-
Notifications
You must be signed in to change notification settings - Fork 85
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add affected manifest type, update plumbing of the type (#190)
* add affected manifest type, update plumbing of the type this commit introduces a new type to support the notifications implementation along with tests and plumbing. Signed-off-by: ldelossa <ldelossa@redhat.com> * review changes Signed-off-by: ldelossa <ldelossa@redhat.com> * update comment
- Loading branch information
Louis DeLosSantos
committed
Jun 8, 2020
1 parent
303b18b
commit 90283d9
Showing
4 changed files
with
118 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
package claircore | ||
|
||
import ( | ||
"sort" | ||
"sync" | ||
) | ||
|
||
// AffectedManifests describes a set of manifests affected by | ||
// a set of Vulnerabilities. | ||
type AffectedManifests struct { | ||
mu sync.Mutex | ||
// map of vulnerabilities keyed by the vulnerability's ID | ||
Vulnerabilities map[string]*Vulnerability `json:"vulnerabilities"` | ||
// map associating a list of vulnerability ids keyed by the | ||
// manifest hash they affect. | ||
VulnerableManifests map[string][]string `json:"vulnerable_manifests"` | ||
} | ||
|
||
// NewAffectedManifests initializes a new AffectedManifests struct. | ||
func NewAffectedManifests() AffectedManifests { | ||
return AffectedManifests{ | ||
Vulnerabilities: make(map[string]*Vulnerability), | ||
VulnerableManifests: make(map[string][]string), | ||
} | ||
} | ||
|
||
// Add will add the provided Vulnerability and Manifest digest | ||
// to the necessary maps. | ||
// | ||
// Add is safe to use by multiple goroutines. | ||
func (a *AffectedManifests) Add(v *Vulnerability, digests ...Digest) { | ||
a.mu.Lock() | ||
a.Vulnerabilities[v.ID] = v | ||
for _, d := range digests { | ||
hash := d.String() | ||
a.VulnerableManifests[hash] = append(a.VulnerableManifests[hash], v.ID) | ||
} | ||
a.mu.Unlock() | ||
} | ||
|
||
// Sort will sort each array in the VulnerableManifests map | ||
// by Vulnerability.NormalizedSeverity in Desc order. | ||
// | ||
// Sort is safe to use by multiple goroutines. | ||
func (a *AffectedManifests) Sort() { | ||
a.mu.Lock() | ||
for _, ids := range a.VulnerableManifests { | ||
sort.Slice(ids, func(i, j int) bool { | ||
id1, id2 := ids[i], ids[j] | ||
v1, v2 := a.Vulnerabilities[id1], a.Vulnerabilities[id2] | ||
// reverse this since we want descending sort | ||
return v1.NormalizedSeverity > v2.NormalizedSeverity | ||
}) | ||
} | ||
a.mu.Unlock() | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
package claircore_test | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/quay/claircore" | ||
"github.com/quay/claircore/test" | ||
) | ||
|
||
// TestAffectedManifestsAddAndSort confirms adding to and sorting | ||
// the AffectedManifests struct works correctly. | ||
func TestAffectedManifestsAddAndSort(t *testing.T) { | ||
vulns := test.GenUniqueVulnerabilities(2, "test-updater") | ||
manifest := claircore.MustParseDigest(`sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef`) | ||
affected := claircore.NewAffectedManifests() | ||
|
||
// make vuln 1 higher severity, to test sorting | ||
vulns[1].NormalizedSeverity = claircore.High | ||
|
||
affected.Add(vulns[0], manifest) | ||
affected.Add(vulns[1], manifest) | ||
|
||
if len(affected.Vulnerabilities) != 2 { | ||
t.Fatalf("got: %d, want: %d", len(affected.Vulnerabilities), 2) | ||
} | ||
|
||
if _, ok := affected.VulnerableManifests[manifest.String()]; !ok { | ||
t.Fatalf("got: %v, want: %v", ok, true) | ||
} | ||
|
||
affected.Sort() | ||
|
||
ids := affected.VulnerableManifests[manifest.String()] | ||
if len(ids) != 2 { | ||
t.Fatalf("got: %v, want: %v", len(ids), 2) | ||
} | ||
|
||
v1 := affected.Vulnerabilities[ids[0]] | ||
v2 := affected.Vulnerabilities[ids[1]] | ||
|
||
if v1.NormalizedSeverity != claircore.High { | ||
t.Fatalf("got: %v, want: %v", v1.NormalizedSeverity, claircore.High) | ||
} | ||
|
||
if v2.NormalizedSeverity != claircore.Unknown { | ||
t.Fatalf("got: %v, want: %v", v1.NormalizedSeverity, claircore.Unknown) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters