feat(db): enable concurrent access to vulnerability database (#9750)

Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>

internal/dbtest/db.go

@@ -6,10 +6,12 @@ import (
 	"testing"
 	"time"
 
+	"github.com/samber/lo"
 	"github.com/stretchr/testify/require"
 
 	fixtures "github.com/aquasecurity/bolt-fixtures"
 	trivydb "github.com/aquasecurity/trivy-db/pkg/db"
+	"github.com/aquasecurity/trivy-db/pkg/metadata"
 	jdb "github.com/aquasecurity/trivy-java-db/pkg/db"
 	"github.com/aquasecurity/trivy/pkg/db"
 )
@@ -40,6 +42,38 @@ func Close() error {
 	return db.Close()
 }
 
+// InitWithMetadata initializes a database with optional metadata and DB file creation.
+// If meta is empty, no metadata file is created.
+// If createDBFile is false, no DB file is created (useful for testing "DB not found" scenarios).
+// Returns the dbDir path.
+func InitWithMetadata(t *testing.T, meta metadata.Metadata, createDBFile bool) string {
+	t.Helper()
+
+	cacheDir := t.TempDir()
+	dbDir := db.Dir(cacheDir)
+
+	// Create metadata if provided
+	if !lo.IsEmpty(meta) {
+		metaClient := metadata.NewClient(dbDir)
+		err := metaClient.Update(meta)
+		require.NoError(t, err)
+	}
+
+	// Create DB file if requested
+	if createDBFile {
+		// First, create the DB file using trivy-db directly in write mode
+		err := trivydb.Init(dbDir)
+		require.NoError(t, err)
+		require.NoError(t, trivydb.Close())
+
+		// Then open it in read-only mode using our wrapper
+		err = db.Init(dbDir)
+		require.NoError(t, err)
+	}
+
+	return dbDir
+}
+
 func InitJavaDB(t *testing.T, cacheDir string) {
 	dbDir := filepath.Join(cacheDir, "java-db")
 	javaDB, err := jdb.New(dbDir)