Skip to content

Commit

Permalink
fix(vulncheck): enable retry from the cli
Browse files Browse the repository at this point in the history 
Signed-off-by: Tristan Colgate-McFarlane <[email protected]>
  • Loading branch information
@tcolgate
tcolgate committed Oct 2, 2023
1 parent 6a7c543 commit e1affd8
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
6 changes: 5 additions & 1 deletion cmd/reimage/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ type app struct {
static *reimage.StaticRemapper
GrafeasParent string
VulnCheckTimeout time.Duration
VulnCheckMaxRetries int
VulnCheckIgnoreList []string
VulnCheckMaxCVSS float64
VulnCheckIgnoreImages string
Expand Down Expand Up @@ -91,7 +92,8 @@ func setup() (*app, error) {
flag.StringVar(&a.StaticMappings, "static-json-mappings-file", "", "take all mappings from a mappings file")
flag.StringVar(&a.StaticMappingsImg, "static-json-mappings-img", "", "take all mapping from a mappings registry image")

flag.DurationVar(&a.VulnCheckTimeout, "vulncheck-timeout", 5*time.Minute, "how long to wait for vulnerability scanning to complete")
flag.DurationVar(&a.VulnCheckTimeout, "vulncheck-timeout", 10*time.Minute, "how long to wait for vulnerability scanning to complete")
flag.IntVar(&a.VulnCheckMaxRetries, "vulncheck-max-retries", 20, "max number of attempts to check for vulnerabilitie")
flag.StringVar(&vulnIgnoreStr, "vulncheck-ignore-cve-list", "", "comma separated list of vulnerabilities to ignore")
flag.Float64Var(&a.VulnCheckMaxCVSS, "vulncheck-max-cvss", 0.0, "maximum CVSS vulnerabitility score")
flag.StringVar(&a.VulnCheckIgnoreImages, "vulncheck-ignore-images", "", "regexp of images to skip for CVE checks")
Expand Down Expand Up @@ -369,6 +371,8 @@ func (a *app) checkVulns(ctx context.Context, imgs map[string]reimage.QualifiedI
Grafeas: gc,
MaxCVSS: float32(a.VulnCheckMaxCVSS),
CVEIgnoreList: a.VulnCheckIgnoreList,
RetryMax: a.VulnCheckMaxRetries,
RetryDelay: a.VulnCheckTimeout,

Logger: a.log,
}
Expand Down
6 changes: 6 additions & 0 deletions grafeas.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"encoding/json"
"errors"
"fmt"
"log/slog"
"math"
"regexp"
"sort"
Expand Down Expand Up @@ -237,6 +238,11 @@ func (vc *GrafeasVulnChecker) Check(ctx context.Context, dig name.Digest) (*Chec

secRetry := math.Pow(2, float64(i))
delay := time.Duration(secRetry) * baseDelay

if vc.Logger != nil {
vc.Logger.Info("retrying discovery due to error", slog.String("img", img), slog.Duration("delay", delay), slog.String("err", err.Error()))
}

time.Sleep(delay)
}

Expand Down

0 comments on commit e1affd8

Please sign in to comment.