Commit Graph

654 Commits

Author SHA1 Message Date
Steven Trescinski
28fbfc72e7 Fixed broken quay.io links (#232) 2016-08-16 14:22:22 -04:00
Vincent Batts
ce8d31bbb3 redhatrelease: override match for RHEL hosts
Until https://github.com/coreos/clair/pull/193 is merged, having
vulnerabilities that are tagged both rhel and centos would duplicate in
the database or use a change that requires a migration.

But presently due to the fetcher logic, the rhel provided
vulnerabilities are labelled for centos, and then the namespace does not
match and therefore not tested against.

So until such a day that a vulnerability could have both rhel and centos
label, then hack this in. It'll accomplish the same during this interim.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:35:32 -04:00
Vincent Batts
d88f797821 osrelease-detector: avoid colliding with other detectors
Due to the detector registration and fact that their in a non-ordered
map, it is random whether the osrelease or redhatrelease detector would
hit. And likely resulted in alternately formatted namespace strings.

This change causes the osrelease to not detect when data has
centos-release or redhat-release, which is not _great_ because if the
redhatrelease detector is not compiled in, then that would not be a
fallback that the osrelease detector could rely on. :-\

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:32:12 -04:00
Vincent Batts
c28d2b3a66 namespace: add debug output
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-08-12 15:31:44 -04:00
Jimmy Zelinskie
4bc6416132 README: include data licenses for data sources (#219) 2016-07-21 10:31:46 -04:00
Quentin Machu
be97db5261 updater: enable fetching of RHEL 5 vulnerabilities (#217)
The RHEL updater currently ignores vulnerabilities for CentOS <= 5.
s the naming of the constant firstConsideredRHEL suggests it, it
should actually considers CentOS 5 and ignores CentOS < 5.

Fixes #215
2016-07-15 11:54:47 -04:00
Quentin Machu
c1a7144113 Merge pull request #216 from optiopay/doc-klar-ref
README: add reference to Klar tool
2016-07-15 13:07:44 +02:00
Alexey Miroshkin
c4281b3a3c README: add reference to Klar tool
This update adds reference to Klar tool. Klar is a simple integration
tool designed to be used in scripts and CI.
2016-07-15 08:59:29 +02:00
Jimmy Zelinskie
b45b625fc8 improve v1 api docs header legibility
GitHub has changed fonts and as a result h6s are extremely small.
2016-07-11 14:35:35 -04:00
Quentin Machu
09d397eca9 Merge pull request #205 from Quentin-M/readme_v122
Replace latest by v1.2.2 in Quick Start & Add various talks
2016-06-15 23:59:32 +02:00
Quentin Machu
0733cd9077 Merge pull request #206 from Quentin-M/godeps_implsubmod
godeps: Remove implicit git submodules
2016-06-15 20:54:31 +02:00
Quentin Machu
213468a6d5 godeps: Remove implicit git submodules 2016-06-15 00:15:59 +02:00
Quentin Machu
a8c58d4e3d readme: add various talks & slides 2016-06-14 22:18:06 +02:00
Quentin Machu
93f7f10bf7 readme: replace latest by v1.2.2 and add reference to container repositories 2016-06-14 22:17:49 +02:00
JG²
bed3662e64 travis: allow golang 'tip' failures (#202) 2016-06-14 01:55:22 -04:00
Quentin Machu
28295eb2bf Merge pull request #186 from Quentin-M/delete_ubuntu_repository
updater: Delete Ubuntu's repository upon bzr errors
2016-06-09 19:27:17 +02:00
Quentin Machu
34f62ef1f1 updater: delete Ubuntu's repository upon bzr errors
By deleting an Ubuntu repository that may be in a bad state,
Clair will eventually be able to perform the update, instead of retrying naively.

