Uploaded image for project: 'Clair'
  1. Clair
  2. CLAIRDEV-38

Add enrichment support to sqlite datastore implementation

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Minor
    • None
    • None
    • cmd/clair-action
    • None
    • True
    • Hide

      None

      Show
      None
    • False

    Description

      Currently the local-clair code which currently houses a rough version of an sqlite datastore implementation does not support enrichments, this means that when the CI code generates an vulnerability report it lacks any enrichment data.

      Note: The enrichment data is already saved in the DB by the CVSS updater, this task is to implement the retrieval of the data and surfacing the data in the vulnerability report and subsequently the sarif report.

       

      TODO:

      • Implement GetEnrichments() for sqlite
      • Perform a lookup of enrichment data in the sarif template to link the enrichment data to the vulnerability

      Attachments

        Issue Links

          is blocked by

          Task - Represents a small unit of work that is not end-user facing. CLAIRDEV-43 Saving References of Vulnerabilities

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • To Do

          Activity

            People

              jcroslan@redhat.com Joseph Crosland
              jcroslan@redhat.com Joseph Crosland
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                PagerDuty