Added

Signed-off-by: daynewlee <[email protected]>
quay · Nov 12, 2024 · 1dd68fc · 1dd68fc
1 parent 64c75f6
commit 1dd68fc
Showing 1 changed file with 45 additions and 14 deletions.
diff --git a/enricher/epss/epss.go b/enricher/epss/epss.go
@@ -6,19 +6,18 @@ import (
 	"encoding/csv"
 	"encoding/json"
 	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"path"
-	"strings"
-	"time"
-
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
 	"github.com/quay/claircore"
 	"github.com/quay/claircore/libvuln/driver"
 	"github.com/quay/claircore/pkg/tmp"
 	"github.com/quay/zlog"
+	"io"
+	"net/http"
+	"net/url"
+	"path"
+	"strings"
+	"time"
 )
 
 var (
@@ -31,12 +30,20 @@ var (
 const (
 	// DefaultFeeds is the default place to look for EPSS feeds.
 	// epss_scores-YYYY-MM-DD.csv.gz needs to be specified to get all data
-	DefaultRootUrl = `https://epss.cyentia.com/`
+	DefaultFeeds = `https://epss.cyentia.com/`
 
 	// epssName is the name of the enricher
 	epssName = `clair.epss`
 )
 
+func init() {
+	var err error
+	defaultFeed, err = url.Parse(DefaultFeeds)
+	if err != nil {
+		panic(err)
+	}
+}
+
 // Enricher provides EPSS data as enrichments to a VulnerabilityReport.
 //
 // Configure must be called before any other methods.
@@ -47,10 +54,28 @@ type Enricher struct {
 	feedPath string
 }
 
-func (e Enricher) FetchEnrichment(ctx context.Context, fingerprint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error) {
+// Config is the configuration for Enricher.
+type Config struct {
+	FeedRoot *string `json:"feed_root" yaml:"feed_root"`
+}
+
+func (e *Enricher) Configure(ctx context.Context, f driver.ConfigUnmarshaler, c *http.Client) error {
+	ctx = zlog.ContextWithValues(ctx, "component", "enricher/epss/Enricher/Configure")
+	var cfg Config
+	e.c = c
+	if err := f(&cfg); err != nil {
+		return err
+	}
+	if cfg.FeedRoot != nil && strings.HasSuffix(*cfg.FeedRoot, ".gz") {
+		e.feedPath = *cfg.FeedRoot
+	} else {
+		e.sourceURL()
+	}
+	return nil
+}
+
+func (e *Enricher) FetchEnrichment(ctx context.Context, fingerprint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error) {
 	ctx = zlog.ContextWithValues(ctx, "component", "enricher/epss/Enricher/FetchEnrichment")
-	currentDate := time.Now()
-	formattedDate := currentDate.Format("2006-01-02")
 	// Force a new hint, to signal updaters that this is new data.
 	newUUID := uuid.New()
 	hint := driver.Fingerprint(newUUID.String())
@@ -68,8 +93,7 @@ func (e Enricher) FetchEnrichment(ctx context.Context, fingerprint driver.Finger
 		}
 	}()
 	if e.feedPath == "" || !strings.HasSuffix(e.feedPath, ".gz") {
-		filePath := fmt.Sprintf("epss_scores-%s.csv.gz", formattedDate)
-		e.feedPath = path.Join(DefaultRootUrl, filePath)
+		e.sourceURL()
 	}
 	resp, err := http.Get(e.feedPath)
 	if err != nil {
@@ -157,7 +181,14 @@ func (*Enricher) Name() string {
 	return epssName
 }
 
-func (e Enricher) Enrich(ctx context.Context, getter driver.EnrichmentGetter, report *claircore.VulnerabilityReport) (string, []json.RawMessage, error) {
+func (e *Enricher) sourceURL() {
+	currentDate := time.Now()
+	formattedDate := currentDate.Format("2006-01-02")
+	filePath := fmt.Sprintf("epss_scores-%s.csv.gz", formattedDate)
+	e.feedPath = path.Join(DefaultFeeds, filePath)
+}
+
+func (e *Enricher) Enrich(ctx context.Context, getter driver.EnrichmentGetter, report *claircore.VulnerabilityReport) (string, []json.RawMessage, error) {
 	//TODO implement me
 	panic("implement me")
 }