forked from quay/claircore
/
updates.go
71 lines (63 loc) · 1.75 KB
/
updates.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package libvuln
import (
"compress/gzip"
"context"
"io"
"github.com/jackc/pgx/v4/pgxpool"
"github.com/quay/zlog"
"go.opentelemetry.io/otel/baggage"
"go.opentelemetry.io/otel/label"
"github.com/Panzer1119/claircore/internal/vulnstore/postgres"
"github.com/Panzer1119/claircore/libvuln/driver"
"github.com/Panzer1119/claircore/libvuln/jsonblob"
)
// OfflineImport takes the format written into the io.Writer provided to
// NewOfflineUpdater and imports the contents into the provided pgxpool.Pool.
func OfflineImport(ctx context.Context, pool *pgxpool.Pool, in io.Reader) error {
// BUG(hank) The OfflineImport function is a wart, needed to work around
// some package namespacing issues. It should get refactored if claircore
// gets merged into clair.
ctx = baggage.ContextWithValues(ctx,
label.String("component", "libvuln/OfflineImporter"))
gz, err := gzip.NewReader(in)
if err != nil {
return err
}
defer gz.Close()
s := postgres.NewVulnStore(pool)
l, err := jsonblob.Load(ctx, gz)
if err != nil {
return err
}
ops, err := s.GetUpdateOperations(ctx, driver.VulnerabilityKind)
if err != nil {
return err
}
Update:
for l.Next() {
e := l.Entry()
for _, op := range ops[e.Updater] {
// This only helps if updaters don't keep something that
// changes in the fingerprint.
if op.Fingerprint == e.Fingerprint {
zlog.Info(ctx).
Str("updater", e.Updater).
Msg("fingerprint match, skipping")
continue Update
}
}
ref, err := s.UpdateVulnerabilities(ctx, e.Updater, e.Fingerprint, e.Vuln)
if err != nil {
return err
}
zlog.Info(ctx).
Str("updater", e.Updater).
Str("ref", ref.String()).
Int("count", len(e.Vuln)).
Msg("update imported")
}
if err := l.Err(); err != nil {
return err
}
return nil
}