Merge pull request #117 from kubescape/offline

allow grypeDB listing URL override via config

adapters/v1/grype.go

@@ -42,11 +42,11 @@ var _ ports.CVEScanner = (*GrypeAdapter)(nil)
 
 // NewGrypeAdapter initializes the GrypeAdapter structure
 // DB loading is done via readiness probes
-func NewGrypeAdapter() *GrypeAdapter {
+func NewGrypeAdapter(listingURL string) *GrypeAdapter {
 	g := &GrypeAdapter{
 		dbConfig: db.Config{
 			DBRootDir:  path.Join(xdg.CacheHome, "grype", "db"),
-			ListingURL: "https://toolbox-data.anchore.io/grype/databases/listing.json",
+			ListingURL: listingURL,
 		},
 	}
 	return g
@@ -84,7 +84,7 @@ func (g *GrypeAdapter) Ready(ctx context.Context) bool {
 		defer g.mu.Unlock()
 		ctx, span := otel.Tracer("").Start(ctx, "GrypeAdapter.UpdateDB")
 		defer span.End()
-		logger.L().Info("updating grype DB")
+		logger.L().Info("updating grype DB", helpers.String("listingURL", g.dbConfig.ListingURL))
 		var err error
 		g.store, g.dbStatus, g.dbCloser, err = grype.LoadVulnerabilityDB(g.dbConfig, true)
 		if err != nil {

adapters/v1/grype_test.go

@@ -84,7 +84,7 @@ func Test_grypeAdapter_ScanSBOM(t *testing.T) {
 
 func Test_grypeAdapter_Version(t *testing.T) {
 	ctx := context.TODO()
-	g := NewGrypeAdapter()
+	g := NewGrypeAdapter("")
 	version := g.Version(ctx)
 	assert.NotEqual(t, version, "")
 }

cmd/http/main.go

@@ -53,7 +53,7 @@ func main() {
 		}
 	}
 	sbomAdapter := v1.NewSyftAdapter(c.ScanTimeout, c.MaxImageSize)
-	cveAdapter := v1.NewGrypeAdapter()
+	cveAdapter := v1.NewGrypeAdapter(c.ListingURL)
 	var platform ports.Platform
 	if c.KeepLocal {
 		platform = adapters.NewMockPlatform()

config/config.go

@@ -12,6 +12,7 @@ type Config struct {
 	ClusterName          string        `mapstructure:"clusterName"`
 	EventReceiverRestURL string        `mapstructure:"eventReceiverRestURL"`
 	KeepLocal            bool          `mapstructure:"keepLocal"`
+	ListingURL           string        `mapstructure:"listingURL"`
 	MaxImageSize         int64         `mapstructure:"maxImageSize"`
 	ScanConcurrency      int           `mapstructure:"scanConcurrency"`
 	ScanTimeout          time.Duration `mapstructure:"scanTimeout"`
@@ -24,6 +25,7 @@ func LoadConfig(path string) (Config, error) {
 	viper.SetConfigName("clusterData")
 	viper.SetConfigType("json")
 
+	viper.SetDefault("listingURL", "https://toolbox-data.anchore.io/grype/databases/listing.json")
 	viper.SetDefault("maxImageSize", 512*1024*1024)
 	viper.SetDefault("scanConcurrency", 1)
 	viper.SetDefault("scanTimeout", 5*time.Minute)