arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
440 Commits 5 Branches 24 Tags 158 MiB
ca9f340a91
Commit Graph

47 Commits

Author SHA1 Message Date
Jimmy Zelinskie
8d29bf860d versionfmt: convert to using constant over literal 2017-01-03 16:00:20 -05:00
Jimmy Zelinskie
8bedd0a367 worker: ns detectors now support VersionFormat 
This also filters unknown namespaces from the generic lsb-release and
osrelease detectors.
 2017-01-03 13:15:46 -05:00
Jimmy Zelinskie
033709eaea add registerable version formats 
Since we only ever used dpkg, this change shims everything into using
dpkg.
 2016-12-30 12:51:24 -05:00
Jimmy Zelinskie
7d3d1861d0 Merge pull request #290 from Djelibeybi/oraclelinux-support 
Oracle Linux support
 2016-12-19 20:58:17 -05:00
Jimmy Zelinskie
de1f09e8b3 worker: clarify maxFileSize purpose 
Fixes #237.
 2016-12-19 19:02:13 -05:00
Avi Miller
5eb57fee37 Update osrelease and redhatrelease detectors to detect Oracle Linux as well. 2016-12-20 10:53:30 +11:00
Jimmy Zelinskie
2cb23ced02 worker: bump engine version 
Now that we support OpenSUSE and Alpine Linux the engine version should
be increased.
 2016-12-19 15:35:25 -05:00
Jimmy Zelinskie
9be305d19f alpine: truncate namespace to "vMAJOR.MINOR" 2016-12-19 11:32:46 -05:00
Jimmy Zelinskie
fc908e65ba detectors/feature: add apk feature detector 2016-12-19 11:32:45 -05:00
Jimmy Zelinskie
e4b5930f77 detectors/feature: consistent naming and godoc 2016-12-19 11:32:45 -05:00
Jimmy Zelinskie
1d5a9ddd3c detectors/namespace: add alpine-release detector 2016-12-19 11:32:45 -05:00
Jimmy Zelinskie
0b2a9ab12b detectors/namespace: support pointers in tests 
This change adjusts some names of types being exported and adds some
documentation.
 2016-12-19 11:32:45 -05:00
Vincent Batts
ce8d31bbb3 redhatrelease: override match for RHEL hosts 
Until https://github.com/coreos/clair/pull/193 is merged, having
vulnerabilities that are tagged both rhel and centos would duplicate in
the database or use a change that requires a migration.

But presently due to the fetcher logic, the rhel provided
vulnerabilities are labelled for centos, and then the namespace does not
match and therefore not tested against.

So until such a day that a vulnerability could have both rhel and centos
label, then hack this in. It'll accomplish the same during this interim.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
 2016-08-12 15:35:32 -04:00
Vincent Batts
d88f797821 osrelease-detector: avoid colliding with other detectors 
Due to the detector registration and fact that their in a non-ordered
map, it is random whether the osrelease or redhatrelease detector would
hit. And likely resulted in alternately formatted namespace strings.

This change causes the osrelease to not detect when data has
centos-release or redhat-release, which is not _great_ because if the
redhatrelease detector is not compiled in, then that would not be a
fallback that the osrelease detector could rely on. :-\

