Add support for Quay's vulnerability tool

data/migrations/versions/57dad559ff2d_add_support_for_quay_s_security_indexer.py

@@ -22,8 +22,8 @@ def upgrade(tables):
     op.create_index('image_security_indexed_engine_security_indexed', 'image', ['security_indexed_engine', 'security_indexed'])
 
 def downgrade(tables):
+   ### commands auto generated by Alembic - please adjust! ###
     op.drop_index('image_security_indexed_engine_security_indexed', 'image')
-    ### commands auto generated by Alembic - please adjust! ###
     op.drop_constraint(op.f('fk_image_parent_id_image'), 'image', type_='foreignkey')
     op.drop_index('image_parent_id', table_name='image')
     op.drop_column('image', 'security_indexed')

workers/securityworker.py

@@ -33,6 +33,7 @@ def _get_image_to_export(version):
 
   images = (Image
     .select(candidates.c.docker_image_id, candidates.c.uuid, candidates.c.checksum)
+    .distinct()
     .from_(candidates)
     .order_by(db_random_func())
     .tuples()
@@ -54,6 +55,7 @@ def _get_image_to_export(version):
 
   images = (Image
     .select(candidates.c.docker_image_id, candidates.c.uuid, candidates.c.checksum, candidates.c.parent_docker_image_id, candidates.c.parent_storage_uuid)
+    .distinct()
     .from_(candidates)
     .order_by(db_random_func())
     .tuples()
@@ -164,6 +166,7 @@ class SecurityWorker(Worker):
             'TarSum': img['storage_checksum'],
             'Path': uri
           }
+
           if img['parent_docker_image_id'] is not None and img['parent_storage_uuid'] is not None:
             request['ParentID'] = img['parent_docker_image_id']+'.'+img['parent_storage_uuid']