Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enable v6 database #2439

Open
wants to merge 38 commits into
base: main
Choose a base branch
from
Open

feat: enable v6 database #2439

wants to merge 38 commits into from

Conversation

kzantow
Copy link
Contributor

@kzantow kzantow commented Feb 11, 2025
edited
Loading

This PR removes v5 database support from Grype, moving support to v6 databases. The db/v5 package needs to remain, however, as we will continue building v5 databases with functionality from that package in grype-db.

Closes #2129
Closes #2126
Fixes #2459
Fixes #1648
Fixes #2077

Enables previously implemented functionality:

kzantow and others added 22 commits February 11, 2025 15:03
@kzantow
feat: enable v6 database
3a336ab 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: update some tests
f958241 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: update URLs and docs
b04dd62 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: update yardstick
59af7cd 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
Merge remote-tracking branch 'origin/main' into feat/v6
c3848db
@kzantow
chore: update tests
8ff1271 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
fix: only log matcher errors
f22c78c 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
Merge branch 'fix/vulnerability-matcher-errors' into feat/v6
43cf25c
@kzantow
Merge remote-tracking branch 'origin/main' into feat/v6
09ad2a3
@kzantow
Merge remote-tracking branch 'origin/main' into feat/v6
6eaa028
@wagoodman
add details around DB deprecations
0220aef 
Signed-off-by: Alex Goodman <[email protected]>
@wagoodman
fix quality gate
9c00e1a 
Signed-off-by: Alex Goodman <[email protected]>
@kzantow
fix: filter unknown fix states
376986a 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: update tests
fde9506 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: update fix state unknown ignore rule
8a655b5 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
fix: rpm modularity qualifiers in v6
edfd2dc 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
fix: fail command when update check fails
c7c1213 
Signed-off-by: Keith Zantow <[email protected]>
@wagoodman
allow for importing a db file
c360e1b 
Signed-off-by: Alex Goodman <[email protected]>
@wagoodman
fix --by-cve
cd26673 
Signed-off-by: Alex Goodman <[email protected]>
@kzantow
fix: db update check tests
536e491 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow
chore: nil check
43cae40 
Signed-off-by: Keith Zantow <[email protected]>
@wagoodman
Merge remote-tracking branch 'origin/main' into feat/v6
de934e2 
Signed-off-by: Alex Goodman <[email protected]>
kzantow
kzantow commented Feb 20, 2025
View reviewed changes
grype/db/v6/installation/curator.go
return nil, fmt.Errorf("unable to get vulnerability store metadata: %w", err)
}

_, err = c.validate(db.DescriptionFromMetadata(m), c.config.ValidateChecksum)
Copy link
Contributor Author

@kzantow kzantow Feb 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was causing the db to be hashed twice, since the .Status() call is also hashing the db and validating age and is required (db status is required to be passed to the presenters), I've removed the validation from this call altogether.

kzantow
kzantow commented Feb 20, 2025
View reviewed changes
@kzantow kzantow marked this pull request as ready for review February 20, 2025 14:26
kzantow
kzantow commented Feb 21, 2025
View reviewed changes
test/cli/db_validations_test.go
},
},
{
name: "db status: valid db fails with hash mismatch",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This case handles: #1648

kzantow
kzantow commented Feb 21, 2025
View reviewed changes
test/cli/db_validations_test.go
},
},
{
name: "db status: missing db returns error",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test case handles: #2077

@kzantow
chore: cleanup
1d1f292 
Signed-off-by: Keith Zantow <[email protected]>
kzantow
kzantow commented Feb 21, 2025
View reviewed changes
cmd/grype/cli/options/experimental.go
"github.com/anchore/clio"
"github.com/anchore/grype/grype/db"
)

// Experimental options are opt-in features that are...
// ...not stable
// ...not yet fully supported
// ...not necessarily tested
// ...not ready for production use
// these may go away at any moment, do not depend on them
type Experimental struct {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we remove this struct altogether?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@wagoodman wagoodman

@kzantow kzantow

Labels
None yet
Projects
OSS
Status: In Progress
Milestone
No milestone
2 participants
@kzantow @wagoodman