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
 2016-08-12 15:32:12 -04:00
Vincent Batts
c28d2b3a66 namespace: add debug output 
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
 2016-08-12 15:31:44 -04:00
Quentin Machu
836d37b275 *: use path/filepath instead of path 2016-05-20 12:01:31 -05:00
Quentin Machu
8551a0a3b2 worker: Mock datastore in worker's tests 2016-05-20 12:01:30 -05:00
Quentin Machu
a38fbf6cfe worker/database: Move upgrade detection logic out of database to worker 2016-05-20 12:01:30 -05:00
Jimmy Zelinskie
53e62577bc api/worker: s/Authorization/Headers (#167) 
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
 2016-05-05 13:48:10 -04:00
Jimmy Zelinskie
9b5afc79ca api/worker: introduce optional authorization 
This allows clients to specify the contents of the HTTP Authorization
header so that Clair can access protected resources.
 2016-05-04 15:47:14 -04:00
Jimmy Zelinskie
500fc4e407 various: gofmt -s 2016-02-24 19:29:36 -05:00
Jimmy Zelinskie
8fd0aa162b various: spelling corrections 2016-02-24 18:00:36 -05:00
Quentin Machu
e78d076d02 api/worker: adjust error codes in postLayer 2016-02-24 16:40:40 -05:00
Quentin Machu
bae5a5e3ad worker: remove duplicated tests 2016-02-24 16:40:40 -05:00
Quentin Machu
418ab08c4b api: adjust postLayer error codes 
- return 422 when layer could not be analyzed (extraction failed or layer unsupported)
- return 404 if the parent is not found or the download path leads to a 404 page
 2016-02-24 16:40:40 -05:00
Quentin Machu
c2605e0bf2 worker: verify download status code 2016-02-24 16:36:45 -05:00
Quentin Machu
41736e4600 worker: DetectData should return an error if the supported detector failed 2016-02-24 16:36:45 -05:00
Quentin Machu
98ed041956 worker: remove double error 2016-02-24 16:36:45 -05:00
Quentin Machu
9b51f7f4fb worker: raise worker version number 2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
2f57f0d4b1 worker: change worker errors to bad request errors 2016-02-24 16:34:54 -05:00
Quentin Machu
b3ddfbc353 worker: remove namespace whitelist 
As Clair let developers register their own detectors
 2016-02-24 16:34:54 -05:00
Quentin Machu
90fe137de8 worker: move each data detector to their own packages and remove image format whitelist 2016-02-24 16:34:54 -05:00
Quentin Machu
4bdbd5e6db *: fix several tests 2016-02-24 16:34:54 -05:00
Quentin Machu
82175dcfe9 *: add missing copyright headers 2016-02-24 16:34:54 -05:00
Quentin Machu
34842fd8f7 worker: fix dpkg detector and adapt tests 2016-02-24 16:34:54 -05:00
Quentin Machu
85fa3f9a38 updater/worker: adapt several tests 2016-02-24 16:34:54 -05:00
Quentin Machu
970756cd5a database: do insert/find layers (with their features and vulnerabilities) 2016-02-24 16:32:21 -05:00
Quentin Machu
2c150b015e *: refactor & do initial work towards PostgreSQL implementation 2016-02-24 16:32:21 -05:00
Quentin Machu
343ce39865 worker: detect the status code when downloading a layer and expect 2XX. 2016-02-09 16:55:56 -05:00
Liang Chenye
4b11491067 add ImageFormat to worker_test and programs under contrib 
Signed-off-by: Liang Chenye <liangchenye@huawei.com>
 2015-12-15 21:01:22 -08:00
Liang Chenye
41509ccd3e add imageFormt to API.md; add xz to Dockerfile; fix bugs 
Signed-off-by: Liang Chenye <liangchenye@huawei.com>
 2015-12-15 20:29:53 -08:00
liangchenye
354c4b3672 always trim './' 
Signed-off-by: liangchenye <liangchenye@huawei.com>
 2015-12-15 11:34:22 +08:00
liangchenye
b1775ed3dc add data detector to support ACI and other format in the future 
Signed-off-by: liangchenye <liangchenye@huawei.com>
 2015-12-11 19:37:25 +08:00
Quentin Machu
eb7e5d5c74 main: Use configuration file instead of flags and simplify app extension. 
Clair will now use a YAML configuration file instead of command line
arguments as the number of parameters grows.

Also, Clair now exposes a Boot() func that allows everyone to easily
create their own project and load dynamically their own fetchers/updaters.
 2015-12-08 11:50:52 -05:00
Quentin Machu
ac0e68efe7 worker: Add a missing CleanURL 2015-11-18 15:02:07 -05:00
Quentin Machu
f229083e1e database/worker: Remove useless log message 2015-11-16 13:21:06 -05:00
Quentin Machu
3ec262dd51 Initial commit 2015-11-13 14:11:28 -05:00