close db connections when calling out to clair

workers/security_notification_worker.py

@@ -6,10 +6,10 @@ from collections import defaultdict
 
 import features
 
-from app import secscan_notification_queue, secscan_endpoint
+from app import app, secscan_notification_queue, secscan_endpoint
 from data import model
 from data.database import (Image, ImageStorage, ExternalNotificationEvent,
-                           Repository, RepositoryNotification, RepositoryTag)
+                           Repository, RepositoryNotification, RepositoryTag, CloseForLongOperation)
 from endpoints.notificationhelper import spawn_notification
 from workers.queueworker import QueueWorker
 
@@ -55,8 +55,9 @@ class SecurityNotificationWorker(QueueWorker):
         logger.debug('Checking if layer %s is vulnerable to %s', tag_layer_id, cve_id)
 
         if not tag_layer_id in check_map:
-          is_vulerable = secscan_endpoint.check_layer_vulnerable(tag_layer_id, cve_id)
+          with CloseForLongOperation(app.config):
-          check_map[tag_layer_id] = is_vulerable
+            is_vulerable = secscan_endpoint.check_layer_vulnerable(tag_layer_id, cve_id)
+            check_map[tag_layer_id] = is_vulerable
 
         logger.debug('Result of layer %s is vulnerable to %s check: %s', tag_layer_id, cve_id,
                      check_map[tag_layer_id])
@@ -79,7 +80,7 @@ class SecurityNotificationWorker(QueueWorker):
         },
       }
 
-      # TODO(jzelinskie): only add this notification if the repository's event(s) defined meet
+      # TODO(jschorr): only add this notification if the repository's event(s) defined meet
       # the priority minimum.
       spawn_notification(repository_map[repository_id], 'vulnerability_found', event_data)