0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00

search/cve: fix log messages

This commit is contained in:
Shivam Mishra 2020-09-22 10:35:39 -07:00
parent d63f715fe5
commit 971404f6ee
2 changed files with 32 additions and 31 deletions

View file

@ -23,13 +23,13 @@ import (
func UpdateCVEDb(dbDir string, log log.Logger) error { func UpdateCVEDb(dbDir string, log log.Logger) error {
config, err := config.NewConfig(dbDir) config, err := config.NewConfig(dbDir)
if err != nil { if err != nil {
log.Error().Err(err).Msg("Unable to get config") log.Error().Err(err).Msg("unable to get config")
return err return err
} }
err = integration.RunTrivyDb(config.TrivyConfig) err = integration.RunTrivyDb(config.TrivyConfig)
if err != nil { if err != nil {
log.Error().Err(err).Msg("Unable to update DB ") log.Error().Err(err).Msg("unable to update DB ")
return err return err
} }
@ -48,7 +48,7 @@ func (cveinfo CveInfo) IsValidImageFormat(imagePath string) (bool, error) {
imageDir, inputTag := getImageDirAndTag(imagePath) imageDir, inputTag := getImageDirAndTag(imagePath)
if !dirExists(imageDir) { if !dirExists(imageDir) {
cveinfo.Log.Error().Msg("Image Directory not exists") cveinfo.Log.Error().Msg("image directory doesn't exist")
return false, errors.ErrRepoNotFound return false, errors.ErrRepoNotFound
} }
@ -79,7 +79,7 @@ func (cveinfo CveInfo) IsValidImageFormat(imagePath string) (bool, error) {
return true, nil return true, nil
default: default:
cveinfo.Log.Debug().Msg("Image media type not supported for scanning") cveinfo.Log.Debug().Msg("image media type not supported for scanning")
return false, errors.ErrScanNotSupported return false, errors.ErrScanNotSupported
} }
} }
@ -125,7 +125,7 @@ func (cveinfo CveInfo) GetImageTagsWithTimestamp(rootDir string, repo string) ([
manifests, err := cveinfo.getImageManifests(dir) manifests, err := cveinfo.getImageManifests(dir)
if err != nil { if err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to read image manifests") cveinfo.Log.Error().Err(err).Msg("unable to read image manifests")
return tagsInfo, err return tagsInfo, err
} }
@ -138,14 +138,14 @@ func (cveinfo CveInfo) GetImageTagsWithTimestamp(rootDir string, repo string) ([
imageBlobManifest, err := cveinfo.getImageBlobManifest(dir, digest) imageBlobManifest, err := cveinfo.getImageBlobManifest(dir, digest)
if err != nil { if err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to read image blob manifest") cveinfo.Log.Error().Err(err).Msg("unable to read image blob manifest")
return tagsInfo, err return tagsInfo, err
} }
imageInfo, err := cveinfo.getImageInfo(dir, imageBlobManifest.Config.Digest) imageInfo, err := cveinfo.getImageInfo(dir, imageBlobManifest.Config.Digest)
if err != nil { if err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to read image info") cveinfo.Log.Error().Err(err).Msg("unable to read image info")
return tagsInfo, err return tagsInfo, err
} }
@ -188,12 +188,12 @@ func (cveinfo CveInfo) getImageManifests(imagePath string) ([]ispec.Descriptor,
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {
cveinfo.Log.Error().Err(err).Msg("Index.json does not exist") cveinfo.Log.Error().Err(err).Msg("index.json doesn't exist")
return nil, errors.ErrRepoNotFound return nil, errors.ErrRepoNotFound
} }
cveinfo.Log.Error().Err(err).Msg("Unable to open index.json") cveinfo.Log.Error().Err(err).Msg("unable to open index.json")
return nil, errors.ErrRepoNotFound return nil, errors.ErrRepoNotFound
} }
@ -213,13 +213,13 @@ func (cveinfo CveInfo) getImageBlobManifest(imageDir string, digest godigest.Dig
blobBuf, err := ioutil.ReadFile(path.Join(imageDir, "blobs", digest.Algorithm().String(), digest.Encoded())) blobBuf, err := ioutil.ReadFile(path.Join(imageDir, "blobs", digest.Algorithm().String(), digest.Encoded()))
if err != nil { if err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to open image Metadata file") cveinfo.Log.Error().Err(err).Msg("unable to open image metadata file")
return blobIndex, err return blobIndex, err
} }
if err := json.Unmarshal(blobBuf, &blobIndex); err != nil { if err := json.Unmarshal(blobBuf, &blobIndex); err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to marshal blob index") cveinfo.Log.Error().Err(err).Msg("unable to marshal blob index")
return blobIndex, err return blobIndex, err
} }
@ -232,13 +232,13 @@ func (cveinfo CveInfo) getImageInfo(imageDir string, hash v1.Hash) (ispec.Image,
blobBuf, err := ioutil.ReadFile(path.Join(imageDir, "blobs", hash.Algorithm, hash.Hex)) blobBuf, err := ioutil.ReadFile(path.Join(imageDir, "blobs", hash.Algorithm, hash.Hex))
if err != nil { if err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to open image Layers file") cveinfo.Log.Error().Err(err).Msg("unable to open image layers file")
return imageInfo, err return imageInfo, err
} }
if err := json.Unmarshal(blobBuf, &imageInfo); err != nil { if err := json.Unmarshal(blobBuf, &imageInfo); err != nil {
cveinfo.Log.Error().Err(err).Msg("Unable to marshal blob index") cveinfo.Log.Error().Err(err).Msg("unable to marshal blob index")
return imageInfo, err return imageInfo, err
} }

