Naming of matchers

[chrillux]

Hello.

I tried to run Clair in combo mode and defined a couple of matchers in the config file. I noticed that Clair was not able to find any vulnerabilities for the images I was scanning.

My matchers.names config looked like this:

matchers:
  names:
    - alpine
    - debian

I had a look in libvuln opts file and found this comment. Which seems to imply that these are the matcher names and I should use them to configure Clair. That also was the case in the Clair documentation where it states these names.

I however dug into the code a little deeper and saw that some matchers are named <name>-matcher e.g alpine is named alpine-matcher, as well as Debian, AWS Linux and Ubuntu. The others are named just <name> (which is what I expected for the others as well).

So if I change my config to

matchers:
  names:
    - alpine-matcher
    - debian-matcher

Now Clair is able to match vulnerabilities and things work correctly as far as I can see.

I am fairly new to Clair so I might have missed something that maybe is obvious to others. But my question is, is this intended behaviour? To me it would make more sense if the names followed the same naming, i.e all matchers could be named just <name> and not <name>-matcher. If this is not feasible for some reason then I think it should be clearer in the documentation what the names are.

Thanks in advance

[hdonnay]

Yeah, this is a mess.