in internal/vulnerability/verifier.go [87:132]
func (f VulnerabilityVerifier) verify(ctx context.Context, snap ec2.EBSSnapshot) {
f.log.Info("Starting VulnerabilityVerifier.verify")
timer := time.After(f.timeout)
for {
select {
case <-timer:
f.log.Warnf(
"VulnerabilityVerifier.verify timed out waiting for snapshot %s, Encrypted: %t",
snap.SnapshotId,
snap.IsEncrypted,
)
return
case <-ctx.Done():
f.log.Info("VulnerabilityVerifier.verify context canceled")
return
case <-time.After(f.interval):
sp, err := f.provider.DescribeSnapshots(ctx, snap)
if err != nil {
f.log.Errorf("VulnerabilityVerifier.verify.DescribeSnapshots failed: %v", err)
continue
}
// TODO: Add a layer of "smart" cache to avoid checking and sending the same snapshot
// and not to wait on all snapshots to be completed, sending them periodically
allCompleted := true
for _, i := range sp {
if i.State != types.SnapshotStateCompleted {
f.log.Infof("VulnerabilityVerifier.verify.VerifySnapshot snapshot not completed yet - %s, instanceId: %s", snap.SnapshotId, *snap.Instance.InstanceId)
allCompleted = false
break
}
}
if allCompleted {
for _, i := range sp {
select {
case <-ctx.Done():
f.log.Info("VulnerabilityVerifier.verify context canceled")
return
case f.ch <- i:
}
}
f.log.Infof("VulnerabilityVerifier.verify.VerifySnapshot snapshot completed %s, instanceId: %s", snap.SnapshotId, *snap.Instance.InstanceId)
return
}
}
}
}