Commit Graph

778 Commits

Author SHA1 Message Date
Miquel Sabaté Solà
30ced21b74 Added Portus integration
Since SUSE/Portus#1289 got merged, Portus now integrates security
scanners in order to fetch vulnerabilities for the images stored in the
on-premise Docker registry. CoreOS Clair is a supported backend, so you
can now use Clair for this. This is all explained in the documentation:

  http://port.us.org/features/6_security_scanning.html

Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
2017-07-18 13:15:46 +02:00
Jimmy Zelinskie
6c9a131b09 Merge pull request #408 from KeyboardNerd/grpc
v2 api with gRPC and gRPC gateway
2017-06-30 17:33:57 -04:00
Jimmy Zelinskie
74edd854ee Merge pull request #423 from jzelinskie/sleep-updater
updater: sleep before continuing the lock loop
2017-06-29 15:59:10 -04:00
Jimmy Zelinskie
0d18a629ca updater: sleep before continuing the lock loop
This change makes the updater sleep for a small portion of time before
it continues to try and obtain a lock for running the updates. This will
prevent the CPU from being pinned in the case where an error is
consistently failing an update.

Fixes #415.
2017-06-28 17:13:27 -04:00
Jimmy Zelinskie
04847a016d Merge pull request #418 from KeyboardNerd/multiplens
use namespace's versionfmt to specify listers scanning features
2017-06-28 13:53:21 -04:00
Sida Chen
9561d623c2 featurefmt: use namespace's versionfmt to specify listers
use namespace's versionfmt to specify listers used to scan features
the content detection functions are changed accordingly in worker
2017-06-22 15:36:07 -04:00
Sida Chen
50437f32a1 featurens: fix detecting duplicated namespaces problem 2017-06-22 11:41:18 -04:00
Jimmy Zelinskie
33c623427f Merge pull request #410 from KeyboardNerd/xforward
api: fix remote addr shows reverse proxy addr problem
2017-06-21 15:59:40 -04:00
Jimmy Zelinskie
6e8d52d020 Merge pull request #416 from tianon/debian-buster
Add Debian Buster (10) and update "*stable" aliases
2017-06-19 11:43:18 -04:00
Tianon Gravi
de271820a8 Add Debian Buster (10) and update "*stable" aliases
See https://lists.debian.org/debian-announce/2017/msg00003.html for the
official release announcement for Debian Stretch.
2017-06-19 07:54:51 -07:00
Sida Chen
c6f0eaa3c8 api: fix remote addr shows reverse proxy addr problem
Uses the first ip addr in X-forwarded-for as the client's remote addr if it exists
otherwise, fall back to use default http.Request.RemoteAddr
2017-06-16 10:08:58 -04:00
Sida Chen
1533dd1d51 vendor: updated vendor dir for grpc v2 api 2017-06-13 15:58:11 -04:00
Sida Chen
a4edf38566 api: v2 api with gRPC and gRPC-gateway
Newly designed API defines Ancestry as a set of layers
and shrinked the api to only the most used apis:
post ancestry, get layer, get notification, delete notification

Fixes #98
2017-06-13 15:58:10 -04:00
Jimmy Zelinskie
fec86b6211 Merge pull request #413 from transcedentalia/master
Fixing the always database revision 0 for Ubuntu
2017-06-12 11:13:59 -04:00
alinar
d4a967e6e6 Fixing always revision 0 for ubuntu 2017-06-07 12:37:24 +01:00
Jimmy Zelinskie
ce162f5524 Merge pull request #403 from KeyboardNerd/multiplens
worker: fixed duplicated ns and ns not inherited bug
2017-06-05 13:32:48 -07:00
Sida Chen
f0e21df783 worker: fixed duplicated ns and ns not inherited bug 2017-06-05 10:45:11 -04:00
Jimmy Zelinskie
044425ec07 Merge pull request #407 from swestcott/kubernetes-config-fix
Updated Kubernetes config with new db connection string config
2017-06-02 17:40:15 -07:00
Simon Westcott
303bc9800a Updated Kubernetes config with new db connection string config 2017-06-01 23:51:46 +01:00
Jimmy Zelinskie
abd7d2e013 Merge pull request #394 from KeyboardNerd/multiplens
added support for detecting multiple namespaces in a layer
2017-05-24 17:22:08 -04:00
Sida Chen
75d5d40d79 featurens: added multiple namespace testing for namespace detector 2017-05-24 17:18:11 -04:00
Sida Chen
bffa6499b7 added support for detect multiple namespaces in a layer
created table layer_namespace to store the many to many unique mapping of layers and namespaces
changed v1 api to provide a list of namespaces for each layer
changed namespace detector to use all registered detectors to detect namespaces
updated tests for multiple namespaces

Fixes #150
2017-05-24 17:01:51 -04:00
Jimmy Zelinskie
c2d8aec157 Merge pull request #382 from caipre/patch-1
pgsql: Change layer name column data type
2017-05-19 20:07:53 -04:00
Nick Platt
aea74550e1 pgsql: Expand layer, namespace column widths
Presently the layer and namespace tables use type `varchar(128)` for
their respective name columns. For layer, this width works fine enough
using the sha256 digests provided by docker. However, if one wishes to
encode the image name into the layer  name (eg, to avoid collisions like
in [0]), the limit of 128 bytes starts to feel a bit cramped. Bump to
256 bytes, since that "ought to be enough for anybody." (TM)

