mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
7c78f80a96
1. Move existing CVE DB download generator/task login under the cve package 2. Add a new CVE scanner task generator and task type to run in the background, as well as tests for it 3. Move the CVE cache in its own package 4. Add a CVE scanner methods to check if an entry is present in the cache, and to retreive the results 5. Modify the FilterTags MetaDB method to not exit on first error This is needed in order to pass all tags to the generator, instead of the generator stopping at the first set of invalid data 6. Integrate the new scanning task generator with the existing zot code. 7. Fix an issue where the CVE scan results for multiarch images was not cached 8. Rewrite some of the older CVE tests to use the new image-utils test package 9. Use the CVE scanner as attribute of the controller instead of CveInfo. Remove functionality of CVE DB update from CveInfo, it is now responsible, as the name states, only for providing CVE information. 10. The logic to get maximum severity and cve count for image sumaries now uses only the scanner cache. 11. Removed the GetCVESummaryForImage method from CveInfo as it was only used in tests Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
111 lines
3.2 KiB
Go
111 lines
3.2 KiB
Go
package mocks
|
|
|
|
import (
|
|
"zotregistry.io/zot/pkg/common"
|
|
cvemodel "zotregistry.io/zot/pkg/extensions/search/cve/model"
|
|
)
|
|
|
|
type CveInfoMock struct {
|
|
GetImageListForCVEFn func(repo, cveID string) ([]cvemodel.TagInfo, error)
|
|
GetImageListWithCVEFixedFn func(repo, cveID string) ([]cvemodel.TagInfo, error)
|
|
GetCVEListForImageFn func(repo string, reference string, searchedCVE string, pageInput cvemodel.PageInput,
|
|
) ([]cvemodel.CVE, common.PageInfo, error)
|
|
GetCVESummaryForImageMediaFn func(repo string, digest, mediaType string,
|
|
) (cvemodel.ImageCVESummary, error)
|
|
}
|
|
|
|
func (cveInfo CveInfoMock) GetImageListForCVE(repo, cveID string) ([]cvemodel.TagInfo, error) {
|
|
if cveInfo.GetImageListForCVEFn != nil {
|
|
return cveInfo.GetImageListForCVEFn(repo, cveID)
|
|
}
|
|
|
|
return []cvemodel.TagInfo{}, nil
|
|
}
|
|
|
|
func (cveInfo CveInfoMock) GetImageListWithCVEFixed(repo, cveID string) ([]cvemodel.TagInfo, error) {
|
|
if cveInfo.GetImageListWithCVEFixedFn != nil {
|
|
return cveInfo.GetImageListWithCVEFixedFn(repo, cveID)
|
|
}
|
|
|
|
return []cvemodel.TagInfo{}, nil
|
|
}
|
|
|
|
func (cveInfo CveInfoMock) GetCVEListForImage(repo string, reference string,
|
|
searchedCVE string, pageInput cvemodel.PageInput,
|
|
) (
|
|
[]cvemodel.CVE,
|
|
common.PageInfo,
|
|
error,
|
|
) {
|
|
if cveInfo.GetCVEListForImageFn != nil {
|
|
return cveInfo.GetCVEListForImageFn(repo, reference, searchedCVE, pageInput)
|
|
}
|
|
|
|
return []cvemodel.CVE{}, common.PageInfo{}, nil
|
|
}
|
|
|
|
func (cveInfo CveInfoMock) GetCVESummaryForImageMedia(repo, digest, mediaType string,
|
|
) (cvemodel.ImageCVESummary, error) {
|
|
if cveInfo.GetCVESummaryForImageMediaFn != nil {
|
|
return cveInfo.GetCVESummaryForImageMediaFn(repo, digest, mediaType)
|
|
}
|
|
|
|
return cvemodel.ImageCVESummary{}, nil
|
|
}
|
|
|
|
type CveScannerMock struct {
|
|
IsImageFormatScannableFn func(repo string, reference string) (bool, error)
|
|
IsImageMediaScannableFn func(repo string, digest, mediaType string) (bool, error)
|
|
IsResultCachedFn func(digest string) bool
|
|
GetCachedResultFn func(digest string) map[string]cvemodel.CVE
|
|
ScanImageFn func(image string) (map[string]cvemodel.CVE, error)
|
|
UpdateDBFn func() error
|
|
}
|
|
|
|
func (scanner CveScannerMock) IsImageFormatScannable(repo string, reference string) (bool, error) {
|
|
if scanner.IsImageFormatScannableFn != nil {
|
|
return scanner.IsImageFormatScannableFn(repo, reference)
|
|
}
|
|
|
|
return true, nil
|
|
}
|
|
|
|
func (scanner CveScannerMock) IsImageMediaScannable(repo string, digest, mediaType string) (bool, error) {
|
|
if scanner.IsImageMediaScannableFn != nil {
|
|
return scanner.IsImageMediaScannableFn(repo, digest, mediaType)
|
|
}
|
|
|
|
return true, nil
|
|
}
|
|
|
|
func (scanner CveScannerMock) IsResultCached(digest string) bool {
|
|
if scanner.IsResultCachedFn != nil {
|
|
return scanner.IsResultCachedFn(digest)
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func (scanner CveScannerMock) GetCachedResult(digest string) map[string]cvemodel.CVE {
|
|
if scanner.GetCachedResultFn != nil {
|
|
return scanner.GetCachedResultFn(digest)
|
|
}
|
|
|
|
return map[string]cvemodel.CVE{}
|
|
}
|
|
|
|
func (scanner CveScannerMock) ScanImage(image string) (map[string]cvemodel.CVE, error) {
|
|
if scanner.ScanImageFn != nil {
|
|
return scanner.ScanImageFn(image)
|
|
}
|
|
|
|
return map[string]cvemodel.CVE{}, nil
|
|
}
|
|
|
|
func (scanner CveScannerMock) UpdateDB() error {
|
|
if scanner.UpdateDBFn != nil {
|
|
return scanner.UpdateDBFn()
|
|
}
|
|
|
|
return nil
|
|
}
|