View file

@ -52,18 +52,18 @@ func GetResolverConfig(dir string, log log.Logger, imgstorage *storage.ImageStor
func (r *queryResolver) CVEListForImage(ctx context.Context, image string) (*CVEResultForImage, error) { func (r *queryResolver) CVEListForImage(ctx context.Context, image string) (*CVEResultForImage, error) {
r.cveInfo.CveTrivyConfig.TrivyConfig.Input = path.Join(r.dir, image) r.cveInfo.CveTrivyConfig.TrivyConfig.Input = path.Join(r.dir, image)
r.cveInfo.Log.Info().Str("Scanning Image", image).Msg("") r.cveInfo.Log.Info().Str("image", image).Msg("scanning image")
isValidImage, err := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input) isValidImage, err := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input)
if !isValidImage { if !isValidImage {
r.cveInfo.Log.Debug().Msg("Image media type not supported for scanning") r.cveInfo.Log.Debug().Str("image", image).Msg("image media type not supported for scanning")
return &CVEResultForImage{}, err return &CVEResultForImage{}, err
} }
cveResults, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig) cveResults, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig)
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Msg("Error scanning image repository") r.cveInfo.Log.Error().Err(err).Msg("unable to scan image repository")
return &CVEResultForImage{}, err return &CVEResultForImage{}, err
} }
@ -136,23 +136,23 @@ func (r *queryResolver) CVEListForImage(ctx context.Context, image string) (*CVE
func (r *queryResolver) ImageListForCve(ctx context.Context, id string) ([]*ImgResultForCve, error) { func (r *queryResolver) ImageListForCve(ctx context.Context, id string) ([]*ImgResultForCve, error) {
cveResult := []*ImgResultForCve{} cveResult := []*ImgResultForCve{}
r.cveInfo.Log.Info().Msg("Extracting Repositories") r.cveInfo.Log.Info().Msg("extracting repositories")
repoList, err := r.imgStore.GetRepositories() repoList, err := r.imgStore.GetRepositories()
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Msg("Not able to search repositories") r.cveInfo.Log.Error().Err(err).Msg("unable to search repositories")
return cveResult, err return cveResult, err
} }
r.cveInfo.Log.Info().Msg("Scanning each repository") r.cveInfo.Log.Info().Msg("scanning each repository")
for _, repo := range repoList { for _, repo := range repoList {
r.cveInfo.Log.Info().Str("Extracting list of tags available in image", repo).Msg("") r.cveInfo.Log.Info().Str("repo", repo).Msg("extracting list of tags available in image repo")
tagList, err := r.imgStore.GetImageTags(repo) tagList, err := r.imgStore.GetImageTags(repo)
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Msg("Not able to get list of Image Tag") r.cveInfo.Log.Error().Err(err).Msg("unable to get list of image tag")
} }
var name string var name string
@ -164,16 +164,16 @@ func (r *queryResolver) ImageListForCve(ctx context.Context, id string) ([]*ImgR
isValidImage, _ := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input) isValidImage, _ := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input)
if !isValidImage { if !isValidImage {
r.cveInfo.Log.Debug().Str("Image media type not supported for scanning", repo) r.cveInfo.Log.Debug().Str("image", repo+":"+tag).Msg("image media type not supported for scanning")
continue continue
} }
r.cveInfo.Log.Info().Str("Scanning Image", path.Join(r.dir, repo+":"+tag)).Msg("") r.cveInfo.Log.Info().Str("image", repo+":"+tag).Msg("scanning image")
results, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig) results, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig)
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Str("Error scanning image", repo+":"+tag) r.cveInfo.Log.Error().Err(err).Str("image", repo+":"+tag).Msg("unable to scan image")
continue continue
} }
@ -203,11 +203,11 @@ func (r *queryResolver) ImageListForCve(ctx context.Context, id string) ([]*ImgR
func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, id string, image string) (*ImgResultForFixedCve, error) { // nolint: lll func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, id string, image string) (*ImgResultForFixedCve, error) { // nolint: lll
imgResultForFixedCVE := &ImgResultForFixedCve{} imgResultForFixedCVE := &ImgResultForFixedCve{}
r.cveInfo.Log.Info().Str("Extracting list of tags available in image", image).Msg("") r.cveInfo.Log.Info().Str("image", image).Msg("extracting list of tags available in image")
tagsInfo, err := r.cveInfo.GetImageTagsWithTimestamp(r.dir, image) tagsInfo, err := r.cveInfo.GetImageTagsWithTimestamp(r.dir, image)
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Msg("Error while readling image tags") r.cveInfo.Log.Error().Err(err).Msg("unable to read image tags")
return imgResultForFixedCVE, err return imgResultForFixedCVE, err
} }
@ -221,18 +221,19 @@ func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, id string, im
isValidImage, _ := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input) isValidImage, _ := r.cveInfo.IsValidImageFormat(r.cveInfo.CveTrivyConfig.TrivyConfig.Input)
if !isValidImage { if !isValidImage {
r.cveInfo.Log.Debug().Msg("Image media type not supported for scanning, adding as a infected image") r.cveInfo.Log.Debug().Str("image",
image+":"+tag.Name).Msg("image media type not supported for scanning, adding as an infected image")
infectedTags = append(infectedTags, cveinfo.TagInfo{Name: tag.Name, Timestamp: tag.Timestamp}) infectedTags = append(infectedTags, cveinfo.TagInfo{Name: tag.Name, Timestamp: tag.Timestamp})
continue continue
} }
r.cveInfo.Log.Info().Str("Scanning image", path.Join(r.dir, image+":"+tag.Name)).Msg("") r.cveInfo.Log.Info().Str("image", image+":"+tag.Name).Msg("scanning image")
results, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig) results, err := cveinfo.ScanImage(r.cveInfo.CveTrivyConfig)
if err != nil { if err != nil {
r.cveInfo.Log.Error().Err(err).Str("Error scanning image", image+":"+tag.Name).Msg("") r.cveInfo.Log.Error().Err(err).Str("image", image+":"+tag.Name).Msg("unable to scan image")
continue continue
} }
@ -257,13 +258,13 @@ func (r *queryResolver) ImageListWithCVEFixed(ctx context.Context, id string, im
var finalTagList []*TagInfo var finalTagList []*TagInfo
if len(infectedTags) != 0 { if len(infectedTags) != 0 {
r.cveInfo.Log.Info().Msg("Comparing fixed tags timestamp") r.cveInfo.Log.Info().Msg("comparing fixed tags timestamp")
fixedTags := cveinfo.GetFixedTags(tagsInfo, infectedTags) fixedTags := cveinfo.GetFixedTags(tagsInfo, infectedTags)
finalTagList = getGraphqlCompatibleTags(fixedTags) finalTagList = getGraphqlCompatibleTags(fixedTags)
} else { } else {
r.cveInfo.Log.Info().Msg("Input image does not contain any tag that have given cve") r.cveInfo.Log.Info().Str("image", image).Str("cve-id", id).Msg("image does not contain any tag that have given cve")
finalTagList = getGraphqlCompatibleTags(tagsInfo) finalTagList = getGraphqlCompatibleTags(tagsInfo)
} }