alpine: move to dynamic distributions

This change ends up being a large one, as the list of releases was used throughout the package. To move to the releases being dynamic, the package: - Adds discovery from the SecDB HTTP layout via Factory. - Reworks and un-exports some internal types. - Updates relevant tests. Signed-off-by: Hank Donnay <hdonnay@redhat.com>
quay · Jun 21, 2022 · 9db8b16 · 9db8b16
1 parent c804ced
commit 9db8b16
Show file tree

Hide file tree

Showing 21 changed files with 300 additions and 240 deletions.
diff --git a/alpine/distributionscanner.go b/alpine/distributionscanner.go
@@ -25,7 +25,7 @@ import (
 
 const (
 	scannerName    = "alpine"
-	scannerVersion = "v0.0.1"
+	scannerVersion = "2"
 	scannerKind    = "distribution"
 )
 

diff --git a/alpine/fetcher.go b/alpine/fetcher.go
@@ -12,7 +12,7 @@ import (
 	"github.com/quay/claircore/pkg/tmp"
 )
 
-func (u *Updater) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error) {
+func (u *updater) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error) {
 	ctx = zlog.ContextWithValues(ctx, "component", "alpine/Updater.Fetch")
 
 	zlog.Info(ctx).Str("database", u.url).Msg("starting fetch")

diff --git a/alpine/fetcher_test.go b/alpine/fetcher_test.go
@@ -2,60 +2,48 @@ package alpine
 
 import (
 	"context"
-	"fmt"
 	"net/http"
 	"net/http/httptest"
-	"os"
 	"testing"
 
+	"github.com/google/go-cmp/cmp"
 	"github.com/quay/zlog"
-
-	"github.com/quay/claircore/libvuln/driver"
 )
 
-func TestFetcher(t *testing.T) {
-	ctx := zlog.Test(context.Background(), t)
+func serveSecDB(t *testing.T) (string, *http.Client) {
+	srv := httptest.NewServer(http.FileServer(http.Dir("testdata/fetch")))
+	t.Cleanup(srv.Close)
+	return srv.URL, srv.Client()
+}
 
-	var table = []struct {
-		release   Release
-		repo      Repo
-		serveFile string
-	}{
-		{
-			release:   V3_10,
-			repo:      Community,
-			serveFile: "testdata/v3_10_community_truncated.json",
-		},
+func TestFactory(t *testing.T) {
+	ctx := zlog.Test(context.Background(), t)
+	root, c := serveSecDB(t)
+	fac := &Factory{}
+	err := fac.Configure(ctx, func(v interface{}) error {
+		cf := v.(*FactoryConfig)
+		cf.URL = root + "/"
+		return nil
+	}, c)
+	if err != nil {
+		t.Fatal(err)
 	}
-
-	for _, test := range table {
-		fi, err := os.Stat(test.serveFile)
-		if err != nil {
-			t.Fatal(err)
-		}
-		tag := fmt.Sprintf(`"%d"`, fi.ModTime().UnixNano())
-		srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if r.Header.Get("if-none-match") == tag {
-				w.WriteHeader(http.StatusNotModified)
-				return
-			}
-			w.Header().Set("etag", tag)
-			http.ServeFile(w, r, test.serveFile)
-		}))
-
-		u, err := NewUpdater(test.release, test.repo, WithURL(srv.URL))
-
-		rd, hint, err := u.Fetch(ctx, "")
-		if err != nil {
-			t.Error(err)
-		}
-		if rd != nil {
-			rd.Close()
-		}
-
-		_, _, err = u.Fetch(ctx, driver.Fingerprint(hint))
-		if got, want := err, driver.Unchanged; got != want {
-			t.Errorf("got: %v, want: %v", got, want)
-		}
+	s, err := fac.UpdaterSet(ctx)
+	if err != nil {
+		t.Error(err)
+	}
+	us := s.Updaters()
+	if len(us) == 0 {
+		t.Errorf("expected more than 0 updaters")
+	}
+	got := make([]string, len(us))
+	for i, u := range us {
+		got[i] = u.Name()
+	}
+	want := []string{
+		"alpine-community-v3.10-updater",
+	}
+	if !cmp.Equal(got, want) {
+		t.Error(cmp.Diff(got, want))
 	}
 }
diff --git a/alpine/matcher.go b/alpine/matcher.go
@@ -25,9 +25,9 @@ func (*Matcher) Filter(record *claircore.IndexRecord) bool {
 	}
 
 	switch {
-	case record.Distribution.DID == ID:
+	case record.Distribution.DID == distID:
 		return true
-	case record.Distribution.Name == Name:
+	case record.Distribution.Name == distName:
 		return true
 	default:
 		return false

diff --git a/alpine/parser.go b/alpine/parser.go
@@ -16,10 +16,10 @@ const (
 	nvdURLPrefix = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=%s"
 )
 
