Skip to content

Commit 22e20eb

Browse files
michaelkedarmichaelkedar
committed
REST timing things
1 parent 9c5c2e0 commit 22e20eb

2 files changed

Lines changed: 21 additions & 4 deletions

File tree

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ update-api-snapshots:
5555
cd gcp/api && UPDATE_SNAPS=true ./run_tests_e2e.sh $(HOME)/.config/gcloud/application_default_credentials.json
5656

5757
lint:
58-
GOTOOLCHAIN=go1.25.7 $(run-cmd) tools/lint_and_format.sh
58+
GOTOOLCHAIN=go1.26.0 $(run-cmd) tools/lint_and_format.sh
5959

6060
build-osv-protos:
6161
cd osv && $(run-cmd) python -m grpc_tools.protoc --python_out=. --mypy_out=. --proto_path=. --proto_path=osv-schema/proto vulnerability.proto importfinding.proto

go/internal/importer/rest.go

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,7 @@ func handleImportREST(ctx context.Context, ch chan<- SourceRecord, config Config
9797
hasUpdateTime = true
9898
}
9999
timeOfRun := time.Now()
100+
lastModTime := time.Time{}
100101
if hasUpdateTime {
101102
// HEAD request to check if there are updates
102103
req, err := http.NewRequest(http.MethodHead, sourceRepo.REST.URL, nil)
@@ -110,8 +111,8 @@ func handleImportREST(ctx context.Context, ch chan<- SourceRecord, config Config
110111
}
111112
resp.Body.Close()
112113
lastModified := resp.Header.Get("Last-Modified")
113-
mod, err := time.Parse(time.RFC1123, lastModified)
114-
if err == nil && mod.Before(lastUpdated) {
114+
lastModTime, err = time.Parse(time.RFC1123, lastModified)
115+
if err == nil && lastModTime.Before(lastUpdated) {
115116
logger.Info("No changes since last update.",
116117
slog.String("source", sourceRepo.Name),
117118
slog.String("url", sourceRepo.REST.URL))
@@ -157,6 +158,7 @@ func handleImportREST(ctx context.Context, ch chan<- SourceRecord, config Config
157158

158159
return fmt.Errorf("REST API response is not an array for %s", sourceRepo.REST.URL)
159160
}
161+
maxModified := time.Time{}
160162
result.ForEach(func(_, vuln gjson.Result) bool {
161163
id := vuln.Get("id")
162164
if !id.Exists() {
@@ -176,6 +178,9 @@ func handleImportREST(ctx context.Context, ch chan<- SourceRecord, config Config
176178

177179
return true
178180
}
181+
if mod.After(maxModified) {
182+
maxModified = mod
183+
}
179184
if hasUpdateTime && mod.Before(lastUpdated) {
180185
return true
181186
}
@@ -196,7 +201,19 @@ func handleImportREST(ctx context.Context, ch chan<- SourceRecord, config Config
196201
return true
197202
})
198203

199-
sourceRepo.REST.LastUpdated = &timeOfRun
204+
// Set the last updated time to the minimum of:
205+
// - the time of run
206+
// - the max vulnerability modified time
207+
// - the Last-Modified time of the REST API response
208+
// This is to be more robust in case of misbehaving servers.
209+
timeToUpdate := timeOfRun
210+
if !maxModified.IsZero() && maxModified.Before(timeToUpdate) {
211+
timeToUpdate = maxModified
212+
}
213+
if !lastModTime.IsZero() && lastModTime.Before(timeToUpdate) {
214+
timeToUpdate = lastModTime
215+
}
216+
sourceRepo.REST.LastUpdated = &timeToUpdate
200217
sourceRepo.REST.IgnoreLastImportTime = false
201218
if err := config.SourceRepoStore.Update(ctx, sourceRepo.Name, sourceRepo); err != nil {
202219
logger.Error("Failed to update source repository", slog.Any("error", err), slog.String("source", sourceRepo.Name))

0 commit comments

Comments
 (0)