Quentin Machu
06531e01c5
database: disable hash/merge joins in FindLayer
...
Our experiments have shown that PostgreSQL 9.4 makes bad
planning decisions about:
- joining the layer tree to feature versions and feature
- joining the feature versions to affected/fixed feature version and vulnerabilities
It would for instance do a merge join between affected feature versions (300 rows, estimated
3000 rows) and fixed in feature version (100k rows). In this case, it is much more
preferred to use a nested loop.
2016-02-24 16:40:40 -05:00
Quentin Machu
18f2d7e672
database: modify join table in FindLayer to reduce cost by 3.5x
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
c61eebafdf
README: move diagram to architecture section
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
6e196e416d
README: add diagram & custom data sources
2016-02-24 16:40:40 -05:00
Quentin Machu
bae5a5e3ad
worker: remove duplicated tests
2016-02-24 16:40:40 -05:00
Quentin Machu
418ab08c4b
api: adjust postLayer error codes
...
- return 422 when layer could not be analyzed (extraction failed or layer unsupported)
- return 404 if the parent is not found or the download path leads to a 404 page
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
4f4dbd5b61
reboot README
2016-02-24 16:40:40 -05:00
Quentin Machu
f40f6a5ab6
api: add missing link field in vulnerability in getLayer
2016-02-24 16:39:25 -05:00
Quentin Machu
6d2eedf121
api/database: add the layer name that add each feature in getLayer
2016-02-24 16:39:25 -05:00
Quentin Machu
6b23520710
Dockerfile: remove useless volume
2016-02-24 16:39:25 -05:00
liangchenye
9bad9be19b
update analyze-local-image with new API
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-02-24 16:39:25 -05:00
Quentin Machu
16a652fa47
*: refresh godeps
2016-02-24 16:36:45 -05:00
Quentin Machu
b5d8f9952e
database: fix notification test (wrong signature)
2016-02-24 16:36:45 -05:00
Quentin Machu
45ed80df1b
updater: remove useless error
2016-02-24 16:36:45 -05:00
Quentin Machu
0e9a7e1740
api: close gzip writer to flush it
2016-02-24 16:36:45 -05:00
Quentin Machu
c2605e0bf2
worker: verify download status code
2016-02-24 16:36:45 -05:00
Quentin Machu
f0816d2c4d
database: add docs about the interface
2016-02-24 16:36:45 -05:00
Quentin Machu
db974ae722
api: fix postLayer response headers
2016-02-24 16:36:45 -05:00
Quentin Machu
41736e4600
worker: DetectData should return an error if the supported detector failed
2016-02-24 16:36:45 -05:00
Quentin Machu
4478f40ef1
notifier: fix notifier error handling and improve web hook error message
2016-02-24 16:36:45 -05:00
Quentin Machu
2126259c99
updater: use a better link for Ubuntu vulnerabilities and rename some constants
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
6f02119c56
api: add bad requests to insert layer
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
ca2b0ccfcb
api: support gzip responses
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
c7aa7c4db4
api: reorder constants and add comments
2016-02-24 16:36:45 -05:00
Quentin Machu
98ed041956
worker: remove double error
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
4516d6fd73
api: make postLayer returns a Layer
2016-02-24 16:36:45 -05:00
Quentin Machu
4f0f8136c0
prometheus: fix grafana's updater notes graph
2016-02-24 16:36:45 -05:00
Quentin Machu
d3b14106a9
database: ignore insertLayer collisions to make it truly idempotent
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
d19a4348df
api: implement fernet encryption of pagination tokens
2016-02-24 16:36:45 -05:00
Quentin Machu
b8c534cd0d
api: fix putVulnerability (fill missing Namespace.Name and Name fields)
2016-02-24 16:36:45 -05:00
Quentin Machu
c2061dc69e
api: fix negative timestamps in notifications
2016-02-24 16:36:45 -05:00
Quentin Machu
e3a25e5368
database: ignore min versions during new vulnerability insertions
2016-02-24 16:36:45 -05:00
Quentin Machu
cf3573cf67
prometheus: correct notifier latency metric in grafana
2016-02-24 16:36:45 -05:00
Quentin Machu
f68012de00
api: fix 404->500 and NPE issues
2016-02-24 16:36:45 -05:00
Quentin Machu
7c11e4eb5d
updater/database: do not create notifications during the initial update
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
c504d2ed0e
api: add FeatureFromDatabaseModel
...
This also handles replacing the DB identifier for a maximum version with
the string "None".
2016-02-24 16:36:45 -05:00
Quentin Machu
883be8769f
database: fix Ping() method in PostgreSQL's implementation
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
83b19b6179
api/prometheus: add prometheus metrics to API routes
2016-02-24 16:36:45 -05:00
Quentin Machu
f8b4a52f8a
database: make notification tests more robust (old/new, update/delete vulnerabilities)
2016-02-24 16:36:45 -05:00
Quentin Machu
ccaaff000e
database: add created_at field for layers and vulnerabilities
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
f351d6304e
api: add "Content-Type" and "Server" headers
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
2d8d9ca401
api: finish initial work on v1 API
2016-02-24 16:36:45 -05:00
Quentin Machu
94ece7bf2b
database: fix notification design and add vulnerability history
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
99f3552470
database: add Insert/DeleteVulnerabilityFix
2016-02-24 16:36:45 -05:00
Quentin Machu
9b51f7f4fb
worker: raise worker version number
2016-02-24 16:36:45 -05:00
Quentin Machu
f6baac3628
*: refresh godeps
2016-02-24 16:36:45 -05:00
Quentin Machu
8f7e658574
*: remove tests from docker file
2016-02-24 16:36:45 -05:00
Quentin Machu
1e1eb9218d
*: add postgres 9.4 to travis
2016-02-24 16:36:45 -05:00
Quentin Machu
03d904c620
database: improve PostgreSQL test inits and cleanups
2016-02-24 16:36:45 -05:00
Quentin Machu
3defe6448a
prometheus: add quantile to grafana
2016-02-24 16:36:45 -05:00