Jimmy Zelinskie
8bedd0a367
worker: ns detectors now support VersionFormat
...
This also filters unknown namespaces from the generic lsb-release and
osrelease detectors.
8 years ago
Jimmy Zelinskie
9e39a26f26
backfill version_format column
8 years ago
Jimmy Zelinskie
6864a8efea
versionfmt: init rpm versionfmt
8 years ago
Jimmy Zelinskie
033709eaea
add registerable version formats
...
Since we only ever used dpkg, this change shims everything into using
dpkg.
8 years ago
Jimmy Zelinskie
3897fb6706
Merge pull request #295 from jzelinskie/fixmigrationorder
...
psql/migrations: fix ordering
8 years ago
Jimmy Zelinskie
9338f28e82
psql/migrations: fix ordering
8 years ago
Jimmy Zelinskie
7d3d1861d0
Merge pull request #290 from Djelibeybi/oraclelinux-support
...
Oracle Linux support
8 years ago
Avi Miller
2643d22aaa
Updated fetcher and tests to close the file handles and HTTP response.
...
Signed-off-by: Avi Miller <avi.miller@oracle.com>
8 years ago
Avi Miller
a3c2dae790
Updated README with Oracle Linux security information.
...
Signed-off-by: Avi Miller <avi.miller@oracle.com>
8 years ago
Avi Miller
9d885f680c
Add Oracle Linux fetcher to grab and parse OVAL data.
...
Signed-off-by: Avi Miller <avi.miller@oracle.com>
8 years ago
Jimmy Zelinskie
9532c03f95
Merge pull request #288 from jzelinskie/200mb
...
worker: clarify maxFileSize purpose
8 years ago
Jimmy Zelinskie
de1f09e8b3
worker: clarify maxFileSize purpose
...
Fixes #237 .
8 years ago
Avi Miller
5eb57fee37
Update osrelease and redhatrelease detectors to detect Oracle Linux as well.
8 years ago
Jimmy Zelinskie
8e1fe0d01f
Merge pull request #289 from jzelinskie/revert-suse
...
Revert OpenSUSE
8 years ago
Jimmy Zelinskie
740262c055
Revert "Merge pull request #199 from openSUSE/feature/opensuse"
...
This reverts commit 97347ec44d
, reversing
changes made to 051564facd
.
8 years ago
Jimmy Zelinskie
7d0f29b28f
Merge pull request #287 from jzelinskie/enginebump
...
worker: bump engine version
8 years ago
Jimmy Zelinskie
2cb23ced02
worker: bump engine version
...
Now that we support OpenSUSE and Alpine Linux the engine version should
be increased.
8 years ago
Jimmy Zelinskie
d62bddd6e3
Merge pull request #272 from jzelinskie/alpine
...
[WIP] Alpine support via Alpine-SecDB
8 years ago
Jimmy Zelinskie
f74cd35243
fetchers/alpine: add notes for untracked namespaces
8 years ago
Jimmy Zelinskie
3be8dfcf99
fetchers/alpine: auto detect namespaces
8 years ago
Jimmy Zelinskie
59e6c628dc
alpine: refactor fetcher & git pull on update
8 years ago
Jimmy Zelinskie
9be305d19f
alpine: truncate namespace to "vMAJOR.MINOR"
8 years ago
Jimmy Zelinskie
f8457b98e7
alpine: compile alpine into clair binary
8 years ago
Jimmy Zelinskie
3d90cac427
alpine: add support for v3.4 YAML schema
8 years ago
Jimmy Zelinskie
805f620b4b
README: add alpine data sources
8 years ago
Jimmy Zelinskie
c1e0f618ca
dockerfile: add git dependency
8 years ago
Jimmy Zelinskie
0cb8fc9455
updater/fetchers: add alpine secdb fetcher
8 years ago
Jimmy Zelinskie
fc908e65ba
detectors/feature: add apk feature detector
8 years ago
Jimmy Zelinskie
e4b5930f77
detectors/feature: consistent naming and godoc
8 years ago
Jimmy Zelinskie
1d5a9ddd3c
detectors/namespace: add alpine-release detector
8 years ago
Jimmy Zelinskie
0b2a9ab12b
detectors/namespace: support pointers in tests
...
