This repository contains the central entrypoint to the Garden Linux Vulnerability Database (glvd) project. It implements an application to track security vulnerabilities in Garden Linux.
Note
GLVD is work in progress and does not provide a stable api yet.
The code of glvd is located in multiple repositories inside the gardenlinux org on GitHub.
glvd is implemented in various components.
A postgres database is the central component of glvd. This repository contains a Containerfile to run this database.
Data ingestion creates the required database schema and imports data from external sources such as NVD and the debian security tracker.
The backend api exposed an HTTP API to get data out of the database.
It also contains a simple web interface.
The client is available in the Garden Linux APT repo.
Manifest files for a kubernetes deployment are located in deployment/k8s. Those deployments are used to create setup of glvd on a Gardener cluster.
See the deploy-k8s.sh script for details.
A setup for Compose can be found in deployment/compose/compose.yaml.
Example command to start locally:
podman compose --file deployment/compose/compose.yaml upThis will give you a running instance of the database and the backend, but the database has no schema and no data.
To init the db, you may run something like:
podman run -it --rm --network=compose_glvd --env PGHOST=glvd-postgres ghcr.io/gardenlinux/glvd-init:latestNote that this will wipe the existing database, so in case you want to keep data be sure to back it up.