Read the number of unscanned clair images from the block allocator

2017-02-21 19:13:51 -05:00 · 2017-02-21 19:13:51 -05:00 · b03e03c389
commit b03e03c389
parent 0214b1ba9f
5 changed files with 61 additions and 15 deletions
--- a/workers/globalpromstats.py
+++ b/workers/globalpromstats.py
@ -43,13 +43,6 @@ class GlobalPrometheusStatsWorker(Worker):
      metric_queue.org_count.Set(model.organization.get_active_org_count())
      metric_queue.robot_count.Set(model.user.get_robot_count())

-      if features.SECURITY_SCANNER:
-        # Clair repo counts.
-        unscanned_images_gauge.Set(
-          get_count_of_images_eligible_for_scan(app.config.get('SECURITY_SCANNER_ENGINE_VERSION_TARGET', 2))
-        )
-        images_gauge.Set(total_image_count())
-

 def main():
  logging.config.fileConfig('conf/logging_debug.conf', disable_existing_loggers=False)
--- a/workers/securityworker.py
+++ b/workers/securityworker.py
@ -7,25 +7,28 @@ from app import app, secscan_api, prometheus
 from workers.worker import Worker
 from data.database import UseThenDisconnect
 from data.model.image import (get_images_eligible_for_scan, get_max_id_for_sec_scan,
-                              get_min_id_for_sec_scan, get_image_id)
+                              get_min_id_for_sec_scan, get_image_id, total_image_count)
 from util.secscan.api import SecurityConfigValidator
 from util.secscan.analyzer import LayerAnalyzer, PreemptedException
 from util.migrate.allocator import yield_random_entries
 from endpoints.v2 import v2_bp

+
 BATCH_SIZE = 50
 INDEXING_INTERVAL = 30

+
 logger = logging.getLogger(__name__)
 unscanned_images_gauge = prometheus.create_gauge('unscanned_images', 'Number of images that clair needs to scan.')
 images_gauge = prometheus.create_gauge('all_images', 'Total number of images that clair can scan.')

+
 class SecurityWorker(Worker):
  def __init__(self):
    super(SecurityWorker, self).__init__()
    validator = SecurityConfigValidator(app.config)
    if validator.valid():
-      self._target_version = app.config.get('SECURITY_SCANNER_ENGINE_VERSION_TARGET', 2)
+      self._target_version = app.config.get('SECURITY_SCANNER_ENGINE_VERSION_TARGET', 3)
      self._analyzer = LayerAnalyzer(app.config, secscan_api)

      # Get the ID of the first image we want to analyze.
@ -46,14 +49,24 @@ class SecurityWorker(Worker):
      return

    with UseThenDisconnect(app.config):
-      for candidate, abt in yield_random_entries(batch_query, get_image_id(), BATCH_SIZE, max_id,
-                                                 self._min_id):
+      to_scan_generator = yield_random_entries(
+        batch_query,
+        get_image_id(),
+        BATCH_SIZE,
+        max_id,
+        self._min_id,
+      )
+      for candidate, abt, num_remaining in to_scan_generator:
        try:
          self._analyzer.analyze_recursively(candidate)
        except PreemptedException:
          logger.info('Another worker pre-empted us for layer: %s', candidate.id)
          abt.set()

+        unscanned_images_gauge.Set(num_remaining)
+        images_gauge.Set(total_image_count())
+
+
    # If we reach this point, we analyzed every images up to max_id, next time the worker runs,
    # we want to start from the next image.
    self._min_id = max_id + 1