refactor: don't use global Config in private func (#1197)

* refactor: cve_client.go

* refactor: don't use global Config in private func

* remove import alias for config

* refactor: dbclient

* refactor: resultDir

* refactor: resultsDir

* refactor

* refactor: gost

* refactor: db client

* refactor: cveDB

* refactor: cvedb

* refactor: exploitDB

* refactor: remove detector/dbclient.go

* refactor: writer

* refactor: syslog writer

* refactor: ips

* refactor: ensureResultDir

* refactor: proxy

* fix(db): call CloseDB

* add integration test

* feat(report): sort array in json

* sort func for json diff

* add build-int to makefile

* add int-rds-redis to makefile

* fix: test case, makefile

* fix makefile

* show cve count after diff

* make diff

* diff -c

* sort exploits in json for diff

* sort metasploit, exploit

oval/debian.go

@@ -11,7 +11,6 @@ import (
 	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
-	"github.com/kotakanbe/goval-dictionary/db"
 	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
 )
 
@@ -111,18 +110,19 @@ type Debian struct {
 }
 
 // NewDebian creates OVAL client for Debian
-func NewDebian() Debian {
+func NewDebian(cnf config.VulnDictInterface) Debian {
 	return Debian{
 		DebianBase{
 			Base{
 				family: constant.Debian,
+				Cnf:    cnf,
 			},
 		},
 	}
 }
 
 // FillWithOval returns scan result after updating CVE info by OVAL
-func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+func (o Debian) FillWithOval(r *models.ScanResult) (nCVEs int, err error) {
 
 	//Debian's uname gives both of kernel release(uname -r), version(kernel-image version)
 	linuxImage := "linux-image-" + r.RunningKernel.Release
@@ -141,19 +141,29 @@ func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 	}
 
 	var relatedDefs ovalResult
-	if config.Conf.OvalDict.IsFetchViaHTTP() {
+	if o.Cnf.IsFetchViaHTTP() {
 		if r.Family != constant.Raspbian {
-			if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			if relatedDefs, err = getDefsByPackNameViaHTTP(r, o.Cnf.GetURL()); err != nil {
 				return 0, err
 			}
 		} else {
 			// OVAL does not support Package for Raspbian, so skip it.
 			result := r.RemoveRaspbianPackFromResult()
-			if relatedDefs, err = getDefsByPackNameViaHTTP(&result); err != nil {
+			if relatedDefs, err = getDefsByPackNameViaHTTP(&result, o.Cnf.GetURL()); err != nil {
 				return 0, err
 			}
 		}
 	} else {
+		driver, err := newOvalDB(o.Cnf, r.Family)
+		if err != nil {
+			return 0, err
+		}
+		defer func() {
+			if err := driver.CloseDB(); err != nil {
+				logging.Log.Errorf("Failed to close DB. err: %+v")
+			}
+		}()
+
 		if r.Family != constant.Raspbian {
 			if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
 				return 0, err
@@ -201,18 +211,19 @@ type Ubuntu struct {
 }
 
 // NewUbuntu creates OVAL client for Debian
-func NewUbuntu() Ubuntu {
+func NewUbuntu(cnf config.VulnDictInterface) Ubuntu {
 	return Ubuntu{
 		DebianBase{
 			Base{
 				family: constant.Ubuntu,
+				Cnf:    cnf,
 			},
 		},
 	}
 }
 
 // FillWithOval returns scan result after updating CVE info by OVAL
-func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+func (o Ubuntu) FillWithOval(r *models.ScanResult) (nCVEs int, err error) {
 	switch util.Major(r.Release) {
 	case "14":
 		kernelNamesInOval := []string{
@@ -228,7 +239,7 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 			"linux-signed-lts-xenial",
 			"linux",
 		}
-		return o.fillWithOval(driver, r, kernelNamesInOval)
+		return o.fillWithOval(r, kernelNamesInOval)
 	case "16":
 		kernelNamesInOval := []string{
 			"linux-aws",
@@ -263,7 +274,7 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 			"linux-snapdragon",
 			"linux",
 		}
-		return o.fillWithOval(driver, r, kernelNamesInOval)
+		return o.fillWithOval(r, kernelNamesInOval)
 	case "18":
 		kernelNamesInOval := []string{
 			"linux-aws",
@@ -318,7 +329,7 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 			"linux-snapdragon",
 			"linux",
 		}
-		return o.fillWithOval(driver, r, kernelNamesInOval)
+		return o.fillWithOval(r, kernelNamesInOval)
 	case "20":
 		kernelNamesInOval := []string{
 			"linux-aws",
@@ -346,12 +357,12 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 			"linux-signed-oracle",
 			"linux",
 		}
-		return o.fillWithOval(driver, r, kernelNamesInOval)
+		return o.fillWithOval(r, kernelNamesInOval)
 	}
 	return 0, fmt.Errorf("Ubuntu %s is not support for now", r.Release)
 }
 
-func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOval []string) (nCVEs int, err error) {
+func (o Ubuntu) fillWithOval(r *models.ScanResult, kernelNamesInOval []string) (nCVEs int, err error) {
 	linuxImage := "linux-image-" + r.RunningKernel.Release
 	runningKernelVersion := ""
 	kernelPkgInOVAL := ""
@@ -417,11 +428,21 @@ func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOv
 	}
 
 	var relatedDefs ovalResult
-	if config.Conf.OvalDict.IsFetchViaHTTP() {
-		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+	if o.Cnf.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r, o.Cnf.GetURL()); err != nil {
 			return 0, err
 		}
 	} else {
+		driver, err := newOvalDB(o.Cnf, r.Family)
+		if err != nil {
+			return 0, err
+		}
+		defer func() {
+			if err := driver.CloseDB(); err != nil {
+				logging.Log.Errorf("Failed to close DB. err: %+v")
+			}
+		}()
+
 		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
 			return 0, err
 		}