This change adjusts some names of types being exported and adds some
documentation.
8 years ago
Jimmy Zelinskie
5396396ff7
Merge pull request #282 from jzelinskie/layer-sort-id
...
api/v1: indexed layers for notifications
8 years ago
Jimmy Zelinskie
12c47e4066
docs: split http and json code blocks
8 years ago
Jimmy Zelinskie
d4522e9c6e
api/v1: indexed layers for notifications
...
This change deprecates the old LayersIntroducingVulnerability for a new
one that orders output and contains an Index. This index is not
guaranteed to be consistent across multiple notifications, despite the
current Postgres implementation using the primary key of Layer table.
8 years ago
Quentin Machu
1fcae6abb8
Merge pull request #280 from coreos/add_idx_deleted_at
...
pgsql/migrations: add index on Vulnerability_Notification.deleted_at
8 years ago
Quentin Machu
83b5538c65
Merge pull request #281 from coreos/dis_hashjoins_introducing
...
pgsql: Disable hashjoins to get introducing layers for notifications
8 years ago
Quentin Machu
7a3dd5c817
pgsql: Disable hashjoins to get introducing layers for notifications
8 years ago
Quentin Machu
eeb13a02ba
pgsql/migrations: add index on Vulnerability_Notification.deleted_at
...
`searchNotificationAvailable` never effectively use any indexes because:
- `notified_at < $1`, where $1 is a recent timestamp, returns the
majority of the table and therefore it is cheaper for PostgreSQL
to use a sequential scan on the table.
- there is no index for `deleted_at IS NULL`.
However, when Clair has been running for long enough, the grand majority
of rows (99%+) are expected to have a non-NULL `deleted_at` field. This
commit adds a new index on this very field in order to fetch the
remaining 1% in the blink of an eye.
In other words, instead of realizing a full table scan for each
`searchNotificationAvailable` query, we'll use the small branch of a new
index, reducing the total cost from over 30k to a mere 150 on a Clair
database that has already managed more than 1 000 000 notifications.
8 years ago
Quentin Machu
18e0018f80
Merge pull request #277 from jzelinskie/travispg
...
travis: add matrix for postgres
8 years ago
Quentin Machu
f5af78ed45
Merge branch 'master' into travispg
8 years ago
Jimmy Zelinskie
dab6e492b8
Merge pull request #279 from coreos/searchintro_optimize
...
pgsql: Reduce cost of GetNotification by 2.5x
8 years ago
Jimmy Zelinskie
2fe4a464e1
Merge pull request #278 from jzelinskie/layerdiffindex
...
pgsql/migrations: add ldfv compound index
8 years ago
Quentin Machu
dc8f71024f
pgsql: Reduce cost of GetNotification by 2.5
...
By delaying the Layer join to the very end, we can cut the query costs from 540,836 to 219,477.
See Pull Request for details.
8 years ago
Jimmy Zelinskie
7cff31a058
pgsql/migrations: add ldfv compound index
...
This speeds up the SearchNotificationLayerIntroducingVulnerability query
by an order magnitude.
8 years ago
Jimmy Zelinskie
4fab327397
travis: add matrix for postgres
8 years ago
Jimmy Zelinskie
026f64aa82
Merge pull request #276 from jzelinskie/index
...
psql: add useful indexes
8 years ago
Jimmy Zelinskie
9dc002621a
psql: add useful indexes
...
This adds some missing UNIQUE constraints and indexes for the
vulnerability table that should improve query performance.
8 years ago
Quentin Machu
39854ac64d
Merge pull request #274 from JensPiegsa/patch-1
...
Restart clair until postgres is up
8 years ago
Jens Piegsa
9d75a90a8a
Restart clair until postgres is up
8 years ago
Quentin Machu
639d305cf8
Merge pull request #271 from Quentin-M/nvd_severity
...
updater: Set vulns' Severity from NVD metadata fetcher if unknown
8 years ago