internal/worker: remove govulncheck.WorkVersion.VulnVersion
The VulnVersion field recorded the version of the golang.org/x/vuln
module, so changes to that module would trigger re-scanning.
But the WorkerVersion field, which holds the docker image ID, subsumes
that: a change to the version of x/vuln linked into the worker binary
implies a changed docker image.
Furthermore, now that we run govulncheck in a separate process, the
version of the module linked into the worker is irrelevant.
Change-Id: I332615280b57b0636d53efd2e42926ad120f7026
Reviewed-on: https://go-review.googlesource.com/c/pkgsite-metrics/+/483697
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
diff --git a/internal/govulncheck/govulncheck.go b/internal/govulncheck/govulncheck.go
index df221d9..bfbf4ba 100644
--- a/internal/govulncheck/govulncheck.go
+++ b/internal/govulncheck/govulncheck.go
@@ -138,8 +138,6 @@
WorkerVersion string `bigquery:"worker_version"`
// The version of the bigquery schema.
SchemaVersion string ` bigquery:"schema_version"`
- // The version of the golang.org/x/vuln module used by the current module.
- VulnVersion string `bigquery:"x_vuln_version"`
// When the vuln DB was last modified.
VulnDBLastModified time.Time `bigquery:"vulndb_last_modified"`
}
@@ -151,7 +149,6 @@
return v1.GoVersion == v2.GoVersion &&
v1.WorkerVersion == v2.WorkerVersion &&
v1.SchemaVersion == v2.SchemaVersion &&
- v1.VulnVersion == v2.VulnVersion &&
v1.VulnDBLastModified.Equal(v2.VulnDBLastModified)
}
@@ -197,7 +194,7 @@
m := map[[2]string]*WorkVersion{}
query := bigquery.PartitionQuery{
Table: c.FullTableName(TableName),
- Columns: "module_path, version, go_version, worker_version, schema_version, x_vuln_version, vulndb_last_modified",
+ Columns: "module_path, version, go_version, worker_version, schema_version, vulndb_last_modified",
PartitionOn: "module_path, sort_version",
OrderBy: "created_at DESC",
}.String()
diff --git a/internal/govulncheck/govulncheck_test.go b/internal/govulncheck/govulncheck_test.go
index b50014f..a6a1ef6 100644
--- a/internal/govulncheck/govulncheck_test.go
+++ b/internal/govulncheck/govulncheck_test.go
@@ -185,7 +185,6 @@
GoVersion: "go1.19.6",
WorkerVersion: "1",
SchemaVersion: "s",
- VulnVersion: "2",
VulnDBLastModified: tm,
},
}
diff --git a/internal/worker/govulncheck.go b/internal/worker/govulncheck.go
index aa5d06e..b04b3ad 100644
--- a/internal/worker/govulncheck.go
+++ b/internal/worker/govulncheck.go
@@ -6,9 +6,6 @@
import (
"context"
- "errors"
- "fmt"
- "runtime/debug"
"golang.org/x/pkgsite-metrics/internal"
"golang.org/x/pkgsite-metrics/internal/derrors"
@@ -50,10 +47,6 @@
if err != nil {
return nil, err
}
- vulnVersion, err := readVulnVersion()
- if err != nil {
- return nil, err
- }
goEnv, err := internal.GoEnv()
if err != nil {
return nil, err
@@ -63,28 +56,8 @@
VulnDBLastModified: lmt,
WorkerVersion: h.cfg.VersionID,
SchemaVersion: govulncheck.SchemaVersion,
- VulnVersion: vulnVersion,
}
log.Infof(ctx, "govulncheck work version: %+v", h.workVersion)
}
return h.workVersion, nil
}
-
-// readVulnVersion returns the version of the golang.org/x/vuln module linked into
-// the current binary.
-func readVulnVersion() (string, error) {
- const modulePath = "golang.org/x/vuln"
- info, ok := debug.ReadBuildInfo()
- if !ok {
- return "", errors.New("vuln version not available")
- }
- for _, mod := range info.Deps {
- if mod.Path == modulePath {
- if mod.Replace != nil {
- mod = mod.Replace
- }
- return mod.Version, nil
- }
- }
- return "", fmt.Errorf("module %s not found", modulePath)
-}
