Documentation
¶
Index ¶
- Constants
- func ServeSecDB(t *testing.T, txtarFile string) (string, *http.Client)
- type Factory
- type FactoryConfig
- type Updater
- func (u *Updater) Configure(ctx context.Context, f driver.ConfigUnmarshaler, c *http.Client) error
- func (u *Updater) DeltaParse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, []string, error)
- func (u *Updater) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error)
- func (u *Updater) Name() string
- func (u *Updater) Parse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, error)
- type UpdaterConfig
Constants ¶
const ( // BaseURL is the base url for the Red Hat VEX security data. // //doc:url updater BaseURL = "https://security.access.redhat.com/data/csaf/v2/vex/" )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Factory ¶
type Factory struct {
// contains filtered or unexported fields
}
Factory creates an Updater to process all of the Red Hat VEX data.
[Configure] must be called before [UpdaterSet].
func (*Factory) UpdaterSet ¶
UpdaterSet constructs one Updater
type FactoryConfig ¶
type FactoryConfig struct { // URL indicates the base URL for the VEX. // // Must include the trailing slash. URL string `json:"url" yaml:"url"` }
FactoryConfig is the configuration honored by the Factory.
The URL is where the updater expects the VEX data to be published (and must end with a slash).
type Updater ¶
type Updater struct {
// contains filtered or unexported fields
}
Updater is responsible from reading VEX data served at the URL and creating vulnerabilities.
func (*Updater) DeltaParse ¶
func (u *Updater) DeltaParse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, []string, error)
DeltaParse implements driver.DeltaUpdater.
func (*Updater) Fetch ¶
func (u *Updater) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error)
Fetch pulls data down from the Red Hat VEX endpoints. The order of operations is:
- Check if we need to process the entire archive of data. If yes: - Make a request to discover the latest archive endpoint. - Make a HEAD request to archive endpoint to get the last-modified header. - Save the last-modified time in the fingerprint's requestTime.
- Process the changes.csv file, requesting and appending the entries that changed since the finderprint's requestTime.
- Process the deletions.csv file, processing the entries that changed since the finderprint's requestTime.
- If we need to process entire archive, request the archive data and append the entries that have not been changed or deleted.
This helps to ensure that we only persist one copy of an advisory in the worst possible case. In most cases, after the initial load, the number of processed files should be very small.
func (*Updater) Parse ¶
func (u *Updater) Parse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, error)
Parse implements driver.Updater.
type UpdaterConfig ¶
type UpdaterConfig struct { // URL overrides any discovered URL for the JSON file. URL string `json:"url" yaml:"url"` }
UpdaterConfig is the configuration for the updater.