You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using multiple namespaces, a feature's namespace is currently determined by looking up existing namespaces from all ancestry layers including current layer, and check if the namespace's version format matches the feature's version format. If there's nothing found, we just give up. https://github.com/coreos/clair/blob/master/worker.go#L367
This can false assumption under the fact that we can install or user another package manager.
Simple case:
base
Layer 1: Namespace = ubuntu:latest, there's no package manager database.
Layer 2: We detect a change in package manager database with Curl in Nix database.
leaf
Even though Curl doesn't have dpkg as its version format, it still by fact exists under ubuntu:latest.
Environment
Clair version/image: MASTER
Clair client name/version:
Host OS:
Kernel (e.g. uname -a):
Kubernetes version (use kubectl version):
Helm version (use helm version):
Network/Firewall setup:
The text was updated successfully, but these errors were encountered:
We’re declaring bug bankruptcy as part of the release process for a new major version of Clair. Please open a ticket in our issue tracker if you feel this still needs to be addressed, and we'll triage as part of our v4 development process. Thanks!
Description of Problem / Feature Request
When using multiple namespaces, a feature's namespace is currently determined by looking up existing namespaces from all ancestry layers including current layer, and check if the namespace's version format matches the feature's version format. If there's nothing found, we just give up.
https://github.com/coreos/clair/blob/master/worker.go#L367
In Clair, any namespace's version format is assumed.
e.g. https://github.com/coreos/clair/blob/master/ext/featurens/osrelease/osrelease.go#L86
For example, ubuntu is assumed to use dpkg, and therefore, dpkg is the version format.
This can false assumption under the fact that we can install or user another package manager.
Simple case:
base
Layer 1: Namespace = ubuntu:latest, there's no package manager database.
Layer 2: We detect a change in package manager database with Curl in Nix database.
leaf
Even though Curl doesn't have dpkg as its version format, it still by fact exists under ubuntu:latest.
Environment
uname -a
):kubectl version
):helm version
):The text was updated successfully, but these errors were encountered: