mirror of
https://github.com/anchore/grype
synced 2024-09-20 14:31:59 +00:00
Merge pull request #71 from anchore/support-multiple-schemas
use explicitly the v1 db schema
This commit is contained in:
commit
14d8b5da90
8 changed files with 33 additions and 42 deletions
|
@ -3,8 +3,7 @@ package cmd
|
|||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/anchore/grype-db/pkg/db"
|
||||
|
||||
v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
"github.com/anchore/grype/internal"
|
||||
"github.com/anchore/grype/internal/version"
|
||||
"github.com/spf13/cobra"
|
||||
|
@ -35,7 +34,7 @@ func printVersion(_ *cobra.Command, _ []string) {
|
|||
fmt.Println("Platform: ", versionInfo.Platform)
|
||||
fmt.Println("GoVersion: ", versionInfo.GoVersion)
|
||||
fmt.Println("Compiler: ", versionInfo.Compiler)
|
||||
fmt.Println("Supported DB Schema: ", db.SchemaVersion)
|
||||
fmt.Println("Supported DB Schema: ", v1.SchemaVersion)
|
||||
} else {
|
||||
fmt.Printf("%s %s\n", internal.ApplicationName, versionInfo.Version)
|
||||
}
|
||||
|
|
2
go.mod
2
go.mod
|
@ -6,7 +6,7 @@ require (
|
|||
github.com/adrg/xdg v0.2.1
|
||||
github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db
|
||||
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b
|
||||
github.com/anchore/grype-db v0.0.0-20200725230023-ff38124c1f49
|
||||
github.com/anchore/grype-db v0.0.0-20200727124815-9139f1175e84
|
||||
github.com/anchore/syft v0.0.0-20200724122256-9ec5da24dd28
|
||||
github.com/facebookincubator/nvdtools v0.1.4-0.20200622182922-aed862a62ae6
|
||||
github.com/go-test/deep v1.0.7
|
||||
|
|
10
go.sum
10
go.sum
|
@ -115,18 +115,12 @@ github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db h1:LWKezJnFTF
|
|||
github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db/go.mod h1:D3rc2L/q4Hcp9eeX6AIJH4Q+kPjOtJCFhG9za90j+nU=
|
||||
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZVsCYMrIZBpFxwV26CbsuoEh5muXD5I1Ods=
|
||||
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
|
||||
github.com/anchore/grype-db v0.0.0-20200724105409-0ddbeb65f5a3 h1:otpVUWQ2HXmL7nX5+t3W94qMqJCaSOW+Myen783WJs8=
|
||||
github.com/anchore/grype-db v0.0.0-20200724105409-0ddbeb65f5a3/go.mod h1:LINmipRzG88vnJEWvgMMDVCFH1qZsj7+bjmpERlSyaA=
|
||||
github.com/anchore/grype-db v0.0.0-20200725230023-ff38124c1f49 h1:nPrHsCcS0kdqfMhEcHx2TVazthM1j2P+UtkZeSLEnz0=
|
||||
github.com/anchore/grype-db v0.0.0-20200725230023-ff38124c1f49/go.mod h1:LINmipRzG88vnJEWvgMMDVCFH1qZsj7+bjmpERlSyaA=
|
||||
github.com/anchore/siren-db v0.0.0-20200721170640-64923624e7b2 h1:j3MwtIO1HBgGYD7pG0RVl+jXwkgpTfTk1EoT/QFIYhY=
|
||||
github.com/anchore/siren-db v0.0.0-20200721170640-64923624e7b2/go.mod h1:/n1sNOhAfvg5CrlhjWOinKEWpeLYYm9H8gv+afWtpOk=
|
||||
github.com/anchore/grype-db v0.0.0-20200727124815-9139f1175e84 h1:Fl3ST7iUGaJSZwq80bO68PuISQd0d6FsDw24TMezHFY=
|
||||
github.com/anchore/grype-db v0.0.0-20200727124815-9139f1175e84/go.mod h1:LINmipRzG88vnJEWvgMMDVCFH1qZsj7+bjmpERlSyaA=
|
||||
github.com/anchore/stereoscope v0.0.0-20200520221116-025e07f1c93e h1:QBwtrM0MXi0z+GcHk3RoSyzaQ+CLgas0bC/uOd1P+PQ=
|
||||
github.com/anchore/stereoscope v0.0.0-20200520221116-025e07f1c93e/go.mod h1:bkyLl5VITnrmgErv4S1vDfVz/TGAZ5il6161IQo7w2g=
|
||||
github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639 h1:J1oytkj+aBuACNF2whtEiVxRXIZ8zwT+EiPTqm/FvwA=
|
||||
github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639/go.mod h1:WntReQTI/I27FOQ87UgLVVzWgku6+ZsqfOTLxpIZFCs=
|
||||
github.com/anchore/syft v0.0.0-20200724005404-a4016d35ce09 h1:kDfnvX7J6Ys6GXonKNbttQvgyh0dzQCfuLy0wiJlc/c=
|
||||
github.com/anchore/syft v0.0.0-20200724005404-a4016d35ce09/go.mod h1:9y7/7XgBFbHBEer3tJt5TMDfMm8/enrhB420Stuan4A=
