From 3e4a8cafecf7392314da1f0c55c911f1faddb75a Mon Sep 17 00:00:00 2001 From: prakhar katiyar Date: Thu, 15 May 2025 18:54:14 +0530 Subject: [PATCH 1/2] pending scan bypass --- image-scanner/config.md | 3 ++- image-scanner/env_gen.md | 1 + image-scanner/pkg/security/ImageScanService.go | 17 ++++++++++++----- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/image-scanner/config.md b/image-scanner/config.md index 9fbe61721..959e3afa0 100644 --- a/image-scanner/config.md +++ b/image-scanner/config.md @@ -1,9 +1,10 @@ -# IMAGESCANER CONFIGMAP +# IMAGESCANER CONFIGMAP | Variable Name | Value | Description | |---------------------|----------------------------------------|-------------------------------| | CLAIR_ADDR | clair-dcd.devtroncd:6060 | For connecting to Clair if it's enabled | +| ENABLE_PROGRESSING_SCAN_CHECK | "true" | Flag to enable/disable checking for progressing scans at startup (set to "false" to improve startup performance) | | CLIENT_ID | client-2 | Client ID | | NATS_SERVER_HOST | nats://devtron-nats.devtroncd:4222 | For connecting to NATS | | PG_LOG_QUERY | "false" | PostgreSQL Query Logging (false to disable) | diff --git a/image-scanner/env_gen.md b/image-scanner/env_gen.md index 7d8c12043..65d49aad9 100644 --- a/image-scanner/env_gen.md +++ b/image-scanner/env_gen.md @@ -9,6 +9,7 @@ | CONSUMER_CONFIG_JSON | string | | | | false | | DEFAULT_LOG_TIME_LIMIT | int64 |1 | | | false | | ENABLE_STATSVIZ | bool |false | | | false | + | ENABLE_PROGRESSING_SCAN_CHECK | bool |true | Flag to enable/disable checking for progressing scans at startup | false | false | | IMAGE_SCAN_ASYNC_TIMEOUT | int |3 | | | false | | IMAGE_SCAN_TIMEOUT | int |10 | | | false | | IMAGE_SCAN_TRY_COUNT | int |1 | | | false | diff --git a/image-scanner/pkg/security/ImageScanService.go b/image-scanner/pkg/security/ImageScanService.go index be0d2ceac..55c5616c0 100644 --- a/image-scanner/pkg/security/ImageScanService.go +++ b/image-scanner/pkg/security/ImageScanService.go @@ -111,7 +111,13 @@ func NewImageScanServiceImpl(logger *zap.SugaredLogger, scanHistoryRepository re RegistryIndexMappingRepository: registryIndexMappingRepository, CliCommandEnv: os.Environ(), } - imageScanService.HandleProgressingScans() + // Only check for progressing scans if the flag is enabled + if imageScanConfig.EnableProgressingScanCheck { + logger.Infow("checking for progressing scans at startup") + imageScanService.HandleProgressingScans() + } else { + logger.Infow("skipping progressing scans check at startup as it is disabled") + } return imageScanService } @@ -125,10 +131,11 @@ func GetImageScannerConfig() (*ImageScanConfig, error) { } type ImageScanConfig struct { - ScannerType string `env:"SCANNER_TYPE" envDefault:""` - ScanTryCount int `env:"IMAGE_SCAN_TRY_COUNT" envDefault:"1"` - ScanImageTimeout int `env:"IMAGE_SCAN_TIMEOUT" envDefault:"10"` // Time is considered in minutes - ScanImageAsyncTimeout int `env:"IMAGE_SCAN_ASYNC_TIMEOUT" envDefault:"3"` // Time is considered in minutes + ScannerType string `env:"SCANNER_TYPE" envDefault:""` + ScanTryCount int `env:"IMAGE_SCAN_TRY_COUNT" envDefault:"1"` + ScanImageTimeout int `env:"IMAGE_SCAN_TIMEOUT" envDefault:"10"` // Time is considered in minutes + ScanImageAsyncTimeout int `env:"IMAGE_SCAN_ASYNC_TIMEOUT" envDefault:"3"` // Time is considered in minutes + EnableProgressingScanCheck bool `env:"ENABLE_PROGRESSING_SCAN_CHECK" envDefault:"true"` // Flag to enable/disable checking for progressing scans at startup } func (impl *ImageScanServiceImpl) GetImageToBeScannedAndFetchCliEnv(scanEvent *bean2.ImageScanEvent) (string, error) { From bbc8a3a38bfcdadf91cca8d295ee61449a1818ca Mon Sep 17 00:00:00 2001 From: prakhar katiyar Date: Thu, 15 May 2025 18:56:13 +0530 Subject: [PATCH 2/2] pending scan bypass --- image-scanner/env_gen.json | 2 +- image-scanner/env_gen.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/image-scanner/env_gen.json b/image-scanner/env_gen.json index 1d5fbcfc1..4c0437777 100644 --- a/image-scanner/env_gen.json +++ b/image-scanner/env_gen.json @@ -1 +1 @@ -[{"Category":"DEVTRON","Fields":[{"Env":"APP","EnvType":"string","EnvValue":"image-scanner","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CLAIR_ADDR","EnvType":"string","EnvValue":"http://localhost:6060","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CLAIR_TIMEOUT","EnvType":"int","EnvValue":"30","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CONSUMER_CONFIG_JSON","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"DEFAULT_LOG_TIME_LIMIT","EnvType":"int64","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"ENABLE_STATSVIZ","EnvType":"bool","EnvValue":"false","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_ASYNC_TIMEOUT","EnvType":"int","EnvValue":"3","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_TIMEOUT","EnvType":"int","EnvValue":"10","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_TRY_COUNT","EnvType":"int","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"JSON_OUTPUT","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"LOG_LEVEL","EnvType":"int","EnvValue":"0","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_ACK_WAIT_IN_SECS","EnvType":"int","EnvValue":"120","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_BUFFER_SIZE","EnvType":"int","EnvValue":"-1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_MAX_AGE","EnvType":"int","EnvValue":"86400","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_PROCESSING_BATCH_SIZE","EnvType":"int","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_REPLICAS","EnvType":"int","EnvValue":"0","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_SERVER_HOST","EnvType":"string","EnvValue":"nats://devtron-nats.devtroncd:4222","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_ADDR","EnvType":"string","EnvValue":"127.0.0.1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_DATABASE","EnvType":"string","EnvValue":"orchestrator","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_EXPORT_PROM_METRICS","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_ALL_FAILURE_QUERIES","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_ALL_QUERY","EnvType":"bool","EnvValue":"false","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_SLOW_QUERY","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_PASSWORD","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_PORT","EnvType":"string","EnvValue":"5432","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_QUERY_DUR_THRESHOLD","EnvType":"int64","EnvValue":"5000","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_USER","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PROJECT_ID","EnvType":"string","EnvValue":"projects/devtron-project-id","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"SCANNER_TYPE","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"SERVER_HTTP_PORT","EnvType":"int","EnvValue":"8080","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"STREAM_CONFIG_JSON","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"}]}] \ No newline at end of file +[{"Category":"DEVTRON","Fields":[{"Env":"APP","EnvType":"string","EnvValue":"image-scanner","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CLAIR_ADDR","EnvType":"string","EnvValue":"http://localhost:6060","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CLAIR_TIMEOUT","EnvType":"int","EnvValue":"30","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"CONSUMER_CONFIG_JSON","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"DEFAULT_LOG_TIME_LIMIT","EnvType":"int64","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"ENABLE_PROGRESSING_SCAN_CHECK","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"ENABLE_STATSVIZ","EnvType":"bool","EnvValue":"false","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_ASYNC_TIMEOUT","EnvType":"int","EnvValue":"3","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_TIMEOUT","EnvType":"int","EnvValue":"10","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"IMAGE_SCAN_TRY_COUNT","EnvType":"int","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"JSON_OUTPUT","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"LOG_LEVEL","EnvType":"int","EnvValue":"0","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_ACK_WAIT_IN_SECS","EnvType":"int","EnvValue":"120","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_BUFFER_SIZE","EnvType":"int","EnvValue":"-1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_MAX_AGE","EnvType":"int","EnvValue":"86400","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_PROCESSING_BATCH_SIZE","EnvType":"int","EnvValue":"1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_MSG_REPLICAS","EnvType":"int","EnvValue":"0","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"NATS_SERVER_HOST","EnvType":"string","EnvValue":"nats://devtron-nats.devtroncd:4222","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_ADDR","EnvType":"string","EnvValue":"127.0.0.1","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_DATABASE","EnvType":"string","EnvValue":"orchestrator","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_EXPORT_PROM_METRICS","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_ALL_FAILURE_QUERIES","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_ALL_QUERY","EnvType":"bool","EnvValue":"false","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_LOG_SLOW_QUERY","EnvType":"bool","EnvValue":"true","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_PASSWORD","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_PORT","EnvType":"string","EnvValue":"5432","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_QUERY_DUR_THRESHOLD","EnvType":"int64","EnvValue":"5000","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PG_USER","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"PROJECT_ID","EnvType":"string","EnvValue":"projects/devtron-project-id","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"SCANNER_TYPE","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"SERVER_HTTP_PORT","EnvType":"int","EnvValue":"8080","EnvDescription":"","Example":"","Deprecated":"false"},{"Env":"STREAM_CONFIG_JSON","EnvType":"string","EnvValue":"","EnvDescription":"","Example":"","Deprecated":"false"}]}] \ No newline at end of file diff --git a/image-scanner/env_gen.md b/image-scanner/env_gen.md index 65d49aad9..eac53ee9c 100644 --- a/image-scanner/env_gen.md +++ b/image-scanner/env_gen.md @@ -8,8 +8,8 @@ | CLAIR_TIMEOUT | int |30 | | | false | | CONSUMER_CONFIG_JSON | string | | | | false | | DEFAULT_LOG_TIME_LIMIT | int64 |1 | | | false | + | ENABLE_PROGRESSING_SCAN_CHECK | bool |true | | | false | | ENABLE_STATSVIZ | bool |false | | | false | - | ENABLE_PROGRESSING_SCAN_CHECK | bool |true | Flag to enable/disable checking for progressing scans at startup | false | false | | IMAGE_SCAN_ASYNC_TIMEOUT | int |3 | | | false | | IMAGE_SCAN_TIMEOUT | int |10 | | | false | | IMAGE_SCAN_TRY_COUNT | int |1 | | | false |