rhel: remove rhel oval updater from defaults

Given that the rhel-vex data will be responsible for Red Hat vulnerabilities we no longer want the existing OVAL updater to be a default (or even selectable). This patch also removes existing RHEL OVAL data from the matcher DB. Signed-off-by: crozzy <joseph.crosland@gmail.com>
quay · May 14, 2024 · 818d85d · 818d85d
1 parent d70dd9d
commit 818d85d
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 6 deletions.
diff --git a/datastore/postgres/migrations/matcher/13-delete-rhel-oval.sql b/datastore/postgres/migrations/matcher/13-delete-rhel-oval.sql
@@ -0,0 +1,4 @@
+-- The rhel-vex updater will now be responsible for RHEL advisories so we have
+-- to delete the existing rhel vulnerabilities.
+DELETE FROM update_operation WHERE updater ~ 'RHEL[5-9]-*';
+DELETE FROM vuln v2 where v2.updater ~ 'RHEL[5-9]-*';
diff --git a/datastore/postgres/migrations/migrations.go b/datastore/postgres/migrations/migrations.go
@@ -108,4 +108,8 @@ var MatcherMigrations = []migrate.Migration{
 		ID: 12,
 		Up: runFile("matcher/12-add-latest_update_operation-index.sql"),
 	},
+	{
+		ID: 13,
+		Up: runFile("matcher/13-delete-rhel-oval.sql"),
+	},
 }
diff --git a/updater/defaults/defaults.go b/updater/defaults/defaults.go
@@ -15,7 +15,6 @@ import (
 	"github.com/quay/claircore/libvuln/driver"
 	"github.com/quay/claircore/oracle"
 	"github.com/quay/claircore/photon"
-	"github.com/quay/claircore/rhel"
 	"github.com/quay/claircore/rhel/rhcc"
 	"github.com/quay/claircore/rhel/vex"
 	"github.com/quay/claircore/suse"
@@ -42,11 +41,6 @@ func Error() error {
 }
 
 func inner(ctx context.Context) error {
-	rf, err := rhel.NewFactory(ctx, rhel.DefaultManifest)
-	if err != nil {
-		return err
-	}
-	updater.Register("rhel", rf)
 	af, err := alpine.NewFactory(ctx)
 	if err != nil {
 		return err