feat(metadata): add vulnerability-database-updated-at in metadata #12
Conversation
Codecov Report
@@ Coverage Diff @@
## master #12 +/- ##
=========================================
Coverage ? 51.75%
=========================================
Files ? 13
Lines ? 541
Branches ? 0
=========================================
Hits ? 280
Misses ? 244
Partials ? 17
Continue to review full report at Codecov.
|
| @@ -33,6 +33,7 @@ Configuration of the adapter is done via environment variables at startup. | |||
| | `SCANNER_API_SERVER_WRITE_TIMEOUT` | `15s` | The maximum duration before timing out writes of the response. | | |||
| | `SCANNER_API_SERVER_IDLE_TIMEOUT` | `60s` | The maximum amount of time to wait for the next request when keep-alives are enabled. | | |||
| | `SCANNER_CLAIR_URL` | `http://harbor-harbor-clair:6060` | Clair URL | | |||
| | `SCANNER_CLAIR_DATABASE_URL` | | The Clair database URL, it is used to fetch vulnerability database updated time of the Clair. Its format is `postgresql://user:password@host/db?sslmode=disable` | | |||
There was a problem hiding this comment.
There are three columns in the table, the middle one is the default value of the config, for SCANNER_CLAIR_DATABASE_URL is empty string which means not return the vulnerability database updated time in the metadata of the scanner.
| endpointURL string | ||
| // need to customize the logger to write output to job log. | ||
| client *http.Client | ||
| } | ||
|
|
||
| // NewClient constructs a new client for Clair REST API pointing to the specified endpoint URL. | ||
| func NewClient(tlsConfig etc.TLSConfig, cfg etc.ClairConfig) Client { | ||
| var db *sql.DB | ||
| if cfg.DatabaseURL != "" { |
There was a problem hiding this comment.
I don't think we should return an error here as CVE timestamp is an optional feature. Logging it is ok.
There was a problem hiding this comment.
this feature enabled only clair database url configed, return error is ok when users enable this feature but adapter can not connect the db
pkg/http/api/v1/handler_test.go
Outdated
| "net/http" | ||
| "net/http/httptest" | ||
| "strings" | ||
| "testing" | ||
| "time" | ||
|
|
||
| "github.com/goharbor/harbor-scanner-clair/pkg/harbor" | ||
| "github.com/goharbor/harbor-scanner-clair/pkg/job" | ||
|
|
heww
force-pushed
the
vulnerability-database-updated-at
branch
from
03cdeab
to
e12025a
Compare
Signed-off-by: He Weiwei <hweiwei@vmware.com>
heww
force-pushed
the
vulnerability-database-updated-at
branch
from
e12025a
to
85ce953
Compare
|
as we both approved this PR, let's merge it. |
returns
harbor.scanner-adapter/vulnerability-database-updated-atin metadata when config clair database url for the scannerSigned-off-by: He Weiwei hweiwei@vmware.com