Db refactoring (#2151)

Refactor database access to prepare migration away from SQLx

This refactoring introduces a DAO-based database abstraction and moves
SQL-specific logic out of scanner components into dedicated database
modules. The goal is to reduce coupling between business logic and the
current SQLx-based implementation and to make the database backend
easier to replace.

The change is motivated by existing workarounds around SQLx transaction
behavior and by the planned migration from sqlite to turso. This PR does
not perform the backend switch itself. Instead, it restructures queries,
stream handling, scheduling and related container-image-scanner/openvasd
database paths so the later migration can happen on a cleaner and more
isolated abstraction layer.

The refactoring also reduces the DAO surface to a smaller set of core
interfaces and aligns affected code paths with the new structure without
intending functional changes.

Author: nichtsfrei

rust/crates/greenbone-scanner-framework/src/entry/response/mod.rs

@@ -42,7 +42,7 @@ macro_rules! internal_server_error {
     }};
 }
 
-pub type StreamResult<'a, T, E> = Box<dyn Stream<Item = Result<T, E>> + Unpin + Send + 'a>;
+pub type StreamResult<T, E> = Pin<Box<dyn Stream<Item = Result<T, E>> + Send>>;
 
 pub trait BodyKindError {
     fn into_body_kind(self) -> BodyKind;
@@ -100,7 +100,7 @@ impl BodyKind {
     /// If it is an empty stgream it will return an BodyKind::Stream with an empty stream
     pub async fn from_result_stream<T, E>(
         status_code: StatusCode,
-        mut input: StreamResult<'static, T, E>,
+        mut input: StreamResult<T, E>,
     ) -> Self
     where
         T: Default + serde::Serialize + Send + 'static,

rust/crates/greenbone-scanner-framework/src/get_scans.rs

@@ -12,7 +12,7 @@ use crate::{
 };
 
 pub trait GetScans: Send + Sync {
-    fn get_scans(&self, client_id: String) -> StreamResult<'static, String, GetScansError>;
+    fn get_scans(&self, client_id: String) -> StreamResult<String, GetScansError>;
 }
 
 pub struct GetScansHandler<T> {
@@ -110,6 +110,7 @@ impl From<GetScansError> for BodyKind {
 
 #[cfg(test)]
 mod tests {
+
     use entry::test_utilities;
     use futures::stream;
     use http_body_util::{BodyExt, Empty};
@@ -127,15 +128,15 @@ mod tests {
     }
 
     impl GetScans for Test {
-        fn get_scans(&self, client_id: String) -> StreamResult<'static, String, GetScansError> {
+        fn get_scans(&self, client_id: String) -> StreamResult<String, GetScansError> {
             let ise = ClientHash::from("internal_server_error").to_string();
             if ise == client_id {
-                return Box::new(stream::iter(vec![Err(GetScansError::External(Box::new(
+                return Box::pin(stream::iter(vec![Err(GetScansError::External(Box::new(
                     io::Error::other("oh no"),
                 )))]));
             }
 
-            Box::new(stream::iter(vec![Ok(String::default())]))
+            Box::pin(stream::iter(vec![Ok(String::default())]))
         }
     }
 

rust/crates/greenbone-scanner-framework/src/get_scans_id.rs

@@ -12,10 +12,10 @@ use crate::{
 };
 
 pub trait GetScansId: MapScanID {
-    fn get_scans_id(
-        &self,
+    fn get_scans_id<'a>(
+        &'a self,
         id: String,
-    ) -> Pin<Box<dyn Future<Output = Result<models::Scan, GetScansIDError>> + Send + '_>>;
+    ) -> Pin<Box<dyn Future<Output = Result<models::Scan, GetScansIDError>> + Send + 'a>>;
 }
 
 pub struct GetScansIdHandler<T> {

rust/crates/greenbone-scanner-framework/src/get_scans_id_results.rs

@@ -17,7 +17,7 @@ pub trait GetScansIdResults: MapScanID {
         id: String,
         from: Option<usize>,
         to: Option<usize>,
-    ) -> StreamResult<'static, models::Result, GetScansIDResultsError>;
+    ) -> StreamResult<models::Result, GetScansIDResultsError>;
 }
 
 pub struct GetScansIdResultsHandler<T> {
@@ -163,10 +163,10 @@ mod tests {
             client_id: String,
             from: Option<usize>,
             to: Option<usize>,
-        ) -> StreamResult<'static, models::Result, GetScansIDResultsError> {
+        ) -> StreamResult<models::Result, GetScansIDResultsError> {
             let ise = ClientHash::from("internal_server_error").to_string();
             if ise == client_id {
-                return Box::new(stream::iter(vec![Err(GetScansError::External(Box::new(
+                return Box::pin(stream::iter(vec![Err(GetScansError::External(Box::new(
                     io::Error::other("oh no"),
                 )))]));
             }
@@ -186,7 +186,7 @@ mod tests {
                 })
                 .collect();
 