|
||||
github.com/anchore/syft v0.0.0-20200724122256-9ec5da24dd28 h1:g35+t2H/4gukUtuQRIZbjTK+IrBy7uz/l9wzh0TNvYA=
|
||||
github.com/anchore/syft v0.0.0-20200724122256-9ec5da24dd28/go.mod h1:9y7/7XgBFbHBEer3tJt5TMDfMm8/enrhB420Stuan4A=
|
||||
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 h1:bvNMNQO63//z+xNgfBlViaCIJKLlCJ6/fmUseuG0wVQ=
|
||||
|
|
|
@ -7,15 +7,15 @@ import (
|
|||
"path"
|
||||
|
||||
"github.com/anchore/grype-db/pkg/curation"
|
||||
"github.com/anchore/grype-db/pkg/db"
|
||||
"github.com/anchore/grype-db/pkg/store/sqlite/reader"
|
||||
v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
"github.com/anchore/grype-db/pkg/db/v1/reader"
|
||||
"github.com/anchore/grype/internal/file"
|
||||
"github.com/anchore/grype/internal/log"
|
||||
"github.com/spf13/afero"
|
||||
)
|
||||
|
||||
const (
|
||||
FileName = db.VulnerabilityStoreFileName
|
||||
FileName = v1.VulnerabilityStoreFileName
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
|
@ -34,12 +34,12 @@ func NewCurator(cfg Config) (Curator, error) {
|
|||
return Curator{
|
||||
config: cfg,
|
||||
fs: afero.NewOsFs(),
|
||||
targetSchema: db.SchemaVersion,
|
||||
targetSchema: v1.SchemaVersion,
|
||||
client: &file.HashiGoGetter{},
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (c *Curator) GetStore() (db.VulnerabilityStoreReader, error) {
|
||||
func (c *Curator) GetStore() (v1.VulnerabilityStoreReader, error) {
|
||||
// ensure the DB is ok
|
||||
err := c.Validate()
|
||||
if err != nil {
|
||||
|
@ -67,7 +67,7 @@ func (c *Curator) Status() Status {
|
|||
return Status{
|
||||
Age: metadata.Built,
|
||||
CurrentSchemaVersion: metadata.Version,
|
||||
RequiredSchemeVersion: db.SchemaVersion,
|
||||
RequiredSchemeVersion: v1.SchemaVersion,
|
||||
Location: c.config.DbDir,
|
||||
Err: err,
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@ package vulnerability
|
|||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/anchore/grype-db/pkg/db"
|
||||
v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
"github.com/anchore/grype/grype/cpe"
|
||||
"github.com/anchore/syft/syft/distro"
|
||||
"github.com/anchore/syft/syft/pkg"
|
||||
|
@ -11,10 +11,10 @@ import (
|
|||
)
|
||||
|
||||
type StoreProvider struct {
|
||||
store db.VulnerabilityStoreReader
|
||||
store v1.VulnerabilityStoreReader
|
||||
}
|
||||
|
||||
func NewProviderFromStore(store db.VulnerabilityStoreReader) *StoreProvider {
|
||||
func NewProviderFromStore(store v1.VulnerabilityStoreReader) *StoreProvider {
|
||||
return &StoreProvider{
|
||||
store: store,
|
||||
}
|
||||
|
|
|
@ -1,21 +1,21 @@
|
|||
package vulnerability
|
||||
|
||||
import "github.com/anchore/grype-db/pkg/db"
|
||||
import v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
|
||||
type mockStore struct {
|
||||
data map[string]map[string][]db.Vulnerability
|
||||
data map[string]map[string][]v1.Vulnerability
|
||||
}
|
||||
|
||||
func newMockStore() *mockStore {
|
||||
d := mockStore{
|
||||
data: make(map[string]map[string][]db.Vulnerability),
|
||||
data: make(map[string]map[string][]v1.Vulnerability),
|
||||
}
|
||||
d.stub()
|
||||
return &d
|
||||
}
|
||||
|
||||
func (d *mockStore) stub() {
|
||||
d.data["debian:8"] = map[string][]db.Vulnerability{
|
||||
d.data["debian:8"] = map[string][]v1.Vulnerability{
|
||||
"neutron": {
|
||||
{
|
||||
PackageName: "neutron",
|
||||
|
@ -33,7 +33,7 @@ func (d *mockStore) stub() {
|
|||
},
|
||||
},
|
||||
}
|
||||
d.data["nvd"] = map[string][]db.Vulnerability{
|
||||
d.data["nvd"] = map[string][]v1.Vulnerability{
|
||||
"activerecord": {
|
||||
{
|
||||
PackageName: "activerecord",
|
||||
|
@ -79,6 +79,6 @@ func (d *mockStore) stub() {
