query rather than attempting to re-use the layer table's index for
the ORDER BY clause. Because the result set is always small, this makes
queries that were previous tens of seconds, now tens of milliseconds.
With #167, the API was changed to provide a more generic way of how Clair can retrieve the layers from a registry. This change reflects it in the documentation.
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
* config: not properly loaded error
When a wrong config file was used, it result in a panic.
Adding some check condition to validate the Unmarshaled configuration
before using it
fixes#134
* check if datasource is set
* move error locally instead of utils/errors