Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow v6 store to support multiple qualifiers #2338

Merged
merged 3 commits into from
Dec 18, 2024
Merged

Conversation

wagoodman
Copy link
Contributor

@wagoodman wagoodman commented Dec 17, 2024

Today the v6 store can search for singular things (a single vulnerability, filter by a single distro, search by a single package). This PR changes the store to support searching and filtering by multiple criteria (supporting #2303).

All changes made:

  • add slice of all *Spec objects in searching
  • allow for configurable limit on queries (default is no limit)
  • fetch and attach blobs in batches (not individually)
  • fetch all queries in small batches (better support for queries with several results)
  • adjust indexes:
    • hydrate them when opening a writable DB without truncate options
    • adds additional individual indexes for common search cases (search by name, product, or vendor)
  • fix logging and monitor values when importing/downloading a DB
  • better stringer support for *Spec classes (improved logging)
  • upgrade the gorm logger:
    • enable debug option
    • support setting log level
    • warn on slow queries
    • trace logging support to show individual queries

@wagoodman wagoodman added the changelog-ignore Don't include this issue in the release changelog label Dec 17, 2024
@wagoodman wagoodman self-assigned this Dec 17, 2024
@wagoodman wagoodman marked this pull request as ready for review December 17, 2024 15:59
@wagoodman wagoodman marked this pull request as draft December 18, 2024 15:03
@wagoodman wagoodman force-pushed the v6-search-store-support branch from 224be59 to c7f35a1 Compare December 18, 2024 15:54
@wagoodman wagoodman force-pushed the v6-search-store-support branch from c7f35a1 to 01f1def Compare December 18, 2024 17:54
@wagoodman wagoodman marked this pull request as ready for review December 18, 2024 18:02
Signed-off-by: Alex Goodman <[email protected]>
grype/db/internal/gormadapter/logger.go Show resolved Hide resolved

query := s.handlePackage(s.db, pkg)
query := s.handlePackage(s.db.Model(&AffectedPackageHandle{}), pkg)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is this for? (the model docs didn't help me understand this) maybe add a comment if it's required as to why

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this change was unintentional and is a no-op essentially in this context (I'll remove this change). This orients the query to be against the model (automatically inferring the table name from the model). We could in theory be using this more often to that joins are less explicit, but that can be done later.

grype/db/v6/installation/curator.go Outdated Show resolved Hide resolved
Signed-off-by: Alex Goodman <[email protected]>
@wagoodman wagoodman enabled auto-merge (squash) December 18, 2024 19:21
@wagoodman wagoodman merged commit f263234 into main Dec 18, 2024
10 checks passed
@wagoodman wagoodman deleted the v6-search-store-support branch December 18, 2024 19:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
changelog-ignore Don't include this issue in the release changelog
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

2 participants