Skip to content

Latest commit

 

History

History
61 lines (35 loc) · 2.06 KB

README.md

File metadata and controls

61 lines (35 loc) · 2.06 KB

Garden Linux Vulnerability Database

This repository contains the central entrypoint to the Garden Linux Vulnerability Database (glvd) project. It implements an application to track security vulnerabilities in Garden Linux.

Note

GLVD is work in progress and does not provide a stable api yet.

Components

The code of glvd is located in multiple repositories inside the gardenlinux org on GitHub.

glvd is implemented in various components.

A postgres database is the central component of glvd. This repository contains a Containerfile to run this database.

Data ingestion creates the required database schema and imports data from external sources such as NVD and the debian security tracker.

The backend api exposed an HTTP API to get data out of the database.

It also contains a simple web interface.

The client is available in the Garden Linux APT repo.

Deploy your own instance

Kubernetes

Manifest files for a kubernetes deployment are located in deployment/k8s. Those deployments are used to create setup of glvd on a Gardener cluster.

See the deploy-k8s.sh script for details.

A setup for Compose can be found in deployment/compose/compose.yaml.

Example command to start locally:

podman compose --file deployment/compose/compose.yaml up

This will give you a running instance of the database and the backend, but the database has no schema and no data.

To init the db, you may run something like:

podman run -it --rm --network=compose_glvd --env PGHOST=glvd-postgres ghcr.io/gardenlinux/glvd-init:latest

Note that this will wipe the existing database, so in case you want to keep data be sure to back it up.