gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-21 23:00:42 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix: lock downloading policies and database (#4017)

Browse Source
This commit is contained in:
Teppei Fukuda
2023-04-10 15:37:13 +03:00
committed by GitHub
parent 009675c825
commit f0df725c5a
3 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/commands/artifact/run.go
View File

@@ -126,7 +126,7 @@ func NewRunner(ctx context.Context, cliOptions flag.Options, opts ...runnerOptio
} }
// Update the vulnerability database if needed. // Update the vulnerability database if needed.
if err := r.initDB(cliOptions); err != nil { if err := r.initDB(ctx, cliOptions); err != nil {
return nil, xerrors.Errorf("DB error: %w", err) return nil, xerrors.Errorf("DB error: %w", err)
} }
@@ -302,7 +302,7 @@ func (r *runner) Report(opts flag.Options, report types.Report) error {
return nil return nil
} }
func (r *runner) initDB(opts flag.Options) error { func (r *runner) initDB(ctx context.Context, opts flag.Options) error {
if err := r.initJavaDB(opts); err != nil { if err := r.initJavaDB(opts); err != nil {
return err return err
} }
@@ -314,7 +314,7 @@ func (r *runner) initDB(opts flag.Options) error {
// download the database file // download the database file
noProgress := opts.Quiet || opts.NoProgress noProgress := opts.Quiet || opts.NoProgress
if err := operation.DownloadDB(opts.AppVersion, opts.CacheDir, opts.DBRepository, noProgress, opts.SkipDBUpdate, opts.Remote()); err != nil { if err := operation.DownloadDB(ctx, opts.AppVersion, opts.CacheDir, opts.DBRepository, noProgress, opts.SkipDBUpdate, opts.Remote()); err != nil {
return err return err
} }

12
pkg/commands/operation/operation.go
View File

@@ -6,6 +6,7 @@ import (
"crypto/x509" "crypto/x509"
"os" "os"
"strings" "strings"
"sync"
"github.com/go-redis/redis/v8" "github.com/go-redis/redis/v8"
"github.com/google/wire" "github.com/google/wire"
@@ -22,6 +23,8 @@ import (
"github.com/aquasecurity/trivy/pkg/utils/fsutils" "github.com/aquasecurity/trivy/pkg/utils/fsutils"
) )
var mu sync.Mutex
// SuperSet binds cache dependencies // SuperSet binds cache dependencies
var SuperSet = wire.NewSet( var SuperSet = wire.NewSet(
cache.NewFSCache, cache.NewFSCache,
@@ -106,9 +109,11 @@ func (c Cache) ClearArtifacts() error {
} }
// DownloadDB downloads the DB // DownloadDB downloads the DB
func DownloadDB(appVersion, cacheDir, dbRepository string, quiet, skipUpdate bool, opt types.RemoteOptions) error { func DownloadDB(ctx context.Context, appVersion, cacheDir, dbRepository string, quiet, skipUpdate bool, opt types.RemoteOptions) error {
mu.Lock()
defer mu.Unlock()
client := db.NewClient(cacheDir, quiet, db.WithDBRepository(dbRepository)) client := db.NewClient(cacheDir, quiet, db.WithDBRepository(dbRepository))
ctx := context.Background()
needsUpdate, err := client.NeedsUpdate(appVersion, skipUpdate) needsUpdate, err := client.NeedsUpdate(appVersion, skipUpdate)
if err != nil { if err != nil {
return xerrors.Errorf("database error: %w", err) return xerrors.Errorf("database error: %w", err)
@@ -143,6 +148,9 @@ func showDBInfo(cacheDir string) error {
// InitBuiltinPolicies downloads the built-in policies and loads them // InitBuiltinPolicies downloads the built-in policies and loads them
func InitBuiltinPolicies(ctx context.Context, cacheDir string, quiet, skipUpdate bool) ([]string, error) { func InitBuiltinPolicies(ctx context.Context, cacheDir string, quiet, skipUpdate bool) ([]string, error) {
mu.Lock()
defer mu.Unlock()
client, err := policy.NewClient(cacheDir, quiet) client, err := policy.NewClient(cacheDir, quiet)
if err != nil { if err != nil {
return nil, xerrors.Errorf("policy client error: %w", err) return nil, xerrors.Errorf("policy client error: %w", err)

2
pkg/commands/server/run.go
View File

@@ -34,7 +34,7 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
} }
// download the database file // download the database file
if err = operation.DownloadDB(opts.AppVersion, opts.CacheDir, opts.DBRepository, if err = operation.DownloadDB(ctx, opts.AppVersion, opts.CacheDir, opts.DBRepository,
true, opts.SkipDBUpdate, opts.Remote()); err != nil { true, opts.SkipDBUpdate, opts.Remote()); err != nil {
return err return err
} }