tiny fixes to securityworker

2015-11-12 17:02:18 -05:00 · 2015-11-12 17:02:18 -05:00 · 37ce84f6af
commit 37ce84f6af
parent 6415a3d070
2 changed files with 31 additions and 20 deletions
--- a/util/secscan/api.py
+++ b/util/secscan/api.py
@ -134,13 +134,11 @@ class SecurityConfigValidator(object):
    return self._keys

  def valid(self):
-    config = self._security_config
-
    if (not features.SECURITY_SCANNER
-        or not config
-        or not 'ENDPOINT' in config
-        or not 'ENGINE_VERSION_TARGET' in config
-        or not 'DISTRIBUTED_STORAGE_PREFERENCE' in config
+        or not self._security_config
+        or not 'ENDPOINT' in self._security_config
+        or not 'ENGINE_VERSION_TARGET' in self._security_config
+        or not 'DISTRIBUTED_STORAGE_PREFERENCE' in self._security_config
        or (self._certificate is False and self._keys is None)):
      return False

@ -155,10 +153,12 @@ class SecurityScannerAPI(object):

    config_validator = SecurityConfigValidator(app, config_provider)
    if not config_validator.valid():
+      logger.warning('Invalid config provided to SecurityScannerAPI')
      return

-    self.certificate = config_validator.cert()
-    self.keys = config_validator.keypair()
+    self._security_config = app.config.get('SECURITY_SCANNER')
+    self._certificate = config_validator.cert()
+    self._keys = config_validator.keypair()

  def check_layer_vulnerable(self, layer_id, cve_id):
    """ Checks with Clair whether the given layer is vulnerable to the given CVE. """
@ -191,7 +191,7 @@ class SecurityScannerAPI(object):
        This function disconnects from the database while awaiting a response
        from the API server.
    """
-    security_config = self.security_config
+    security_config = self._security_config
    api_url = urljoin(security_config['ENDPOINT'], '/' + security_config['API_VERSION']) + '/'
    url = urljoin(api_url, relative_url % args)

@ -201,8 +201,8 @@ class SecurityScannerAPI(object):

    with CloseForLongOperation(self.app.config):
      if body is not None:
-        return client.post(url, json=body, params=kwargs, timeout=timeout, cert=self.keys,
-                           verify=self.certificate)
+        return client.post(url, json=body, params=kwargs, timeout=timeout, cert=self._keys,
+                           verify=self._certificate)
      else:
-        return client.get(url, params=kwargs, timeout=timeout, cert=self.keys,
-                          verify=self.certificate)
+        return client.get(url, params=kwargs, timeout=timeout, cert=self._keys,
+                          verify=self._certificate)