Commit Graph

848 Commits

Author SHA1 Message Date
Jimmy Zelinskie
5d1c30218e
Merge pull request #624 from jzelinskie/probot
.github: add stale and issue template enforcement
2018-09-26 18:02:38 -04:00
Jimmy Zelinskie
9b1f205833 .github: add stale and issue template enforcement
This change will allow probot to enforce our GitHub policies.
2018-09-26 13:07:20 -04:00
Jimmy Zelinskie
0ca9431235
Merge pull request #621 from jzelinskie/gitutil
pkg/gitutil: init
2018-09-26 11:42:35 -04:00
Hayden Hughes
d3facfd7cd
Add build-base to docker image 2018-09-26 08:17:33 +10:00
Sida Chen
0609ed964b config: removed worker config
All processors will now be used to process the layers.
2018-09-19 14:33:08 -04:00
Sida Chen
53433090a3 pgsql: update the query format 2018-09-19 14:33:08 -04:00
Jimmy Zelinskie
44ae4bc959
Merge pull request #610 from MackJM/wip/master_nvd_httputil
Using httputil for NVD
2018-09-19 14:25:44 -04:00
Jimmy Zelinskie
c2d887f9e9 pkg/gitutil: init
This refactors the code we're using to manage temporary git repositories
into a utility package.
2018-09-19 13:50:54 -04:00
Jimmy Zelinskie
d0a3fe9206
Merge pull request #499 from yebinama/rhel_CVEID
vulnsrc_rhel: one vulnerability by CVE
2018-09-14 18:21:15 -04:00
Grégoire Unbekandt
c4ffa0c370 vulnsrc_rhel: cve impact
use the specific CVE's impact field instead of the RHSA's one
2018-09-15 00:00:09 +02:00
Grégoire Unbekandt
a90db713a2 vulnsrc_rhel: add test
Add test for multiple CVE
2018-09-14 23:54:33 +02:00
Grégoire Unbekandt
8b3338ef56 vulnsrc_rhel: minor changes
delete a useless line
2018-09-14 23:54:33 +02:00
Grégoire Unbekandt
4e4e98f328 vulnsrc_rhel: minor changes
Code reorganisation
2018-09-14 23:54:33 +02:00
Grégoire Unbekandt
ac86a36740 vulnsrc_rhel: rhsa_ID by default
If no CVE is present, create a vulnerability with rhsa ID
2018-09-14 23:54:33 +02:00
Grégoire Unbekandt
4ab98cfe54 vulnsrc_rhel: one vulnerability by CVE
Get one vulnerability by CVE_ID for RHEL instead of one by RHSA_ID so we can have NVD metadata added to the vulnerabilities.

Fixes #495
2018-09-14 23:54:33 +02:00
Sida Chen
f98ff58afd
Merge pull request #619 from KeyboardNerd/sidac/rm_layer
database: Remove LayerWithContent from interface
2018-09-13 14:36:26 -04:00
Sida Chen
e160616723 database: Use LayerWithContent as Layer 2018-09-13 13:21:39 -04:00
Jean Michel MacKay
30848d9eb7 Fixed extra newline 2018-09-11 15:28:40 -04:00
Jean Michel MacKay
56b4f23ae2 Move downloadFeed out to a seperate function 2018-09-11 15:28:39 -04:00
Jean Michel MacKay
f34f94320a Embed nvd's downloading and storing of meta data into a function to help with resource management 2018-09-11 15:28:39 -04:00
Jean Michel MacKay
3959f416fa Fix up error and changing close to defer close 2018-09-11 15:28:39 -04:00
Jean Michel MacKay
49cbdd7a7c Using httputil for NVD
nvd was missed when moving to httputil, this fixes it
2018-09-11 15:28:39 -04:00
Jimmy Zelinskie
089a4e0f0a
Merge pull request #617 from jzelinskie/grpc-refactor
Introduce pkg/grpcutil
2018-09-11 14:57:13 -04:00
Jimmy Zelinskie
1ec2759550 pkg/grpcutil: init
This change refactors gRPC code used within the v3 API package into
generic code that can be used for managing gRPC and gRPC Gateway.
2018-09-11 14:46:52 -04:00
Sida Chen
ff9303905b database: changed Notification interface name 2018-09-11 14:24:09 -04:00
Sida Chen
6c69377343
Merge pull request #614 from KeyboardNerd/sidac/simplify
Replace Ancestry with AncestryWithContent struct in database models
2018-09-11 10:50:53 -04:00
Jimmy Zelinskie
dc6be5d1b0 api: remove handleShutdown func
This function was used for handling errors in the graceful library and
was never necessary for the v3 API.
2018-09-10 13:26:53 -04:00
Sida Chen
5d725e67b0 Replace Ancestry with AncestryWithContent struct in database models
As one of the steps to simplifies the codebase, the AncestryWithContent
struct is renamed to Ancestry, and Ancestry is removed. It will cause
the PostAncestry request to be slower.
2018-09-10 12:48:23 -04:00
Jimmy Zelinskie
e5c2e378a2
Merge pull request #613 from jzelinskie/pkg-pagination
Introduce pkg/pagination
2018-09-07 16:34:59 -04:00
Jimmy Zelinskie
0565938956 pkg/pagination: add token type
This change pulls as much pagination logic out of the database
implementation as possible. Database implementations should now be able
to marshal whatever state they need into opaque tokens with the
utilities in the pagination package.
2018-09-07 16:26:56 -04:00
Jimmy Zelinskie
d193b46449 pkg/pagination: init
This change refactors a lot of the code dealing with pagination so that
fernet implementation details do not leak.

