libindex

package
v1.4.22 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 14, 2023 License: Apache-2.0 Imports: 36 Imported by: 4

Documentation

Index

Examples

Constants

View Source
const (
	DefaultScanLockRetry        = 5 * time.Second
	DefaultLayerScanConcurrency = 10
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ControllerFactory

type ControllerFactory func(opts *indexer.Opts) *controller.Controller

ControllerFactory is a factory method to return a Controller during libindex runtime.

type FetchProxy added in v1.1.0

type FetchProxy struct {
	// contains filtered or unexported fields
}

FetchProxy tracks the files fetched for layers.

This can be unexported if FetchArena gets unexported.

func (*FetchProxy) Close added in v1.1.0

func (p *FetchProxy) Close() error

Close marks all the layers' backing files as unused.

This method may actually delete the backing files.

func (*FetchProxy) Realize added in v1.4.5

func (p *FetchProxy) Realize(ctx context.Context, ls []*claircore.Layer) error

Realize populates all the layers locally.

type Libindex

type Libindex struct {
	// holds dependencies for creating a libindex instance
	*Options
	// contains filtered or unexported fields
}

Libindex implements the method set for scanning and indexing a Manifest.

Example
package main

import (
	"context"
	"net/http"
	"os"

	"github.com/quay/claircore"
	"github.com/quay/claircore/datastore/postgres"
	"github.com/quay/claircore/libindex"
	"github.com/quay/claircore/pkg/ctxlock"
)

func main() {
	ctx := context.TODO()
	pool, err := postgres.Connect(ctx, "connection string", "libindex-test")
	if err != nil {
		panic(err)
	}

	store, err := postgres.InitPostgresIndexerStore(ctx, pool, true)
	if err != nil {
		panic(err)
	}

	ctxLocker, err := ctxlock.New(ctx, pool)
	if err != nil {
		panic(err)
	}

	opts := &libindex.Options{
		Store:      store,
		Locker:     ctxLocker,
		FetchArena: libindex.NewRemoteFetchArena(http.DefaultClient, os.TempDir()),
		// see definition for more configuration options
	}
	lib, err := libindex.New(ctx, opts, http.DefaultClient)
	if err != nil {
		panic(err)
	}
	m := &claircore.Manifest{}

	ir, err := lib.Index(ctx, m)
	if err != nil {
		panic(err)
	}
	if ir.State == "IndexError" {
		panic(ir.Err)
	}
}
Output:

func New

func New(ctx context.Context, opts *Options, cl *http.Client) (*Libindex, error)

New creates a new instance of libindex.

The passed http.Client will be used for fetching layers and any HTTP requests made by scanners.

func (*Libindex) AffectedManifests added in v0.0.24

func (l *Libindex) AffectedManifests(ctx context.Context, vulns []claircore.Vulnerability) (*claircore.AffectedManifests, error)

AffectedManifests retrieves a list of affected manifests when provided a list of vulnerabilities.

func (*Libindex) Close added in v0.0.16

func (l *Libindex) Close(ctx context.Context) error

Close releases held resources.

func (*Libindex) DeleteManifests added in v1.2.0

func (l *Libindex) DeleteManifests(ctx context.Context, d ...claircore.Digest) ([]claircore.Digest, error)

DeleteManifests removes manifests specified by the provided digests.

Providing an unknown digest is not an error.

func (*Libindex) Index

func (l *Libindex) Index(ctx context.Context, manifest *claircore.Manifest) (*claircore.IndexReport, error)

Index performs a scan and index of each layer within the provided Manifest.

If the index operation cannot start an error will be returned. If an error occurs during scan the error will be propagated inside the IndexReport.

func (*Libindex) IndexReport

func (l *Libindex) IndexReport(ctx context.Context, hash claircore.Digest) (*claircore.IndexReport, bool, error)

IndexReport retrieves an IndexReport for a particular manifest hash, if it exists.

func (*Libindex) State added in v0.0.10

func (l *Libindex) State(ctx context.Context) (string, error)

State returns an opaque identifier identifying how the struct is currently configured.

If the identifier has changed, clients should arrange for layers to be re-indexed.

type LockSource added in v1.4.5

LockSource abstracts over how locks are implemented.

An online system needs distributed locks, offline use cases can use process-local locks.

type Options added in v1.4.5

type Options struct {
	// Store is the interface used to persist and retrieve results of indexing.
	Store indexer.Store
	// Locker provides system-wide locks. If the indexing work is distributed the
	// lock should be backed by a distributed store.
	Locker LockSource
	// FetchArena is an interface tied to the lifecycle of LibIndex to enable management
	// of the filesystem while separate processes are dealing with layers, for example:
	// you can reference count downloaded layer files to avoid racing.
	FetchArena indexer.FetchArena
	// ScanLockRetry specifies how often we should try to acquire a lock for scanning a
	// given manifest if lock is taken.
	ScanLockRetry time.Duration
	// LayerScanConcurrency specifies the number of layers to be scanned in parallel.
	LayerScanConcurrency int
	// LayerFetchOpt is unused and kept here for backwards compatibility.
	LayerFetchOpt interface{}
	// NoLayerValidation controls whether layers are checked to actually be
	// content-addressed. With this option toggled off, callers can trigger
	// layers to be indexed repeatedly by changing the identifier in the
	// manifest.
	NoLayerValidation bool
	// ControllerFactory provides an alternative method for creating a scanner during libindex runtime
	// if nil the default factory will be used. useful for testing purposes
	ControllerFactory ControllerFactory
	// Ecosystems a list of ecosystems to use which define which package databases and coalescing methods we use
	Ecosystems []*indexer.Ecosystem
	// ScannerConfig holds functions that can be passed into configurable
	// scanners. They're broken out by kind, and only used if a scanner
	// implements the appropriate interface.
	//
	// Providing a function for a scanner that's not expecting it is not a fatal
	// error.
	ScannerConfig struct {
		Package, Dist, Repo map[string]func(interface{}) error
	}
}

Options are dependencies and options for constructing an instance of libindex

type RemoteFetchArena added in v1.4.5

type RemoteFetchArena struct {
	// contains filtered or unexported fields
}

RemoteFetchArena is a struct that keeps track of all the layers fetched into it, and only removes them once all the users have gone away.

Exported for use in cctool. If cctool goes away, this can get unexported. It is remote in the sense that it pulls layers from the internet.

func NewRemoteFetchArena added in v1.4.5

func NewRemoteFetchArena(wc *http.Client, root string) *RemoteFetchArena

NewRemoteFetchArena initializes the RemoteFetchArena.

This method is provided instead of a constructor function to make embedding easier.

func (*RemoteFetchArena) Close added in v1.4.5

func (a *RemoteFetchArena) Close(ctx context.Context) error

Close removes all files left in the arena.

It's not an error to have active fetchers, but may cause errors to have files unlinked underneath their users.

func (*RemoteFetchArena) Realizer added in v1.4.5

Fetcher returns an indexer.Fetcher.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL