Enable trivy db download and update

pkg/api/BUILD.bazel

@@ -16,6 +16,7 @@ go_library(
     deps = [
         "//docs:go_default_library",
         "//errors:go_default_library",
+        "//pkg/extensions/search/cve:go_default_library",
         "//pkg/log:go_default_library",
         "//pkg/storage:go_default_library",
         "@com_github_chartmuseum_auth//:go_default_library",

pkg/api/config.go

@@ -12,8 +12,6 @@ import (
 // Commit ...
 var Commit string //nolint: gochecknoglobals
 
-const updateInterval = 24
-
 type StorageConfig struct {
 	RootDirectory string
 	GC            bool
@@ -101,7 +99,6 @@ func NewConfig() *Config {
 		Storage: StorageConfig{GC: true, Dedupe: true},
 		HTTP:    HTTPConfig{Address: "127.0.0.1", Port: "8080"},
 		Log:     &LogConfig{Level: "debug"},
-		Extensions: &ExtensionConfig{&SearchConfig{CVE: &CVEConfig{UpdateInterval: updateInterval}}},
 	}
 }
 

pkg/api/controller.go

@@ -8,8 +8,10 @@ import (
 	"net"
 	"net/http"
 	"os"
+	"time"
 
 	"github.com/anuvu/zot/errors"
+	cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
 	"github.com/anuvu/zot/pkg/log"
 	"github.com/anuvu/zot/pkg/storage"
 	"github.com/gorilla/handlers"
@@ -49,6 +51,34 @@ func (c *Controller) Run() error {
 		os.Exit(1)
 	}
 
+	// Updating the CVE Database
+	if c.Config != nil && c.Config.Extensions != nil && c.Config.Extensions.Search != nil &&
+		c.Config.Extensions.Search.CVE != nil {
+		defaultUpdateInterval, _ := time.ParseDuration("2h")
+
+		if c.Config.Extensions.Search.CVE.UpdateInterval < defaultUpdateInterval {
+			c.Config.Extensions.Search.CVE.UpdateInterval = defaultUpdateInterval
+			c.Log.Warn().Msg("CVE update interval set to too-short interval <= 1, changing update duration to 2 hours and continuing.") // nolint: lll
+		}
+
+		go func() {
+			for {
+				c.Log.Info().Msg("Updating the CVE database")
+
+				err := cveinfo.UpdateCVEDb(c.Config.Storage.RootDirectory, c.Log)
+				if err != nil {
+					panic(err)
+				}
+
+				c.Log.Info().Str("Db update completed, next update scheduled after", c.Config.Extensions.Search.CVE.UpdateInterval.String()).Msg("") //nolint: lll
+
+				time.Sleep(c.Config.Extensions.Search.CVE.UpdateInterval)
+			}
+		}()
+	} else {
+		c.Log.Info().Msg("Cve config not provided, skipping cve update")
+	}
+
 	c.Router = engine
 	c.Router.UseEncodedPath()
 	_ = NewRouteHandler(c)

pkg/extensions/search/cve/BUILD.bazel

@@ -1,4 +1,4 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -14,3 +14,14 @@ go_library(
         "@com_github_aquasecurity_trivy//integration/config:go_default_library",
     ],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = ["cve_test.go"],
+    data = glob(["testdata/**"]),
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/log:go_default_library",
+        "@com_github_smartystreets_goconvey//convey:go_default_library",
+    ],
+)

pkg/extensions/search/cve/cve_test.go

@@ -0,0 +1,40 @@
+package cveinfo_test
+
+import (
+	"io/ioutil"
+	"os"
+	"testing"
+
+	cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
+	"github.com/anuvu/zot/pkg/log"
+	. "github.com/smartystreets/goconvey/convey"
+)
+
+// nolint:gochecknoglobals
+var (
+	cve   *cveinfo.CveInfo
+	dbDir string
+)
+
+func testSetup() error {
+	dir, err := ioutil.TempDir("", "util_test")
+	if err != nil {
+		return err
+	}
+
+	cve = &cveinfo.CveInfo{Log: log.NewLogger("debug", "")}
+
+	dbDir = dir
+
+	return nil
+}
+
+func TestDownloadDB(t *testing.T) {
+	Convey("Download DB", t, func() {
+		err := testSetup()
+		So(err, ShouldBeNil)
+		err = cveinfo.UpdateCVEDb(dbDir, cve.Log)
+		So(err, ShouldBeNil)
+		os.RemoveAll(dbDir)
+	})
+}