Skip to content

Commit

Permalink
fix(java): download java-db once (#5442)
Browse files Browse the repository at this point in the history
  • Loading branch information
DmitriyLewen authored Oct 26, 2023
1 parent 57fa701 commit 26b4959
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 14 deletions.
15 changes: 5 additions & 10 deletions pkg/fanal/analyzer/language/java/jar/jar.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ import (
"github.com/aquasecurity/trivy/pkg/fanal/analyzer/language"
"github.com/aquasecurity/trivy/pkg/fanal/types"
"github.com/aquasecurity/trivy/pkg/javadb"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/parallel"
)

Expand All @@ -34,8 +33,7 @@ var requiredExtensions = []string{

// javaLibraryAnalyzer analyzes jar/war/ear/par files
type javaLibraryAnalyzer struct {
client *javadb.DB
slow bool
slow bool
}

func newJavaLibraryAnalyzer(options analyzer.AnalyzerOptions) (analyzer.PostAnalyzer, error) {
Expand All @@ -46,23 +44,20 @@ func newJavaLibraryAnalyzer(options analyzer.AnalyzerOptions) (analyzer.PostAnal

func (a *javaLibraryAnalyzer) PostAnalyze(ctx context.Context, input analyzer.PostAnalysisInput) (*analyzer.AnalysisResult, error) {
// TODO: think about the sonatype API and "--offline"
var err error
log.Logger.Info("JAR files found")
a.client, err = javadb.NewClient()
client, err := javadb.NewClient()
if err != nil {
return nil, xerrors.Errorf("Unable to initialize the Java DB: %s", err)
}
defer func() { _ = a.client.Close() }()
log.Logger.Info("Analyzing JAR files takes a while...")
defer func() { _ = client.Close() }()

// Skip analyzing JAR files as the nil client means the Java DB was not downloaded successfully.
if a.client == nil {
if client == nil {
return nil, nil
}

// It will be called on each JAR file
onFile := func(path string, info fs.FileInfo, r dio.ReadSeekerAt) (*types.Application, error) {
p := jar.NewParser(a.client, jar.WithSize(info.Size()), jar.WithFilePath(path))
p := jar.NewParser(client, jar.WithSize(info.Size()), jar.WithFilePath(path))
return language.ParsePackage(types.Jar, path, r, p, input.Options.FileChecksum)
}

Expand Down
12 changes: 8 additions & 4 deletions pkg/javadb/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"os"
"path/filepath"
"sort"
"sync"
"time"

"golang.org/x/xerrors"
Expand All @@ -31,6 +32,7 @@ type Updater struct {
skip bool
quiet bool
registryOption ftypes.RegistryOptions
once sync.Once // we need to update java-db once per run
}

func (u *Updater) Update() error {
Expand Down Expand Up @@ -93,10 +95,12 @@ func Update() error {
if updater == nil {
return xerrors.New("Java DB client not initialized")
}
if err := updater.Update(); err != nil {
return xerrors.Errorf("Java DB update error: %w", err)
}
return nil

var err error
updater.once.Do(func() {
err = updater.Update()
})
return err
}

type DB struct {
Expand Down

0 comments on commit 26b4959

Please sign in to comment.