- Deletes database/pgsql/token
- Introduces a pagination package
- Renames idPageNumber to Page and add a constructor and method.
2018-09-07 16:13:51 -04:00
Jimmy Zelinskie
b20482e0ae cmd/clair: document constants 2018-09-06 17:40:01 -04:00
Jimmy Zelinskie
fffb67f137
Merge pull request #611 from jzelinskie/drop-graceful
Remove dependency on graceful
2018-09-06 17:10:01 -04:00
Jimmy Zelinskie
55ecf1e58a vendor: regenerate after removing graceful 2018-09-06 16:56:33 -04:00
Jimmy Zelinskie
30644fcc01 api: remove dependency on graceful
This library has no longer been needed since Go 1.8.
2018-09-06 16:56:33 -04:00
Sida Chen
2bbbad393b
Merge pull request #605 from KeyboardNerd/sidchen/feature
Implement Ancestry Layer-wise feature API
2018-09-06 14:08:56 -04:00
Sida Chen
2827b9342b Update Database and Worker implementation for layer-wise feature
Feature extraction algorithm is changed to associate features with
ancestry layer. Database is updated to keep the relationship.
2018-09-06 13:56:03 -04:00
Jimmy Zelinskie
06b257cc97
Merge pull request #606 from MackJM/wip/master_httputil
Adding httputil and version packages to master
2018-09-06 11:27:35 -04:00
Jimmy Zelinskie
4fd86fd518
Merge pull request #607 from jzelinskie/gofmt
enforce gofmt in travis
2018-09-06 09:27:28 -04:00
Jimmy Zelinskie
ce15f73501 *: gofmt -s 2018-09-05 19:20:35 -04:00
Jimmy Zelinskie
52ecf35ca6 travis: fail if not gofmt -s 2018-09-05 18:57:10 -04:00
Jean Michel MacKay
9df4f5bd70 Adding httputil and version packages
- Debian/RHEL/Oracle vulnsrc now use httputil to download files
- httputil sets the User-Agent to the requests as Clair/<version> (https://github.com/coreos/clair/)
- httputil holds Status2xx() which returns if the response is a http success (2xx)
- GetClientAddr moved from api/httputil to pkg/httputil
- the version packge holds a Version string which is set at build time from the git tag and sha
- the .git directory was removed from .dockerignore so that we can use the git tag to set the version
2018-09-05 14:56:39 -04:00
Sida Chen
4b64151330 Update gRPC server implementation 2018-09-05 11:34:06 -04:00
Sida Chen
6a44052e31 Update Clair V3 API to provide layer-wise feature 2018-09-05 11:33:27 -04:00
Jimmy Zelinskie
9f2cc4e533
Merge pull request #604 from jzelinskie/nvd-urls
vulnmdsrc: update NVD URLs
2018-09-04 14:07:56 -04:00
Jimmy Zelinskie
ce6b00887b vulnmdsrc: update NVD URLs
This connects us via a domain hosted on AWS which should provide
performance benefits for users running Clair on AWS and alleviate load
from the NIST campus network.

Fixes #575.
2018-09-04 11:55:19 -04:00
Sida Chen
dfc3023372
Merge pull request #601 from KeyboardNerd/sidchen/status
Add Status endpoint with Clair configuration
2018-08-31 13:28:38 -04:00
Sida Chen
d28f3214ce Add Status endpoint with Clair configuration
Implement a status endpoint providing the current lister/detector in
the current instance of Clair.
2018-08-30 16:55:18 -04:00
Jimmy Zelinskie
7f9c0b1b07
Merge pull request #594 from reasonerjt/fix-alpine-url
Quickfix to the URL for fetching alpine's vuln data.
2018-08-29 15:23:07 -04:00
Daniel Jiang
9e4a347ecd Quickfix to the URL for fetching alpine's vuln data.
Fixes #593

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-08-23 13:39:26 +08:00