WIP

AlexGustafsson · Dec 29, 2024 · 51ef49a · 51ef49a
1 parent bab9850
commit 51ef49a
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/tools/vulndb/internal/oci/push.go b/tools/vulndb/internal/oci/push.go
@@ -47,6 +47,7 @@ func PushArtifact(ctx context.Context, path string, username string, password st
 	}
 
 	manifestDescriptor.Annotations["org.opencontainers.image.source"] = "https://github.com/AlexGustafsson/cupdate"
+	manifestDescriptor.Annotations["org.opencontainers.image.description"] = `Cupdate's vulnerability database.`
 
 	tag := "latest"
 	if err = fs.Tag(ctx, manifestDescriptor, tag); err != nil {

diff --git a/tools/vulndb/main.go b/tools/vulndb/main.go
@@ -17,6 +17,10 @@ import (
 )
 
 func main() {
+	slog.SetDefault(slog.New(slog.NewJSONHandler(os.Stderr, &slog.HandlerOptions{Level: slog.LevelDebug})))
+
+	slog.Info("Starting vulndb collector")
+
 	ctx, cancel := context.WithCancel(context.Background())
 
 	go func() {
@@ -38,24 +42,31 @@ func run(ctx context.Context) error {
 	githubToken := os.Getenv("INPUT_GITHUB_TOKEN")
 	githubActor := os.Getenv("INPUT_GITHUB_ACTOR")
 
+	if githubToken == "" || githubActor == "" {
+		return fmt.Errorf("missing required input(s)")
+	}
+
 	workdir, err := os.MkdirTemp(os.TempDir(), "cupdate-vulndb-*")
 	if err != nil {
 		return err
 	}
 
 	workdir = filepath.Join(workdir, "advisory-database")
 
+	slog.Debug("Performing shallow clone of GitHub's advisory database")
 	err = git.ShallowClone(context.Background(), "https://github.com/github/advisory-database", workdir, "advisories/github-reviewed/2024")
 	if err != nil {
 		return fmt.Errorf("failed to clone repository: %w", err)
 	}
 
+	slog.Debug("Creating database")
 	db, err := db.Open("vulndb.sqlite")
 	if err != nil {
 		return err
 	}
 	defer db.Close()
 
+	slog.Debug("Inserting advisories in database")
 	err = filepath.WalkDir(workdir, func(path string, d fs.DirEntry, err error) error {
 		if filepath.Ext(path) == ".json" {
 			file, err := os.Open(path)
@@ -78,9 +89,15 @@ func run(ctx context.Context) error {
 		slog.Error("Failed to close database", slog.Any("error", db))
 	}
 
+	if err != nil {
+		return err
+	}
+
+	slog.Debug("Pushing artifact")
 	if err := oci.PushArtifact(ctx, "vulndb.sqlite", githubActor, githubToken); err != nil {
 		return err
 	}
 
-	return err
+	slog.Info("Successfully pushed artifact")
+	return nil
 }