Jimmy Zelinskie
7084a226ae
updater: extract deduplicate function
2019-01-10 13:50:47 -05:00
Jimmy Zelinskie
25078ac838
ext: add CleanAll() utility functions
2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
e16d17dda9
updater: remove original RunUpdate()
2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
0d41968acd
updater: reimplement fetch() with errgroup
...
This adds context support to a few more functions in the update process.
This makes progress towards to goal of having cancellable updates.
2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
6c5be7e1c6
updater: refactor to use errgroup
...
This addresses a race condition and makes this code much more
understandable.
2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
399deab100
database: remove FindLock()
2019-01-10 13:50:46 -05:00
Jimmy Zelinskie
effe1552fb
Merge pull request #679 from kubeshield/master
...
Fix cert and key file mix up
2019-01-08 19:06:41 -05:00
Jimmy Zelinskie
45ecf18815
pkg/timeutil: init
2019-01-07 14:18:23 -05:00
Jimmy Zelinskie
b08ad9b8e6
Merge pull request #506 from openSUSE/reintroduce-suse-opensuse
...
Reintroduce image scanning for openSUSE and SLE
2019-01-07 13:21:57 -05:00
Flavio Castelli
1105102b84
Update documentation: talk about SUSE support
...
Expand the documentation about the available data sources to mention
openSUSE and SLE.
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
2019-01-07 18:48:55 +01:00
Flavio Castelli
5a4d4913c1
Reintroduce image scanning for openSUSE and SLE
...
Handle scanning of openSUSE and SUSE Linux Enterprise images.
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
2019-01-07 18:48:55 +01:00
Jimmy Zelinskie
5cd6a8cc92
Merge pull request #681 from Allda/rhel_severity
...
Vulnsrc rhel: handle "none" CVE impact
2019-01-02 15:58:23 -05:00
Tamal Saha
0ed4126240
Fix cert and key file mix up
...
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-01-02 12:31:58 -08:00
Ales Raszka
bd7102d963
Vulnsrc rhel: handle "none" CVE impact
...
Some RHEL CVEs [1] contains "none" string in impact field. This is throwing
warning message when fetching vulnerabilities. The new code handles this
case and it uses advisory severity instead.
[1] https://www.redhat.com/security/data/oval/com.redhat.rhsa-20080038.xml
2019-01-02 14:27:08 +01:00
Jimmy Zelinskie
3947073b9e
Merge pull request #667 from travelaudience/helm-tolerations
...
HELM: add tolerations
2018-12-19 13:49:22 -05:00
Jeff Knurek
81430ffbb2
HELM: also add option for nodeSelector
2018-12-10 11:42:48 +01:00
Jeff Knurek
6a94d8ccd2
HELM: add option for tolerations
2018-12-10 11:42:16 +01:00
Jimmy Zelinskie
300bb52696
database: add FindLock dbutil
2018-11-28 13:37:15 -05:00
Jimmy Zelinskie
4fbeb9ced5
database: add (Acquire|Release)Lock dbutils
2018-11-27 13:59:07 -05:00
Jimmy Zelinskie
504f0f3af3
Merge pull request #656 from glb/elsa_CVEID
...
vulnsrc_oracle: one vulnerability per CVE
2018-11-07 16:07:46 -05:00
Geoff Baskwill
3503ddb96f
vulnsrc_oracle: one vulnerability per CVE
...
Get one vulnerability per CVE for Oracle instead of one per ELSA so we
can have NVD metadata added to the vulnerabilities.
Related: #495 , #499 .
2018-11-02 19:36:43 -04:00
Jimmy Zelinskie
93e7a4cfa8
Merge pull request #650 from Katee/add-ubuntu-cosmic
...
Add database mapping for Ubuntu Cosmic (18.10)
2018-10-31 11:05:47 -04:00
Jimmy Zelinskie
4c08c8f959
Merge pull request #653 from brosander/helm-dep
...
Pinning helm postgres dep to the working 1.0.0
2018-10-31 11:05:28 -04:00
Bryan Rosander
00db964497
Pinning helm postgres dep to the working 1.0.0
2018-10-31 10:56:17 -04:00
Kate Murphy
6c682da3e1
database: add mapping for Ubuntu Cosmic (18.10)
2018-10-29 13:42:44 -04:00
Jimmy Zelinskie
c123c95590
Merge pull request #648 from HaraldNordgren/go_versions
...
