Skip to content

Commit

Permalink
fix: avoid ubuntu git repo check exception on missing directory (#160)
Browse files Browse the repository at this point in the history
* fix: avoid ubuntu git repo check exception on missing directory

If the directory doesn't exist, there is no need to execute the `git
rev-parse --is-inside-work-tree` command, we can just return false from
the check command.  This silences an exception being thrown and logged
on every initial run, thereby reducing support questions.

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>

* chore: more info-level logging for ubuntu

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>

---------

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
  • Loading branch information
westonsteimel authored Apr 27, 2023
1 parent 7efe585 commit 3fa64a2
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 4 deletions.
4 changes: 4 additions & 0 deletions src/vunnel/providers/ubuntu/git.py
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,10 @@ def __init__(

def _check(self, destination):
try:
if not os.path.exists(destination):
self.logger.debug(f"git working tree not found at {destination}")
return False

cmd = self._is_git_repo_cmd_
out = self._exec_cmd(cmd, cwd=destination)
self.logger.debug("check for git repository, cmd: {}, output: {}".format(cmd, out.decode()))
Expand Down
13 changes: 9 additions & 4 deletions src/vunnel/providers/ubuntu/parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -641,10 +641,10 @@ def fetch(self, skip_if_exists=False):
self._save_last_processed_rev(current_rev)

# load merged state and map it to vulnerabilities
self.logger.info("loading processed CVE content and transforming into vulnerabilities")

self.logger.info("begin loading processed CVE content and transforming into vulnerabilities")
for merged_cve in self._merged_cve_iterator():
yield from map_parsed(merged_cve, self.logger)
self.logger.info("finish loading processed CVE content and transforming into vulnerabilities")

def _process_data(self, vc_dir: str, to_rev: str, from_rev: str | None = None):
self.logger.info(f"processing data from git repository: {vc_dir}, from revision: {from_rev}, to revision: {to_rev}")
Expand All @@ -659,13 +659,14 @@ def _process_data(self, vc_dir: str, to_rev: str, from_rev: str | None = None):
modified, removed = self.git_wrapper.get_merged_change_set(from_rev=from_rev, to_rev=to_rev)
updated_paths = list(modified.values()) if modified else []
deleted_ids = list(removed.keys()) if removed else []
self.logger.debug("detected {} CVE updates (add/modify/rename)".format(len(updated_paths)))
self.logger.debug("detected {} CVE deletions".format(len(deleted_ids)))
self.logger.info("detected {} CVE updates (add/modify/rename)".format(len(updated_paths)))
self.logger.info("detected {} CVE deletions".format(len(deleted_ids)))

# Load cves from active and retired directories and spool merged state to disk
# note: this is an IO bound operation, so a thread pool will suffice for now
# but look to a process pool if this becomes a bottleneck
proc_exception = None
self.logger.info("begin processing updates")
with concurrent.futures.ThreadPoolExecutor(max_workers=self._max_workers) as executor:

def worker(fn, cve_id: str, *args, **kwargs):
Expand Down Expand Up @@ -702,10 +703,14 @@ def worker(fn, cve_id: str, *args, **kwargs):
if proc_exception:
raise proc_exception

self.logger.info("finish processing updates")

# Remove merged state of deleted cves
self.logger.info("begin processing deletes")
for cve_id in deleted_ids:
self.logger.debug("{} is no longer relevant, deleting merged CVE state if any".format(cve_id))
self._delete_merged_cve(cve_id)
self.logger.info("finish processing deletes")

def _process_cve(self, cve_id: str, cve_rel_path: str, f: str, to_rev: str, updated_paths: list[str]):
if cve_rel_path in updated_paths:
Expand Down

0 comments on commit 3fa64a2

Please sign in to comment.