[0]: https://github.com/coreos/clair/issues/319
2017-05-19 18:22:04 -04:00
Jimmy Zelinskie
f2f213470b Merge pull request #395 from knqyf263/handle_tilde
versionfmt/rpm: handle a tilde correctly
2017-05-15 14:52:31 -04:00
knqyf263
db8a133d21 versionfmt/rpm: handle a tilde correctly 2017-05-14 19:18:57 +09:00
Jimmy Zelinskie
8816aedb68 Merge pull request #392 from jzelinskie/https-sec-db
ext/vulnsrc/alpine: use HTTPS
2017-05-11 15:31:13 -04:00
Jimmy Zelinskie
0891bbac00 ext/vulnsrc/alpine: use HTTPS 2017-05-11 15:18:37 -04:00
Jimmy Zelinskie
1119fdfea6 Merge pull request #390 from KeyboardNerd/fernet
cmd: make pagination key error clearer
2017-05-09 18:59:10 -04:00
Sida Chen
0342a2a3e5 cmd: make pagination key error clearer 2017-05-09 15:13:42 -04:00
Jimmy Zelinskie
d07183ee74 Merge pull request #389 from jzelinskie/revendor
Regenerate vendor redirectory
2017-05-08 16:26:37 -04:00
Jimmy Zelinskie
0305dde964 database/models: MetadataMap decodes from string
github.com/lib/pq began decoding text-like fields as strings to
Scanners.

See lib/pq@e2402a7cd1
2017-05-06 17:01:41 -04:00
Jimmy Zelinskie
35df9d5846 vendor: regenerate vendor directory with glide 2017-05-05 11:46:41 -04:00
Jimmy Zelinskie
d846c508c3 glide: refresh dependencies
The previous configuration had dependencies from contrib projects that
are now removed.
2017-05-05 11:46:40 -04:00
Jimmy Zelinskie
50d07ccf59 vendor: rm everything to prep for regeneration 2017-05-05 11:46:24 -04:00
Jimmy Zelinskie
257bb325a1 Merge pull request #387 from jzelinskie/rm-analyze-local-images
contrib: delete unsupported tools
2017-05-04 19:31:26 -04:00
Jimmy Zelinskie
821a608bb1 docs: add links to contrib tools 2017-05-04 17:22:29 -04:00
Jimmy Zelinskie
5540d02bc2 contrib: delete unsupported tools
These tools are either unsupported or should be supported outside of the
Clair repository.
2017-05-04 17:11:36 -04:00
Jimmy Zelinskie
ee1702b176 Merge pull request #385 from KeyboardNerd/logrus
convert to structured logging using logrus #383
2017-05-04 14:09:59 -04:00
Sida Chen
aa6a81c60c updated glide and vendor folder 2017-05-04 13:59:57 -04:00
Sida Chen
9306e99368 converted to structured logging by using logrus
changed from capnslog to logrus for logging JSON structured message.

finished issue #383
2017-05-04 13:59:57 -04:00
Jimmy Zelinskie
ac24a8703d Merge pull request #381 from KeyboardNerd/bill-of-materials
*: added bill-of-materials
2017-05-01 17:18:05 -04:00
Sida Chen
d0ca4d1fe6 *: added bill-of-materials 2017-05-01 17:15:40 -04:00
Jimmy Zelinskie
99a859fe67 Merge pull request #373 from josuesdiaz/fix_analyze_local
contrib: Fix analyze_local_images when image has missing layers
2017-04-28 13:00:25 -04:00
Josue Diaz
f3840f30b9
contrib: Revert "Merge pull request #367 from jzelinskie/analyze-layers-v2"
This reverts commit e639367a30, reversing
changes made to f3848d9726. Issue involved
the docker history command providing missing fs layers that were not in
the saved image. Revert commit to using the manifest file again.
2017-04-28 10:52:31 -04:00
Jimmy Zelinskie
b02714c1ae Merge pull request #378 from jzelinskie/oracle-update-fix
ext/vulnsrc/oracle: ensure flag is largest elsa
2017-04-27 19:10:59 -04:00
Jimmy Zelinskie
09cbfe325b ext/vulnsrc/oracle: ensure flag is largest elsa
If the Oracle Linux directory is ever in the wrong order, this should
ensure that the updaterFlag is always set the latest ELSA value.
2017-04-27 18:57:19 -04:00
Jimmy Zelinskie
0160ef6d53 Merge pull request #374 from tianon/new-ubuntu-releases
Add Ubuntu Zesty and Artful to UbuntuReleasesMapping
2017-04-26 22:06:59 -04:00
Tianon Gravi
b6ab5d8168 Add Ubuntu Zesty and Artful to UbuntuReleasesMapping
See also https://wiki.ubuntu.com/Releases
2017-04-26 14:45:32 -07:00
Jimmy Zelinskie
ce4f8327ec Merge pull request #371 from caipre/add-logging
Add logging
2017-04-25 15:48:59 -04:00