Bump Go versions and use '.x' to always get latest patch versions
2018-10-28 12:01:47 -04:00
Harald Nordgren
be24096183
Bump Go versions and use '.x' to always get latest patch versions
2018-10-28 13:44:21 +01:00
Sida Chen
05cbf328aa
Merge pull request #647 from KeyboardNerd/spkg/cvrf
...
vulnsrc: Refactor debian and alpine sources
2018-10-23 09:30:01 -04:00
Sida Chen
4106322107
vendor: Update gopkg.in/yaml.v2 package
...
* Update gopkg.in/yaml.v2 package and glide setting
* Update other packages
2018-10-22 23:00:58 -04:00
Sida Chen
72674ca871
vulnsrc: Refactor vulnerability sources to use utility functions
2018-10-22 23:00:58 -04:00
Sida Chen
a3f7387ff1
database: Add FindKeyValue function wrapper
2018-10-22 23:00:57 -04:00
Sida Chen
c3904c9696
pkg: Add fsutil to contian file system utility functions
2018-10-22 23:00:57 -04:00
Sida Chen
1ee1b95afc
Merge pull request #644 from KeyboardNerd/bug/git
...
gitutil: Fix git pull on non-git repository directory
2018-10-22 14:45:30 -04:00
Jimmy Zelinskie
0c2e5e73c2
Merge pull request #645 from Katee/include-cvssv3
...
Switch to NVD JSON feed and include CVSSv3
2018-10-22 13:03:42 -04:00
Kate Murphy
081ae34af1
ext: remove duplicate vectorValuesToLetters definition
2018-10-19 15:00:00 -04:00
Kate Murphy
4f0da12b12
ext: pass through CVSSv3 impact and exploitability score
2018-10-19 10:44:23 -04:00
Jimmy Zelinskie
8efc3e4038
ext: remove unneeded use of init()
2018-10-18 18:48:07 -04:00
Jimmy Zelinskie
699d1143e5
ext: fixup incorrect copyright year
2018-10-18 18:47:37 -04:00
Sida Chen
335cb65917
Merge pull request #646 from KeyboardNerd/spkg/model
2018-10-18 16:44:48 -04:00
Sida Chen
2236b0a5c9
updater: Add vulnsrc affected feature type
...
Each vulnerability source has a specific type of feature that it affects
We assume the following:
* Alpine: Binary Package
* Debian: Source Package
* Ubuntu: Source Package
* Oracle OVAL: Binary Package
* RHEL OVAL: Binary Package
2018-10-18 15:06:41 -04:00
Sida Chen
00fadfc3e3
database: Add affected feature type
...
Affected feature type is for determining either the source feature or
the binary feature that an vulnerability affects.
2018-10-18 15:06:41 -04:00
Sida Chen
11b67e612c
gitutil: Fix git pull on non-git repository directory
...
* Add conditional check: if the git repo directory is newly created, we
clone.
* Add tests
Fixes #641
2018-10-17 10:43:52 -04:00
Kate Murphy
b81e4454fb
ext: Parse CVSSv3 data from JSON NVD feed
2018-10-16 19:08:17 -04:00
Kate Murphy
14277a8f5d
ext: Add JSON NVD parsing tests
2018-10-16 18:53:32 -04:00
Kate Murphy
aab46f5658
ext: Parse NVD JSON feed instead of XML
...
The JSON feed provides some values that are not available in the XML
feed such as CVSSv3.
2018-10-16 18:53:32 -04:00
Sida Chen
17539bda60
Merge pull request #640 from KeyboardNerd/sourcePackage
...
database: Replace Parent Feature with source metadata
2018-10-15 16:49:50 -04:00
Sida Chen
f759dd54c0
database: Replace Parent Feature with source metadata
...
Feature's source feature string is directly stored in the database
instead of having the parent pointer to simplify the database.
2018-10-15 16:26:24 -04:00
Jimmy Zelinskie
2ac088dd0f
Merge pull request #639 from Katee/update-sha1-to-sha256
...
Use SHA256 instead of SHA1 for fingerprinting
2018-10-15 11:43:56 -04:00
Sida Chen
fe614f2b01
Merge pull request #638 from KeyboardNerd/featureTree
...
Parse Source package from package information databases
2018-10-15 10:11:55 -04:00
Kate Murphy
8d5a0131c4
ext: Use SHA256 instead of SHA1 for fingerprinting
...
To make static analysis tools happy.
The current use of SHA1 for fingerprinting is safe. However, there is very
little downside to switching to SHA256.
2018-10-12 16:09:14 -04:00