diff --git a/Makefile b/Makefile index 54e0b1e8..44ffad0f 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ COVERAGE_THRESHOLD := 47 # CI cache busting values; change these if you want CI to not use previous stored cache BOOTSTRAP_CACHE="c7afb99ad" -INTEGRATION_CACHE_BUSTER="894d8ca" +INTEGRATION_CACHE_BUSTER="904d8ca" ## Build variables DISTDIR=./dist diff --git a/cmd/db_check.go b/cmd/db_check.go index 561a69ef..94f9bcec 100644 --- a/cmd/db_check.go +++ b/cmd/db_check.go @@ -25,7 +25,7 @@ func runDBCheckCmd(_ *cobra.Command, _ []string) error { return err } - updateAvailable, _, err := dbCurator.IsUpdateAvailable() + updateAvailable, currentDBMetadata, updateDBEntry, err := dbCurator.IsUpdateAvailable() if err != nil { return fmt.Errorf("unable to check for vulnerability database update: %+v", err) } @@ -34,5 +34,15 @@ func runDBCheckCmd(_ *cobra.Command, _ []string) error { return stderrPrintLnf("No update available") } - return stderrPrintLnf("Update available!") + fmt.Println("Update available!") + + if currentDBMetadata != nil { + fmt.Printf("Current DB version %d was built on %s\n", currentDBMetadata.Version, currentDBMetadata.Built.String()) + } + + fmt.Printf("Updated DB version %d was built on %s\n", updateDBEntry.Version, updateDBEntry.Built.String()) + fmt.Printf("Updated DB URL: %s\n", updateDBEntry.URL.String()) + fmt.Println("You can run 'grype db update' to update to the latest db") + + return nil } diff --git a/cmd/db_update.go b/cmd/db_update.go index 21a9de7d..d697d68f 100644 --- a/cmd/db_update.go +++ b/cmd/db_update.go @@ -41,7 +41,7 @@ func startDBUpdateCmd() <-chan error { result := "No vulnerability database update available\n" if updated { - result = "Vulnerability database updated!\n" + result = "Vulnerability database updated to latest version!\n" } bus.Publish(partybus.Event{ diff --git a/grype/db/curator.go b/grype/db/curator.go index 6934a7f7..dbc343f2 100644 --- a/grype/db/curator.go +++ b/grype/db/curator.go @@ -143,7 +143,7 @@ func (c *Curator) Update() (bool, error) { defer downloadProgress.SetCompleted() defer importProgress.SetCompleted() - updateAvailable, updateEntry, err := c.IsUpdateAvailable() + updateAvailable, metadata, updateEntry, err := c.IsUpdateAvailable() if err != nil { // we want to continue if possible even if we can't check for an update log.Warnf("unable to check for vulnerability database update") @@ -155,42 +155,59 @@ func (c *Curator) Update() (bool, error) { if err != nil { return false, fmt.Errorf("unable to update vulnerability database: %w", err) } - log.Infof("updated vulnerability DB to version=%d built=%q", updateEntry.Version, updateEntry.Built.String()) + + if metadata != nil { + log.Infof( + "updated vulnerability DB from version=%d built=%q to version=%d built=%q", + metadata.Version, + metadata.Built.String(), + updateEntry.Version, + updateEntry.Built.String(), + ) + return true, nil + } + + log.Infof( + "downloaded new vulnerability DB version=%d built=%q", + updateEntry.Version, + updateEntry.Built.String(), + ) return true, nil } + stage.Current = "no update available" return false, nil } // IsUpdateAvailable indicates if there is a new update available as a boolean, and returns the latest listing information // available for this schema. -func (c *Curator) IsUpdateAvailable() (bool, *ListingEntry, error) { +func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error) { log.Debugf("checking for available database updates") listing, err := c.ListingFromURL() if err != nil { - return false, nil, err + return false, nil, nil, err } updateEntry := listing.BestUpdate(c.targetSchema) if updateEntry == nil { - return false, nil, fmt.Errorf("no db candidates with correct version available (maybe there is an application update available?)") + return false, nil, nil, fmt.Errorf("no db candidates with correct version available (maybe there is an application update available?)") } log.Debugf("found database update candidate: %s", updateEntry) // compare created data to current db date current, err := NewMetadataFromDir(c.fs, c.dbDir) if err != nil { - return false, nil, fmt.Errorf("current metadata corrupt: %w", err) + return false, nil, nil, fmt.Errorf("current metadata corrupt: %w", err) } if current.IsSupersededBy(updateEntry) { log.Debugf("database update available: %s", updateEntry) - return true, updateEntry, nil + return true, current, updateEntry, nil } log.Debugf("no database update available") - return false, nil, nil + return false, nil, nil, nil } // UpdateTo updates the existing DB with the specific other version provided from a listing entry.