-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
internal/database: add logic to validate a new deploy
Adds a function, Validate, which checks a candidate Go vulnerability database against an existing one, to ensure that both databases are valid, timestamps are consistent and no OSV entries would be deleted. Moves single-database validation logic (previously called Validate) to the Load function, so that Load now loads and checks a database. Also adds a command line tool, "checkdeploy" which calls the new Validate function. This tool will be used in the deploy script for vulndb. For golang/go#56417 Change-Id: Ifa12234376f2a3fd577d96978919b167fcb25f64 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/452443 Reviewed-by: Damien Neil <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Tatiana Bradley <[email protected]> Reviewed-by: Jonathan Amsterdam <[email protected]>
- Loading branch information
Showing
16 changed files
with
598 additions
and
192 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
// Copyright 2022 The Go Authors. All rights reserved. | ||
// Use of this source code is governed by a BSD-style | ||
// license that can be found in the LICENSE file. | ||
|
||
// Command checkdeploy validates that it is safe to deploy a new | ||
// vulnerability database. | ||
package main | ||
|
||
import ( | ||
"flag" | ||
"log" | ||
|
||
"golang.org/x/vulndb/internal/database" | ||
) | ||
|
||
var ( | ||
newPath = flag.String("new", "", "path to new database") | ||
existingPath = flag.String("existing", "", "path to existing database") | ||
) | ||
|
||
func main() { | ||
flag.Parse() | ||
if *newPath == "" { | ||
log.Fatalf("flag -new must be set") | ||
} | ||
if *existingPath == "" { | ||
log.Fatalf("flag -existing must be set") | ||
} | ||
if err := database.Validate(*newPath, *existingPath); err != nil { | ||
log.Fatal(err) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.