arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
873 Commits 5 Branches 24 Tags 158 MiB
60ef726677
Commit Graph

873 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jimmy Zelinskie
162e8cdafc config: enable suse updater 2019-01-14 14:39:46 -05:00
Jimmy Zelinskie
bafe45db2d
Merge pull request #686 from jzelinskie/fix-presentations 
documentation: fix links to presentations
 2019-01-14 13:51:03 -05:00
Jimmy Zelinskie
3e6896c6a4 documentation: fix links to presentations 
Closes #661.
Closes #665.
Closes #560.
 2019-01-10 14:22:24 -05:00
Jimmy Zelinskie
165c397f16 glide: add errgroup and regenerate vendor 2019-01-10 13:50:47 -05:00
Jimmy Zelinskie
7084a226ae updater: extract deduplicate function 2019-01-10 13:50:47 -05:00
Jimmy Zelinskie
25078ac838 ext: add CleanAll() utility functions 2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
e16d17dda9 updater: remove original RunUpdate() 2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
0d41968acd updater: reimplement fetch() with errgroup 
This adds context support to a few more functions in the update process.
This makes progress towards to goal of having cancellable updates.
 2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
6c5be7e1c6 updater: refactor to use errgroup 
This addresses a race condition and makes this code much more
understandable.
 2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
399deab100 database: remove FindLock() 2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
effe1552fb
Merge pull request #679 from kubeshield/master 
Fix cert and key file mix up
 2019-01-08 19:06:41 -05:00
Jimmy Zelinskie
45ecf18815 pkg/timeutil: init 2019-01-07 14:18:23 -05:00
Jimmy Zelinskie
b08ad9b8e6
Merge pull request #506 from openSUSE/reintroduce-suse-opensuse 
Reintroduce image scanning for openSUSE and SLE
 2019-01-07 13:21:57 -05:00
Flavio Castelli
1105102b84
Update documentation: talk about SUSE support 
Expand the documentation about the available data sources to mention
openSUSE and SLE.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
 2019-01-07 18:48:55 +01:00
Flavio Castelli
5a4d4913c1
Reintroduce image scanning for openSUSE and SLE 
Handle scanning of openSUSE and SUSE Linux Enterprise images.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
 2019-01-07 18:48:55 +01:00
Jimmy Zelinskie
5cd6a8cc92
Merge pull request #681 from Allda/rhel_severity 
Vulnsrc rhel: handle "none" CVE impact
 2019-01-02 15:58:23 -05:00
Tamal Saha
0ed4126240 Fix cert and key file mix up 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2019-01-02 12:31:58 -08:00
Ales Raszka
bd7102d963 Vulnsrc rhel: handle "none" CVE impact 
Some RHEL CVEs [1] contains "none" string in impact field. This is throwing
warning message when fetching vulnerabilities. The new code handles this
case and it uses advisory severity instead.

[1] https://www.redhat.com/security/data/oval/com.redhat.rhsa-20080038.xml
 2019-01-02 14:27:08 +01:00
Jimmy Zelinskie
3947073b9e
Merge pull request #667 from travelaudience/helm-tolerations 
HELM: add tolerations
 2018-12-19 13:49:22 -05:00
Jeff Knurek
81430ffbb2 HELM: also add option for nodeSelector 2018-12-10 11:42:48 +01:00
Jeff Knurek
6a94d8ccd2 HELM: add option for tolerations 2018-12-10 11:42:16 +01:00
Jimmy Zelinskie
300bb52696 database: add FindLock dbutil 2018-11-28 13:37:15 -05:00
Jimmy Zelinskie
4fbeb9ced5 database: add (Acquire|Release)Lock dbutils 2018-11-27 13:59:07 -05:00
Jimmy Zelinskie
504f0f3af3
Merge pull request #656 from glb/elsa_CVEID 
vulnsrc_oracle: one vulnerability per CVE
 2018-11-07 16:07:46 -05:00
Geoff Baskwill
3503ddb96f vulnsrc_oracle: one vulnerability per CVE 
Get one vulnerability per CVE for Oracle instead of one per ELSA so we
can have NVD metadata added to the vulnerabilities.