|
|||
}
|
||||
}
|
||||
|
||||
func (d *mockStore) GetVulnerability(namespace, name string) ([]db.Vulnerability, error) {
|
||||
func (d *mockStore) GetVulnerability(namespace, name string) ([]v1.Vulnerability, error) {
|
||||
return d.data[namespace][name], nil
|
||||
}
|
||||
|
|
|
@ -3,10 +3,8 @@ package vulnerability
|
|||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/anchore/grype-db/pkg/db"
|
||||
|
||||
v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
"github.com/anchore/grype/grype/cpe"
|
||||
|
||||
"github.com/anchore/grype/grype/version"
|
||||
)
|
||||
|
||||
|
@ -16,7 +14,7 @@ type Vulnerability struct {
|
|||
ID string
|
||||
}
|
||||
|
||||
func NewVulnerability(vuln db.Vulnerability) (*Vulnerability, error) {
|
||||
func NewVulnerability(vuln v1.Vulnerability) (*Vulnerability, error) {
|
||||
format := version.ParseFormat(vuln.VersionFormat)
|
||||
|
||||
constraint, err := version.GetConstraint(vuln.VersionConstraint, format)
|
||||
|
|
|
@ -1,21 +1,21 @@
|
|||
package integration
|
||||
|
||||
import (
|
||||
"github.com/anchore/grype-db/pkg/db"
|
||||
v1 "github.com/anchore/grype-db/pkg/db/v1"
|
||||
)
|
||||
|
||||
// integrity check
|
||||
var _ db.VulnerabilityStoreReader = &mockStore{}
|
||||
var _ v1.VulnerabilityStoreReader = &mockStore{}
|
||||
|
||||
type mockStore struct {
|
||||
backend map[string]map[string][]db.Vulnerability
|
||||
backend map[string]map[string][]v1.Vulnerability
|
||||
}
|
||||
|
||||
func NewMockDbStore() *mockStore {
|
||||
return &mockStore{
|
||||
backend: map[string]map[string][]db.Vulnerability{
|
||||
backend: map[string]map[string][]v1.Vulnerability{
|
||||
"github:npm": {
|
||||
"validator": []db.Vulnerability{
|
||||
"validator": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-javascript-validator",
|
||||
VersionConstraint: "< 3.2.1",
|
||||
|
@ -24,7 +24,7 @@ func NewMockDbStore() *mockStore {
|
|||
},
|
||||
},
|
||||
"github:python": {
|
||||
"Pygments": []db.Vulnerability{
|
||||
"Pygments": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-python-pygments",
|
||||
VersionConstraint: "< 2.6.2",
|
||||
|
@ -33,7 +33,7 @@ func NewMockDbStore() *mockStore {
|
|||
},
|
||||
},
|
||||
"github:gem": {
|
||||
"rails": []db.Vulnerability{
|
||||
"rails": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-ruby-activerecord",
|
||||
VersionConstraint: "> 4.0.0, <= 4.1.1",
|
||||
|
@ -42,7 +42,7 @@ func NewMockDbStore() *mockStore {
|
|||
},
|
||||
},
|
||||
"github:java": {
|
||||
"org.anchore:example-java-app-maven": []db.Vulnerability{
|
||||
"org.anchore:example-java-app-maven": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-java-example-java-app",
|
||||
VersionConstraint: ">= 0.0.1, < 1.2.0",
|
||||
|
@ -51,7 +51,7 @@ func NewMockDbStore() *mockStore {
|
|||
},
|
||||
},
|
||||
"debian:8": {
|
||||
"apt-dev": []db.Vulnerability{
|
||||
"apt-dev": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-dpkg-apt",
|
||||
VersionConstraint: "<= 1.8.2",
|
||||
|
@ -60,7 +60,7 @@ func NewMockDbStore() *mockStore {
|
|||
},
|
||||
},
|
||||
"rhel:8": {
|
||||
"dive": []db.Vulnerability{
|
||||
"dive": []v1.Vulnerability{
|
||||
{
|
||||
ID: "CVE-rpmdb-dive",
|
||||
VersionConstraint: "<= 1.0.42",
|
||||
|
@ -72,7 +72,7 @@ func NewMockDbStore() *mockStore {
|
|||
}
|
||||
}
|
||||
|
||||
func (s *mockStore) GetVulnerability(namespace, name string) ([]db.Vulnerability, error) {
|
||||
func (s *mockStore) GetVulnerability(namespace, name string) ([]v1.Vulnerability, error) {
|
||||
namespaceMap := s.backend[namespace]
|
||||
if namespaceMap == nil {
|
||||
return nil, nil
|
||||
|
|
Loading…
Reference in a new issue