Update quay sec code to fix problems identified in previous review

- Change get_repository_images_recursive to operate over a single docker image and storage uuid
- Move endpoints/sec to endpoints/secscan
- Change notification system to work with new Quay-sec format

Fixes #768

data/model/image.py

@@ -12,18 +12,23 @@ from data.database import (Image, Repository, ImageStoragePlacement, Namespace,
 logger = logging.getLogger(__name__)
 
 
-def get_repository_images_recursive(docker_image_ids):
-  """ Returns a query matching the given docker image IDs, along with any which have the image IDs
-      as parents.
-
-      Note: This is a DB intensive operation and should be used sparingly.
+def get_repository_image_and_deriving(docker_image_id, storage_uuid):
+  """ Returns all matching images with the given docker image ID and storage uuid, along with any
+      images which have the image ID as parents.
   """
-  # TODO: test this on MySQL and Postgres
-  inner_images = Image.select(SQL('"%/" || id || "/%"')).where(Image.docker_image_id << docker_image_ids)
+  try:
+    image_found = (Image
+                    .select()
+                    .join(ImageStorage)
+                    .where(Image.docker_image_id == docker_image_id,
+                           ImageStorage.uuid == storage_uuid)
+                    .get())
+  except Image.DoesNotExist:
+    return Image.select().where(Image.id < 0) # Empty query
 
-  images = Image.select(Image.id).where(Image.docker_image_id << docker_image_ids)
-  recursive_images = Image.select(Image.id).where(Image.ancestors ** inner_images)
-  return recursive_images | images
+  ancestors_pattern = '%s%s/%%' % (image_found.ancestors, image_found.id)
+  return Image.select().where((Image.ancestors ** ancestors_pattern) |
+                              (Image.id == image_found.id))
 
 
 def get_parent_images(namespace_name, repository_name, image_obj):