Adapt security worker for Clair v1.0 (except notifications)
This commit is contained in:
Quentin Machu
parent
c8d825c232
commit
e5da33578c
2 changed files with 160 additions and 170 deletions
|
|
@ -426,57 +426,16 @@ def ensure_image_locations(*names):
|
|||
data = [{'name': name} for name in insert_names]
|
||||
ImageStorageLocation.insert_many(data).execute()
|
||||
|
||||
def get_secscan_candidates(engine_version, batch_size):
|
||||
def get_image_with_storage_and_parent_base():
|
||||
Parent = Image.alias()
|
||||
ParentImageStorage = ImageStorage.alias()
|
||||
rimages = []
|
||||
|
||||
# Collect the images without parents.
|
||||
candidates = list(Image
|
||||
.select(Image.id)
|
||||
.join(ImageStorage)
|
||||
.where(Image.security_indexed_engine < engine_version,
|
||||
Image.parent >> None,
|
||||
ImageStorage.uploading == False)
|
||||
.limit(batch_size*10))
|
||||
|
||||
if len(candidates) > 0:
|
||||
images = (Image
|
||||
.select(Image, ImageStorage)
|
||||
.join(ImageStorage)
|
||||
.where(Image.id << candidates)
|
||||
.order_by(db_random_func())
|
||||
.limit(batch_size))
|
||||
rimages.extend(images)
|
||||
|
||||
# Collect the images with analyzed parents.
|
||||
candidates = list(Image
|
||||
.select(Image.id)
|
||||
.join(Parent, on=(Image.parent == Parent.id))
|
||||
.switch(Image)
|
||||
.join(ImageStorage)
|
||||
.where(Image.security_indexed_engine < engine_version,
|
||||
Parent.security_indexed_engine == engine_version,
|
||||
ImageStorage.uploading == False)
|
||||
.limit(batch_size*10))
|
||||
|
||||
if len(candidates) > 0:
|
||||
images = (Image
|
||||
.select(Image, ImageStorage, Parent, ParentImageStorage)
|
||||
.join(Parent, on=(Image.parent == Parent.id))
|
||||
.join(ParentImageStorage, on=(ParentImageStorage.id == Parent.storage))
|
||||
.switch(Image)
|
||||
.join(ImageStorage)
|
||||
.where(Image.id << candidates)
|
||||
.order_by(db_random_func())
|
||||
.limit(batch_size))
|
||||
rimages.extend(images)
|
||||
|
||||
# Shuffle the images, otherwise the images without parents will always be on the top
|
||||
random.shuffle(rimages)
|
||||
|
||||
return rimages
|
||||
|
||||
return (Image
|
||||
.select(Image, ImageStorage, Parent, ParentImageStorage)
|
||||
.join(ImageStorage)
|
||||
.switch(Image)
|
||||
.join(Parent, JOIN_LEFT_OUTER, on=(Image.parent == Parent.id))
|
||||
.join(ParentImageStorage, JOIN_LEFT_OUTER, on=(ParentImageStorage.id == Parent.storage)))
|
||||
|
||||
def set_secscan_status(image, indexed, version):
|
||||
query = (Image
|
||||
|
|
@ -487,12 +446,13 @@ def set_secscan_status(image, indexed, version):
|
|||
|
||||
ids_to_update = [row.id for row in query]
|
||||
if not ids_to_update:
|
||||
return
|
||||
return False
|
||||
|
||||
(Image
|
||||
.update(security_indexed=indexed, security_indexed_engine=version)
|
||||
.where(Image.id << ids_to_update)
|
||||
.execute())
|
||||
return (Image
|
||||
.update(security_indexed=indexed, security_indexed_engine=version)
|
||||
.where(Image.id << ids_to_update)
|
||||
.where((Image.security_indexed_engine != version) | (Image.security_indexed != indexed))
|
||||
.execute()) != 0
|
||||
|
||||
|
||||
def find_or_create_derived_storage(source_image, transformation_name, preferred_location):
|
||||
|
|
@ -536,5 +496,3 @@ def delete_derived_storage_by_uuid(storage_uuid):
|
|||
return
|
||||
|
||||
image_storage.delete_instance(recursive=True)
|
||||
|
||||
|
||||
|
|
|
|||
Reference in a new issue