Related: #495, #499.
 2018-11-02 19:36:43 -04:00
Jimmy Zelinskie
93e7a4cfa8
Merge pull request #650 from Katee/add-ubuntu-cosmic 
Add database mapping for Ubuntu Cosmic (18.10)
 2018-10-31 11:05:47 -04:00
Jimmy Zelinskie
4c08c8f959
Merge pull request #653 from brosander/helm-dep 
Pinning helm postgres dep to the working 1.0.0
 2018-10-31 11:05:28 -04:00
Bryan Rosander
00db964497
Pinning helm postgres dep to the working 1.0.0 2018-10-31 10:56:17 -04:00
Kate Murphy
6c682da3e1
database: add mapping for Ubuntu Cosmic (18.10) 2018-10-29 13:42:44 -04:00
Jimmy Zelinskie
c123c95590
Merge pull request #648 from HaraldNordgren/go_versions 
Bump Go versions and use '.x' to always get latest patch versions
 2018-10-28 12:01:47 -04:00
Harald Nordgren
be24096183 Bump Go versions and use '.x' to always get latest patch versions 2018-10-28 13:44:21 +01:00
Sida Chen
05cbf328aa
Merge pull request #647 from KeyboardNerd/spkg/cvrf 
vulnsrc: Refactor debian and alpine sources
 2018-10-23 09:30:01 -04:00
Sida Chen
4106322107 vendor: Update gopkg.in/yaml.v2 package 
* Update gopkg.in/yaml.v2 package and glide setting
* Update other packages
 2018-10-22 23:00:58 -04:00
Sida Chen
72674ca871 vulnsrc: Refactor vulnerability sources to use utility functions 2018-10-22 23:00:58 -04:00
Sida Chen
a3f7387ff1 database: Add FindKeyValue function wrapper 2018-10-22 23:00:57 -04:00
Sida Chen
c3904c9696 pkg: Add fsutil to contian file system utility functions 2018-10-22 23:00:57 -04:00
Sida Chen
1ee1b95afc
Merge pull request #644 from KeyboardNerd/bug/git 
gitutil: Fix git pull on non-git repository directory
 2018-10-22 14:45:30 -04:00
Jimmy Zelinskie
0c2e5e73c2
Merge pull request #645 from Katee/include-cvssv3 
Switch to NVD JSON feed and include CVSSv3
 2018-10-22 13:03:42 -04:00
Kate Murphy
081ae34af1
ext: remove duplicate vectorValuesToLetters definition 2018-10-19 15:00:00 -04:00
Kate Murphy
4f0da12b12
ext: pass through CVSSv3 impact and exploitability score 2018-10-19 10:44:23 -04:00
Jimmy Zelinskie
8efc3e4038 ext: remove unneeded use of init() 2018-10-18 18:48:07 -04:00
Jimmy Zelinskie
699d1143e5 ext: fixup incorrect copyright year 2018-10-18 18:47:37 -04:00
Sida Chen
335cb65917
Merge pull request #646 from KeyboardNerd/spkg/model 2018-10-18 16:44:48 -04:00
Sida Chen
2236b0a5c9 updater: Add vulnsrc affected feature type 
Each vulnerability source has a specific type of feature that it affects

We assume the following:
* Alpine: Binary Package
* Debian: Source Package
* Ubuntu: Source Package
* Oracle OVAL: Binary Package
* RHEL OVAL: Binary Package
 2018-10-18 15:06:41 -04:00
Sida Chen
00fadfc3e3 database: Add affected feature type 
Affected feature type is for determining either the source feature or
the binary feature that an vulnerability affects.
 2018-10-18 15:06:41 -04:00
Sida Chen
11b67e612c gitutil: Fix git pull on non-git repository directory 
* Add conditional check: if the git repo directory is newly created, we
clone.
* Add tests

Fixes #641
 2018-10-17 10:43:52 -04:00
Kate Murphy
b81e4454fb
ext: Parse CVSSv3 data from JSON NVD feed 2018-10-16 19:08:17 -04:00
Kate Murphy
14277a8f5d
ext: Add JSON NVD parsing tests 2018-10-16 18:53:32 -04:00
Kate Murphy
aab46f5658
ext: Parse NVD JSON feed instead of XML 
The JSON feed provides some values that are not available in the XML
feed such as CVSSv3.
 2018-10-16 18:53:32 -04:00
Sida Chen
17539bda60
Merge pull request #640 from KeyboardNerd/sourcePackage 
database: Replace Parent Feature with source metadata
 2018-10-15 16:49:50 -04:00