-            Box::new(stream::iter(result))
+            Box::pin(stream::iter(result))
         }
     }
 

rust/crates/greenbone-scanner-framework/src/get_vts.rs

@@ -10,9 +10,9 @@ use crate::{
 };
 
 pub trait GetVts: Send + Sync {
-    fn get_oids(&self, client_id: String) -> StreamResult<'static, String, GetVTsError>;
+    fn get_oids(&self, client_id: String) -> StreamResult<String, GetVTsError>;
 
-    fn get_vts(&self, client_id: String) -> StreamResult<'static, VTData, GetVTsError>;
+    fn get_vts(&self, client_id: String) -> StreamResult<VTData, GetVTsError>;
 }
 
 pub struct GetVTsHandler<T> {
@@ -127,7 +127,7 @@ mod tests {
     }
 
     impl GetVts for Test {
-        fn get_oids(&self, client_id: String) -> StreamResult<'static, String, GetVTsError> {
+        fn get_oids(&self, client_id: String) -> StreamResult<String, GetVTsError> {
             let ok = ClientHash::from("ok").to_string();
             let not_found = ClientHash::from("not_found").to_string();
             let unknown = "unknown".to_string();
@@ -141,11 +141,11 @@ mod tests {
                 ))))]
             };
             //stream::iter(result)
-            Box::new(stream::iter(result))
+            Box::pin(stream::iter(result))
         }
 
-        fn get_vts(&self, _: String) -> StreamResult<'static, VTData, GetVTsError> {
-            Box::new(stream::iter(vec![Ok(VTData::default())]))
+        fn get_vts(&self, _: String) -> StreamResult<VTData, GetVTsError> {
+            Box::pin(stream::iter(vec![Ok(VTData::default())]))
         }
     }
 

rust/crates/greenbone-scanner-framework/src/lib.rs

@@ -68,6 +68,7 @@ pub mod prelude {
         GetScansIdResultsId, GetScansIdStatus, GetScansPreferences, MapScanID, PostScans,
         PostScansError, StreamResult,
         delete_scans_id::{DeleteScansIDError, DeleteScansId},
+        entry::Prefixed,
         models,
         post_scans_id::{PostScansIDError, PostScansId},
     };

rust/examples/container_image_scanning/local-registry/Makefile

@@ -73,7 +73,7 @@ certs/domain.crt:
 auth-server:
 	$(CONTAINER) run -d \
 		--name auth_server \
-		-p 5001:5001 \
+		-p 127.0.0.1:5001:5001 \
 		-v "$(BASE_PATH)/config:/config" \
 		-v "$(BASE_PATH)/auth:/config/auth" \
 		-v "$(BASE_PATH)/certs:/certs" \
@@ -91,7 +91,7 @@ rm-auth-server: stop-auth-server
 docker-registry: 
 	$(CONTAINER) run -d \
 		--name registry \
-		-p 5000:5000 \
+		-p 127.0.0.1:5000:5000 \
 		-v "$(BASE_PATH)/certs:/certs" \
 		-e REGISTRY_AUTH=token \
 		-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \

rust/migrations/20250711070445_init.sql

@@ -100,6 +100,7 @@ CREATE TABLE vt_parameters (
     FOREIGN KEY (id, vt) REFERENCES vts(id, vt) ON DELETE CASCADE
 );
 
+
 -- maybe just store the json as a blob as we just get the data for id and result_id but never actually work with the data
 CREATE TABLE results (
     id INTEGER,

rust/migrations/20260303134810_standardize-results.sql

@@ -0,0 +1,4 @@
+-- Formalizes the name of the fields across container_image_scanner and nasl
+ALTER TABLE results RENAME COLUMN id TO scan_id;
+ALTER TABLE results RENAME COLUMN result_id TO id;
+

rust/src/lib.rs

@@ -28,9 +28,9 @@ use std::pin::Pin;
 use futures::Stream;
 pub use greenbone_scanner_framework::models;
 
-pub type PinBoxFut<T> = Pin<Box<dyn Future<Output = T> + Send>>;
-pub type PinBoxFutRef<'a, T> = Pin<Box<dyn Future<Output = T> + Send + Sync + 'a>>;
-pub type Streamer<T> = Pin<Box<dyn Stream<Item = T> + Send + Sync>>;
+pub type Promise<T> = Pin<Box<dyn Future<Output = T> + Send>>;
+pub type PromiseRef<'a, T> = Pin<Box<dyn Future<Output = T> + Send + 'a>>;
+pub type Streamer<T> = Pin<Box<dyn Stream<Item = T> + Send>>;
 pub type ExternalError = Box<dyn std::error::Error + Send + Sync + 'static>;
 
 pub const SQLITE_LIMIT_VARIABLE_NUMBER: usize = 32766;