From 87ee829e8004ada1e3b1ad4b71d8b63ea97fe2b2 Mon Sep 17 00:00:00 2001
From: Kota Kanbe <kotakanbe@gmail.com>
Date: Wed, 12 Jun 2019 14:44:42 +0900
Subject: [PATCH] fix(scan): exec `yum makecache` to update metadata on RedHat
 based linux (#810)

* fix(scan): exec `yum makecache` to update metadata on RedHat based linux

* sudo
---
 scan/amazon.go     |  4 ++++
 scan/centos.go     |  4 ++++
 scan/oracle.go     |  4 ++++
 scan/redhatbase.go | 18 ++++++++++++++++--
 scan/rhel.go       |  4 ++++
 5 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/scan/amazon.go b/scan/amazon.go
index 63fd4597..fa57e4a5 100644
--- a/scan/amazon.go
+++ b/scan/amazon.go
@@ -111,3 +111,7 @@ func (o rootPrivAmazon) yumUpdateInfo() bool {
 func (o rootPrivAmazon) yumChangelog() bool {
 	return false
 }
+
+func (o rootPrivAmazon) yumMakeCache() bool {
+	return false
+}
diff --git a/scan/centos.go b/scan/centos.go
index c6f7395b..95d9ee0a 100644
--- a/scan/centos.go
+++ b/scan/centos.go
@@ -118,3 +118,7 @@ func (o rootPrivCentos) yumUpdateInfo() bool {
 func (o rootPrivCentos) yumChangelog() bool {
 	return false
 }
+
+func (o rootPrivCentos) yumMakeCache() bool {
+	return false
+}
diff --git a/scan/oracle.go b/scan/oracle.go
index 3147eb08..b646a7e6 100644
--- a/scan/oracle.go
+++ b/scan/oracle.go
@@ -165,3 +165,7 @@ func (o rootPrivOracle) yumUpdateInfo() bool {
 func (o rootPrivOracle) yumChangelog() bool {
 	return false
 }
+
+func (o rootPrivOracle) yumMakeCache() bool {
+	return true
+}
diff --git a/scan/redhatbase.go b/scan/redhatbase.go
index 4cef57d3..232165ba 100644
--- a/scan/redhatbase.go
+++ b/scan/redhatbase.go
@@ -145,6 +145,7 @@ type rootPriv interface {
 	yumRepolist() bool
 	yumUpdateInfo() bool
 	yumChangelog() bool
+	yumMakeCache() bool
 }
 
 type cmd struct {
@@ -192,7 +193,7 @@ func (o *redhatBase) preCure() error {
 func (o *redhatBase) postScan() error {
 	if o.isExecYumPS() {
 		if err := o.yumPS(); err != nil {
-			return xerrors.Errorf("Failed to execute yum-ps: %w", err)
+			return xerrors.Errorf("Failed to execute yum-ps. err: %w", err)
 		}
 	}
 	if o.isExecNeedsRestarting() {
@@ -351,7 +352,20 @@ func (o *redhatBase) parseInstalledPackagesLine(line string) (models.Package, er
 	}, nil
 }
 
+func (o *redhatBase) yumMakeCache() error {
+	cmd := `yum makecache`
+	r := o.exec(util.PrependProxyEnv(cmd), o.sudo.yumMakeCache())
+	if !r.isSuccess() {
+		return xerrors.Errorf("Failed to SSH: %s", r)
+	}
+	return nil
+}
+
 func (o *redhatBase) scanUpdatablePackages() (models.Packages, error) {
+	if err := o.yumMakeCache(); err != nil {
+		return nil, xerrors.Errorf("Failed to `yum makecache`: %w", err)
+	}
+
 	cmd := `repoquery --all --pkgnarrow=updates --qf="%{NAME} %{EPOCH} %{VERSION} %{RELEASE} %{REPO}"`
 	for _, repo := range o.getServerInfo().Enablerepo {
 		cmd += " --enablerepo=" + repo
@@ -510,7 +524,7 @@ func (o *redhatBase) scanUnsecurePackages(updatable models.Packages) (models.Vul
 		return o.scanUsingYum(updatable)
 	}
 
-	// Parse chnagelog because CentOS does not have security channel...
+	// Parse changelog because CentOS does not have security channel...
 	if o.isExecScanChangelogs() {
 		return o.scanChangelogs(updatable)
 	}
diff --git a/scan/rhel.go b/scan/rhel.go
index ceb6142d..c8d06184 100644
--- a/scan/rhel.go
+++ b/scan/rhel.go
@@ -156,3 +156,7 @@ func (o rootPrivRHEL) yumUpdateInfo() bool {
 func (o rootPrivRHEL) yumChangelog() bool {
 	return true
 }
+
+func (o rootPrivRHEL) yumMakeCache() bool {
+	return true
+}