github.com/quay/claircore@v1.5.28/libvuln/options.go (about)

     1  package libvuln
     2  
     3  import (
     4  	"net/http"
     5  	"time"
     6  
     7  	"github.com/quay/claircore/datastore"
     8  	"github.com/quay/claircore/libvuln/driver"
     9  )
    10  
    11  const (
    12  	DefaultUpdateWorkers   = 10
    13  	DefaultMaxConnPool     = 50
    14  	DefaultUpdateRetention = 2
    15  )
    16  
    17  type Options struct {
    18  	// Store is the interface used to persist and retrieve vulnerabilites
    19  	// for of matching.
    20  	Store datastore.MatcherStore
    21  	// Locker provides system-wide locks for the updater subsystem. If the
    22  	// matching work is distributed the lock should be backed by a distributed
    23  	// store.
    24  	Locker LockSource
    25  	// An interval on which Libvuln will check for new security database
    26  	// updates.
    27  	//
    28  	// This duration will have jitter added to it, to help with smearing load on
    29  	// installations.
    30  	UpdateInterval time.Duration
    31  	// A slice of strings representing which updaters libvuln will create.
    32  	//
    33  	// If nil all default UpdaterSets will be used.
    34  	//
    35  	// The following sets are supported:
    36  	// "alpine"
    37  	// "aws"
    38  	// "debian"
    39  	// "oracle"
    40  	// "photon"
    41  	// "pyupio"
    42  	// "rhel"
    43  	// "suse"
    44  	// "ubuntu"
    45  	UpdaterSets []string
    46  	// A list of out-of-tree updaters to run.
    47  	//
    48  	// This list will be merged with any defined UpdaterSets.
    49  	//
    50  	// If you desire no updaters to run do not add an updater
    51  	// into this slice.
    52  	Updaters []driver.Updater
    53  	// A slice of strings representing which
    54  	// matchers will be used.
    55  	//
    56  	// If nil all default Matchers will be used
    57  	//
    58  	// The following names are supported by default:
    59  	// "alpine"
    60  	// "aws"
    61  	// "debian"
    62  	// "oracle"
    63  	// "photon"
    64  	// "python"
    65  	// "rhel"
    66  	// "suse"
    67  	// "ubuntu"
    68  	MatcherNames []string
    69  
    70  	// Config holds configuration blocks for MatcherFactories and Matchers,
    71  	// keyed by name.
    72  	MatcherConfigs map[string]driver.MatcherConfigUnmarshaler
    73  
    74  	// A list of out-of-tree matchers you'd like libvuln to
    75  	// use.
    76  	//
    77  	// This list will me merged with the default matchers.
    78  	Matchers []driver.Matcher
    79  
    80  	// Enrichers is a slice of enrichers to use with all VulnerabilityReport
    81  	// requests.
    82  	Enrichers []driver.Enricher
    83  
    84  	// UpdateWorkers controls the number of update workers running concurrently.
    85  	// If less than or equal to zero, a sensible default will be used.
    86  	UpdateWorkers int
    87  
    88  	// UpdateRetention controls the number of updates to retain between
    89  	// garbage collection periods.
    90  	//
    91  	// The lowest possible value is 2 in order to compare updates for notification
    92  	// purposes.
    93  	UpdateRetention int
    94  
    95  	// If set to true, there will not be a goroutine launched to periodically
    96  	// run updaters.
    97  	DisableBackgroundUpdates bool
    98  
    99  	// UpdaterConfigs is a map of functions for configuration of Updaters.
   100  	UpdaterConfigs map[string]driver.ConfigUnmarshaler
   101  
   102  	// Client is an http.Client for use by all updaters.
   103  	//
   104  	// Must be set.
   105  	Client *http.Client
   106  }