search

anchore / anchore-cli

Simple command-line client to the Anchore Engine service
Apache License 2.0
114 stars 55 forks source link

`system wait` does not block when pending feeds are running #112

Closed alfredodeza closed 4 years ago

alfredodeza commented 4 years ago

Several feeds are still syncing, but system wait is not blocking at all, succeeds immediately.

$ docker-compose exec api anchore-cli --version
anchore-cli, version 0.7.2
$ docker-compose exec api anchore-cli system feeds list
Feed                   Group                  LastSync                          RecordCount
github                 github:composer        pending                           None
github                 github:gem             pending                           None
github                 github:java            pending                           None
github                 github:npm             pending                           None
github                 github:nuget           pending                           None
github                 github:python          pending                           None
nvdv2                  nvdv2:cves             pending                           None
vulnerabilities        alpine:3.10            2020-08-26T14:41:19.511606        2019
vulnerabilities        alpine:3.11            2020-08-26T14:42:04.598297        2188
vulnerabilities        alpine:3.12            2020-08-26T14:42:55.878669        2344
vulnerabilities        alpine:3.2             2020-08-26T14:43:48.548301        303
vulnerabilities        alpine:3.3             2020-08-26T14:43:54.906246        470
vulnerabilities        alpine:3.4             2020-08-26T14:44:04.586408        681
vulnerabilities        alpine:3.5             2020-08-26T14:44:19.234334        901
vulnerabilities        alpine:3.6             2020-08-26T14:44:38.539103        1076
vulnerabilities        alpine:3.7             2020-08-26T14:45:03.174280        1407
vulnerabilities        alpine:3.8             2020-08-26T14:45:35.153871        1623
vulnerabilities        alpine:3.9             2020-08-26T14:46:10.703648        1834
vulnerabilities        amzn:2                 2020-08-26T14:46:51.733958        415
vulnerabilities        centos:5               2020-08-26T14:47:27.720146        1347
vulnerabilities        centos:6               2020-08-26T14:48:32.994842        1424
vulnerabilities        centos:7               2020-08-26T14:49:52.352413        1097
vulnerabilities        centos:8               2020-08-26T14:51:13.957534        328
vulnerabilities        debian:10              2020-08-26T14:51:53.162720        23405
vulnerabilities        debian:11              2020-08-26T14:59:07.265481        20589
vulnerabilities        debian:7               2020-08-26T15:05:49.978830        20455
vulnerabilities        debian:8               2020-08-26T15:12:41.984280        24058
vulnerabilities        debian:9               pending                           18000
vulnerabilities        debian:unstable        pending                           None
vulnerabilities        ol:5                   pending                           None
vulnerabilities        ol:6                   pending                           None
vulnerabilities        ol:7                   pending                           None
vulnerabilities        ol:8                   pending                           None
vulnerabilities        rhel:5                 pending                           None
vulnerabilities        rhel:6                 pending                           None
vulnerabilities        rhel:7                 pending                           None
vulnerabilities        rhel:8                 pending                           None
vulnerabilities        ubuntu:12.04           pending                           None
vulnerabilities        ubuntu:12.10           pending                           None
vulnerabilities        ubuntu:13.04           pending                           None
vulnerabilities        ubuntu:14.04           pending                           None
vulnerabilities        ubuntu:14.10           pending                           None
vulnerabilities        ubuntu:15.04           pending                           None
vulnerabilities        ubuntu:15.10           pending                           None
vulnerabilities        ubuntu:16.04           pending                           None
vulnerabilities        ubuntu:16.10           pending                           None
vulnerabilities        ubuntu:17.04           pending                           None
vulnerabilities        ubuntu:17.10           pending                           None
vulnerabilities        ubuntu:18.04           pending                           None
vulnerabilities        ubuntu:18.10           pending                           None
vulnerabilities        ubuntu:19.04           pending                           None
vulnerabilities        ubuntu:19.10           pending                           None
vulnerabilities        ubuntu:20.04           pending                           None

Immediately after, I run system wait, which takes about 2 seconds to complete:

$ docker-compose exec api anchore-cli --debug system wait
Starting checks to wait for anchore-engine to be available timeout=-1.0 interval=5.0
DEBUG:anchorecli.cli.system:Checking API availability for anchore-engine URL (http://localhost:8228)
API availability: Checking anchore-engine URL (http://localhost:8228)...
DEBUG:anchorecli.clients.apiexternal:As Account = None
DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): localhost:8228
DEBUG:urllib3.connectionpool:http://localhost:8228 "GET / HTTP/1.1" 200 5
DEBUG:anchorecli.cli.system:check access success
API availability: Success.
DEBUG:anchorecli.cli.system:Checking service set availability for anchore-engine URL (http://localhost:8228)
Service availability: Checking for service set (catalog,apiext,policy_engine,simplequeue,analyzer)...
DEBUG:anchorecli.clients.apiexternal:As Account = None
DEBUG:anchorecli.clients.apiexternal:GET url=http://localhost:8228/system
DEBUG:anchorecli.clients.apiexternal:GET insecure=True
DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): localhost:8228
DEBUG:urllib3.connectionpool:http://localhost:8228 "GET /system HTTP/1.1" 200 3872
DEBUG:anchorecli.cli.utils:fetched httpcode from response: 200
DEBUG:anchorecli.cli.system:full set of available engine services detected
Service availability: Success.
DEBUG:anchorecli.cli.system:Checking feed sync status for anchore-engine URL (http://localhost:8228)
Feed sync: Checking sync completion for feed set (vulnerabilities)...
DEBUG:anchorecli.clients.apiexternal:As Account = None
DEBUG:anchorecli.clients.apiexternal:GET url=http://localhost:8228/system/feeds
DEBUG:anchorecli.clients.apiexternal:GET insecure=True
DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): localhost:8228
DEBUG:urllib3.connectionpool:http://localhost:8228 "GET /system/feeds HTTP/1.1" 200 13392
DEBUG:anchorecli.cli.system:response show feed name=github was last_full_sync=None
DEBUG:anchorecli.cli.system:response show feed name=nvdv2 was last_full_sync=None
DEBUG:anchorecli.cli.system:response show feed name=vulnerabilities was last_full_sync=2020-08-26T15:22:16.850508
DEBUG:anchorecli.cli.system:all requests feeds have been synced
Feed sync: Success.
zhill commented 4 years ago

Looks like an issue with 'last_full_sync' and the API contract for that.

Btodhunter commented 4 years ago

I also testing this with anchore-cli system wait --feedsready github while I had github advisories pending & it didn't block.

Btodhunter commented 4 years ago

Fixed with #116