vex

package
v1.5.35 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 11, 2025 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// BaseURL is the base url for the Red Hat VEX security data.
	//
	//doc:url updater
	BaseURL = "https://security.access.redhat.com/data/csaf/v2/vex/"
)

Variables

This section is empty.

Functions

func ServeSecDB added in v1.5.34

func ServeSecDB(t *testing.T, txtarFile string) (string, *http.Client)

Types

type Factory

type Factory struct {
	// contains filtered or unexported fields
}

Factory creates an Updater to process all of the Red Hat VEX data.

[Configure] must be called before [UpdaterSet].

func (*Factory) Configure

func (f *Factory) Configure(ctx context.Context, cf driver.ConfigUnmarshaler, c *http.Client) error

Configure implements driver.Configurable

func (*Factory) UpdaterSet

func (f *Factory) UpdaterSet(_ context.Context) (driver.UpdaterSet, error)

UpdaterSet constructs one Updater

type FactoryConfig

type FactoryConfig struct {
	// URL indicates the base URL for the VEX.
	//
	// Must include the trailing slash.
	URL string `json:"url" yaml:"url"`
}

FactoryConfig is the configuration honored by the Factory.

The URL is where the updater expects the VEX data to be published (and must end with a slash).

type Updater

type Updater struct {
	// contains filtered or unexported fields
}

Updater is responsible from reading VEX data served at the URL and creating vulnerabilities.

func (*Updater) Configure

func (u *Updater) Configure(ctx context.Context, f driver.ConfigUnmarshaler, c *http.Client) error

Configure implements driver.Configurable.

func (*Updater) DeltaParse

func (u *Updater) DeltaParse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, []string, error)

DeltaParse implements driver.DeltaUpdater.

func (*Updater) Fetch

Fetch pulls data down from the Red Hat VEX endpoints. The order of operations is:

  1. Check if we need to process the entire archive of data. If yes: - Make a request to discover the latest archive endpoint. - Make a HEAD request to archive endpoint to get the last-modified header. - Save the last-modified time in the fingerprint's requestTime.
  2. Process the changes.csv file, requesting and appending the entries that changed since the finderprint's requestTime.
  3. Process the deletions.csv file, processing the entries that changed since the finderprint's requestTime.
  4. If we need to process entire archive, request the archive data and append the entries that have not been changed or deleted.

This helps to ensure that we only persist one copy of an advisory in the worst possible case. In most cases, after the initial load, the number of processed files should be very small.

func (*Updater) Name

func (u *Updater) Name() string

Name returns the name string of the Updater.

func (*Updater) Parse

func (u *Updater) Parse(ctx context.Context, contents io.ReadCloser) ([]*claircore.Vulnerability, error)

Parse implements driver.Updater.

type UpdaterConfig

type UpdaterConfig struct {
	// URL overrides any discovered URL for the JSON file.
	URL string `json:"url" yaml:"url"`
}

UpdaterConfig is the configuration for the updater.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL