mirror of
https://github.com/anchore/grype
synced 2024-09-20 06:21:56 +00:00
feat: enrich db check cmd feedback (#853)
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
This commit is contained in:
parent
ad9f0ac76e
commit
80f9e04289
4 changed files with 39 additions and 12 deletions
2
Makefile
2
Makefile
|
@ -25,7 +25,7 @@ COVERAGE_THRESHOLD := 47
|
|||
|
||||
# CI cache busting values; change these if you want CI to not use previous stored cache
|
||||
BOOTSTRAP_CACHE="c7afb99ad"
|
||||
INTEGRATION_CACHE_BUSTER="894d8ca"
|
||||
INTEGRATION_CACHE_BUSTER="904d8ca"
|
||||
|
||||
## Build variables
|
||||
DISTDIR=./dist
|
||||
|
|
|
@ -25,7 +25,7 @@ func runDBCheckCmd(_ *cobra.Command, _ []string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
updateAvailable, _, err := dbCurator.IsUpdateAvailable()
|
||||
updateAvailable, currentDBMetadata, updateDBEntry, err := dbCurator.IsUpdateAvailable()
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to check for vulnerability database update: %+v", err)
|
||||
}
|
||||
|
@ -34,5 +34,15 @@ func runDBCheckCmd(_ *cobra.Command, _ []string) error {
|
|||
return stderrPrintLnf("No update available")
|
||||
}
|
||||
|
||||
return stderrPrintLnf("Update available!")
|
||||
fmt.Println("Update available!")
|
||||
|
||||
if currentDBMetadata != nil {
|
||||
fmt.Printf("Current DB version %d was built on %s\n", currentDBMetadata.Version, currentDBMetadata.Built.String())
|
||||
}
|
||||
|
||||
fmt.Printf("Updated DB version %d was built on %s\n", updateDBEntry.Version, updateDBEntry.Built.String())
|
||||
fmt.Printf("Updated DB URL: %s\n", updateDBEntry.URL.String())
|
||||
fmt.Println("You can run 'grype db update' to update to the latest db")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -41,7 +41,7 @@ func startDBUpdateCmd() <-chan error {
|
|||
|
||||
result := "No vulnerability database update available\n"
|
||||
if updated {
|
||||
result = "Vulnerability database updated!\n"
|
||||
result = "Vulnerability database updated to latest version!\n"
|
||||
}
|
||||
|
||||
bus.Publish(partybus.Event{
|
||||
|
|
|
@ -143,7 +143,7 @@ func (c *Curator) Update() (bool, error) {
|
|||
defer downloadProgress.SetCompleted()
|
||||
defer importProgress.SetCompleted()
|
||||
|
||||
updateAvailable, updateEntry, err := c.IsUpdateAvailable()
|
||||
updateAvailable, metadata, updateEntry, err := c.IsUpdateAvailable()
|
||||
if err != nil {
|
||||
// we want to continue if possible even if we can't check for an update
|
||||
log.Warnf("unable to check for vulnerability database update")
|
||||
|
@ -155,42 +155,59 @@ func (c *Curator) Update() (bool, error) {
|
|||
if err != nil {
|
||||
return false, fmt.Errorf("unable to update vulnerability database: %w", err)
|
||||
}
|
||||
log.Infof("updated vulnerability DB to version=%d built=%q", updateEntry.Version, updateEntry.Built.String())
|
||||
|
||||
if metadata != nil {
|
||||
log.Infof(
|
||||
"updated vulnerability DB from version=%d built=%q to version=%d built=%q",
|
||||
metadata.Version,
|
||||
metadata.Built.String(),
|
||||
updateEntry.Version,
|
||||
updateEntry.Built.String(),
|
||||
)
|
||||
return true, nil
|
||||
}
|
||||
|
||||
log.Infof(
|
||||
"downloaded new vulnerability DB version=%d built=%q",
|
||||
updateEntry.Version,
|
||||
updateEntry.Built.String(),
|
||||
)
|
||||
return true, nil
|
||||
}
|
||||
|
||||
stage.Current = "no update available"
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// IsUpdateAvailable indicates if there is a new update available as a boolean, and returns the latest listing information
|
||||
// available for this schema.
|
||||
func (c *Curator) IsUpdateAvailable() (bool, *ListingEntry, error) {
|
||||
func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error) {
|
||||
log.Debugf("checking for available database updates")
|
||||
|
||||
listing, err := c.ListingFromURL()
|
||||
if err != nil {
|
||||
return false, nil, err
|
||||
return false, nil, nil, err
|
||||
}
|
||||
|
||||
updateEntry := listing.BestUpdate(c.targetSchema)
|
||||
if updateEntry == nil {
|
||||
return false, nil, fmt.Errorf("no db candidates with correct version available (maybe there is an application update available?)")
|
||||
return false, nil, nil, fmt.Errorf("no db candidates with correct version available (maybe there is an application update available?)")
|
||||
}
|
||||
log.Debugf("found database update candidate: %s", updateEntry)
|
||||
|
||||
// compare created data to current db date
|
||||
current, err := NewMetadataFromDir(c.fs, c.dbDir)
|
||||
if err != nil {
|
||||
return false, nil, fmt.Errorf("current metadata corrupt: %w", err)
|
||||
return false, nil, nil, fmt.Errorf("current metadata corrupt: %w", err)
|
||||
}
|
||||
|
||||
if current.IsSupersededBy(updateEntry) {
|
||||
log.Debugf("database update available: %s", updateEntry)
|
||||
return true, updateEntry, nil
|
||||
return true, current, updateEntry, nil
|
||||
}
|
||||
log.Debugf("no database update available")
|
||||
|
||||
return false, nil, nil
|
||||
return false, nil, nil, nil
|
||||
}
|
||||
|
||||
// UpdateTo updates the existing DB with the specific other version provided from a listing entry.
|
||||
|
|
Loading…
Reference in a new issue