-var _ driver.Parser = (*Updater)(nil)
+var _ driver.Parser = (*updater)(nil)
 
-func (u *Updater) Parse(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error) {
-	ctx = zlog.ContextWithValues(ctx, "component", "apline/Updater.Parse")
+func (u *updater) Parse(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error) {
+	ctx = zlog.ContextWithValues(ctx, "component", "alpine/Updater.Parse")
 	zlog.Info(ctx).Msg("starting parse")
 	defer r.Close()
 
@@ -31,7 +31,7 @@ func (u *Updater) Parse(ctx context.Context, r io.ReadCloser) ([]*claircore.Vuln
 }
 
 // parse parses the alpine SecurityDB
-func (u *Updater) parse(ctx context.Context, sdb *SecurityDB) ([]*claircore.Vulnerability, error) {
+func (u *updater) parse(ctx context.Context, sdb *SecurityDB) ([]*claircore.Vulnerability, error) {
 	out := []*claircore.Vulnerability{}
 	for _, pkg := range sdb.Packages {
 		if err := ctx.Err(); err != nil {
@@ -44,7 +44,7 @@ func (u *Updater) parse(ctx context.Context, sdb *SecurityDB) ([]*claircore.Vuln
 				Name: pkg.Pkg.Name,
 				Kind: claircore.SOURCE,
 			},
-			Dist: releaseToDist(u.release),
+			Dist: u.release.Distribution(),
 		}
 		out = append(out, unpackSecFixes(partial, pkg.Pkg.Secfixes)...)
 	}

diff --git a/alpine/parser_test.go b/alpine/parser_test.go
@@ -13,7 +13,9 @@ import (
 	"github.com/quay/claircore"
 )
 
-var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
+var dist310 = release{3, 10}.Distribution()
+
+var v3_10CommunityTruncatedVulns = []*claircore.Vulnerability{
 	{
 		Name:               "CVE-2018-20187",
 		Links:              "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20187",
@@ -24,7 +26,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "botan",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2018-12435",
@@ -36,7 +38,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "botan",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2018-9860",
@@ -48,7 +50,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "botan",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2018-9127",
@@ -60,7 +62,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "botan",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2019-9929",
@@ -72,7 +74,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "cfengine",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2017-6949",
@@ -84,7 +86,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "chicken",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2017-9334",
@@ -96,7 +98,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "chicken",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2016-6830",
@@ -108,7 +110,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "chicken",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 	{
 		Name:               "CVE-2016-6831",
@@ -120,7 +122,7 @@ var V3_10_community_truncated_vulns = []*claircore.Vulnerability{
 			Name: "chicken",
 			Kind: claircore.SOURCE,
 		},
-		Dist: releaseToDist(V3_10),
+		Dist: dist310,
 	},
 }
 
@@ -129,16 +131,16 @@ func TestParser(t *testing.T) {
 	ctx, done := context.WithCancel(context.Background())
 	defer done()
 	var table = []struct {
-		release  Release
-		repo     Repo
+		release  release
+		repo     string
 		testFile string
 		expected []*claircore.Vulnerability
 	}{
 		{
-			release:  V3_10,
-			repo:     Community,
-			testFile: "v3_10_community_truncated.json",
-			expected: V3_10_community_truncated_vulns,
+			release:  release{3, 10},
+			repo:     "community",
+			testFile: "fetch/v3.10/community.json",
+			expected: v3_10CommunityTruncatedVulns,
 		},
 	}
 
@@ -152,10 +154,7 @@ func TestParser(t *testing.T) {
 				t.Fatalf("failed to open test data: %v", path)
 			}
 
-			u, err := NewUpdater(test.release, test.repo)
-			if err != nil {
-				t.Fatalf("failed to create updater: %v", err)
-			}
+			u := &updater{release: test.release, repo: test.repo}
 			vulns, err := u.Parse(ctx, f)
 			if err != nil {
 				t.Fatalf("failed to parse: %v", err)