Fixes #169
2016-06-09 14:11:30 +02:00
lbausch
efa0d855f4 Modify URL of libpq documentation (#197)
When opening the URL in the browser the section about "Connection Strings" is directly displayed. This way there's no need to scroll to it. (Also use HTTPS)
2016-06-07 12:58:24 -04:00
Quentin Machu
59b3b184a8 Merge pull request #196 from jgsqware/integrate-glide
Replace Godep by Glide
2016-06-07 16:41:13 +02:00
jgsqware
72c8c347e6 update travis to build with fork 2016-06-07 16:13:20 +02:00
jgsqware
d9d5b058e5 replace GoDep by Glide 2016-06-07 10:08:50 +02:00
Quentin Machu
951efed1ff Merge pull request #188 from databus23/patch-1
Switch to https for ubuntu cve tracker
2016-05-25 20:25:48 -04:00
Fabian Ruff
85edda6ce1 Switch to https for ubuntu cve tracker
Fixes #168
2016-05-25 23:29:03 +02:00
Quentin Machu
a03459d02e Merge pull request #165 from Quentin-M/db_registration
Allow specifying datastore driver by config, relocate upgrade detection, mock datastore
2016-05-20 12:20:26 -05:00
Jimmy Zelinskie
5d8336acb3 pgsql: use subquery to plan GetNotification query (#182)
This change enables the query planner to wait and sort the result set of
our query rather than attempting to re-use the layer table's index for
the ORDER BY clause. Because the result set is always small, this makes
queries that were previous tens of seconds, now tens of milliseconds.
2016-05-20 13:10:00 -04:00
Quentin Machu
836d37b275 *: use path/filepath instead of path 2016-05-20 12:01:31 -05:00
Quentin Machu
b99e2b50e2 database: Add some missing copyright headers 2016-05-20 12:01:31 -05:00
Quentin Machu
8551a0a3b2 worker: Mock datastore in worker's tests 2016-05-20 12:01:30 -05:00
Quentin Machu
629d2ce662 database: Mock Datastore interface 2016-05-20 12:01:30 -05:00
Quentin Machu
a38fbf6cfe worker/database: Move upgrade detection logic out of database to worker 2016-05-20 12:01:30 -05:00
Jimmy Zelinskie
51f9c5dcb4 pgsql: remove unnecessary join used in GetNotification (#179) 2016-05-19 11:45:38 -04:00
Jimmy Zelinskie
49fa75a64a readme: split "Related Links" into projects/slides (#177)
Fixes #173.
2016-05-19 10:10:46 -04:00
Tobias Sarnowski
ad11393a28 Updated API documentation to reflect changes to authentication scheme. (#180)
With #167, the API was changed to provide a more generic way of how Clair can retrieve the layers from a registry. This change reflects it in the documentation.
2016-05-19 10:09:43 -04:00
Quentin Machu
e7b960c05b database: Allow specifying datastore driver by config
Fixes #145
2016-05-11 15:29:13 -07:00
Jimmy Zelinskie
53e62577bc api/worker: s/Authorization/Headers (#167)
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
2016-05-05 13:48:10 -04:00
Jimmy Zelinskie
de96f09c1a Merge pull request #166 from jzelinskie/authlayer
api/worker: introduce optional authorization
2016-05-04 15:59:49 -04:00
Jimmy Zelinskie
9b5afc79ca api/worker: introduce optional authorization
This allows clients to specify the contents of the HTTP Authorization
header so that Clair can access protected resources.
2016-05-04 15:47:14 -04:00
Quentin Machu
01efa56929 Merge pull request #158 from Quentin-M/contrib_cleanup_signals
contrib: Catch signals to delete tmp folder in local-analyze-images
2016-04-26 17:35:50 -04:00
Quentin Machu
ff3c6eccc8 contrib: Catch signals to delete tmp folder in local-analyze-images
- Create the temporary folder earlier in the app (main instead of save)
- Catch SIGINT/SIGKILL signals to delete the temporary folder and exit
2016-04-25 16:38:17 -04:00
Jimmy Zelinskie
4246c5244b README: add master branch warning 2016-04-20 13:17:44 -04:00
Quentin Machu
51e4086298 *: Create a ROADMAP 2016-04-19 16:29:19 -04:00
Quentin Machu
d8c62e7c84 Merge pull request #143 from jzelinskie/travis
travis: test against Go 1.6
2016-04-19 12:25:14 -04:00
Quentin Machu
58fd619e32 Merge pull request #142 from jzelinskie/healthfix
api: WriteHeader on health endpoint
2016-04-19 12:22:54 -04:00
Jimmy Zelinskie
0423f976b7 travis: test against Go 1.6 2016-04-19 12:20:54 -04:00
Jimmy Zelinskie
7aa88690af api: WriteHeader on health endpoint
Fixes #141.
2016-04-19 12:17:13 -04:00
JG²
af2c688634 config: not properly loaded error (#140)
* config: not properly loaded error

When a wrong config file was used, it result in a panic.
Adding some check condition to validate the Unmarshaled configuration
before using it

fixes #134

* check if datasource is set

* move error locally instead of utils/errors
2016-04-18 13:11:44 -04:00
Quentin Machu
8d5a330acf Merge pull request #139 from coreos/webhook_proxy
Add proxy parameter to webhook notifier
2016-04-12 15:02:40 -04:00
Quentin Machu
927af43be0 notifier: Verify that the given webhook endpoint is an absolute URL 2016-04-12 14:30:30 -04:00
Quentin Machu
2fb815dc37 notifier: Add proxy parameter to webhook notifier 2016-04-12 14:30:25 -04:00
Quentin Machu
87f28fc3af Merge pull request #137 from coreos/fix_k8s
README: Fix Kubernetes instructions
2016-04-11 15:21:06 -04:00