Incorporate docker host and context functionality (#8)
This commit is contained in:
Родитель
62afe56e7f
Коммит
f1e39745dc
|
@ -9,7 +9,7 @@ on:
|
|||
- "v*"
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.17.x"
|
||||
GO_VERSION: "1.18.x"
|
||||
|
||||
jobs:
|
||||
quality-gate:
|
||||
|
|
|
@ -7,7 +7,7 @@ on:
|
|||
pull_request:
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.17.x"
|
||||
GO_VERSION: "1.18.x"
|
||||
|
||||
jobs:
|
||||
|
||||
|
|
2
Makefile
2
Makefile
|
@ -68,7 +68,7 @@ $(RESULTS_DIR):
|
|||
bootstrap-tools:
|
||||
$(call title,Bootstrapping tools)
|
||||
mkdir -p $(TEMP_DIR)
|
||||
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TEMP_DIR)/ v1.42.1
|
||||
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TEMP_DIR)/ v1.45.0
|
||||
curl -sSfL https://raw.githubusercontent.com/wagoodman/go-bouncer/master/bouncer.sh | sh -s -- -b $(TEMP_DIR)/ v0.3.0
|
||||
curl -sSfL https://raw.githubusercontent.com/anchore/chronicle/main/install.sh | sh -s -- -b $(TEMP_DIR)/ v0.3.0
|
||||
.github/scripts/goreleaser-install.sh -b $(TEMP_DIR)/ v1.5.0
|
||||
|
|
68
cmd/root.go
68
cmd/root.go
|
@ -2,6 +2,7 @@ package cmd
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
@ -19,7 +20,9 @@ import (
|
|||
"github.com/wagoodman/go-partybus"
|
||||
|
||||
"github.com/anchore/stereoscope"
|
||||
"github.com/anchore/stereoscope/pkg/file"
|
||||
"github.com/anchore/stereoscope/pkg/image"
|
||||
stereoscopeDocker "github.com/anchore/stereoscope/pkg/image/docker"
|
||||
"github.com/anchore/syft/syft"
|
||||
"github.com/anchore/syft/syft/event"
|
||||
"github.com/anchore/syft/syft/pkg/cataloger"
|
||||
|
@ -37,7 +40,7 @@ const (
|
|||
shortDescription = "View the packaged-based Software Bill Of Materials (SBOM) for an image"
|
||||
)
|
||||
|
||||
func cmd(_ command.Cli) *cobra.Command {
|
||||
func cmd(dockerCli command.Cli) *cobra.Command {
|
||||
c := &cobra.Command{
|
||||
Use: "sbom",
|
||||
Short: shortDescription,
|
||||
|
@ -47,7 +50,7 @@ func cmd(_ command.Cli) *cobra.Command {
|
|||
SilenceUsage: true,
|
||||
SilenceErrors: true,
|
||||
Version: version.FromBuild().Version,
|
||||
RunE: run,
|
||||
RunE: newRunner(dockerCli).run,
|
||||
ValidArgsFunction: dockerImageValidArgsFunction,
|
||||
}
|
||||
|
||||
|
@ -174,7 +177,17 @@ func validateInputArgs(cmd *cobra.Command, args []string) error {
|
|||
return cobra.ExactArgs(1)(cmd, args)
|
||||
}
|
||||
|
||||
func run(_ *cobra.Command, args []string) error {
|
||||
type runner struct {
|
||||
client command.Cli
|
||||
}
|
||||
|
||||
func newRunner(client command.Cli) runner {
|
||||
return runner{
|
||||
client: client,
|
||||
}
|
||||
}
|
||||
|
||||
func (r runner) run(_ *cobra.Command, args []string) error {
|
||||
writer, err := makeWriter([]string{appConfig.Format}, appConfig.Output)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -186,16 +199,16 @@ func run(_ *cobra.Command, args []string) error {
|
|||
}
|
||||
}()
|
||||
|
||||
si := source.Input{
|
||||
UserInput: args[0],
|
||||
Scheme: source.ImageScheme,
|
||||
ImageSource: image.DockerDaemonSource,
|
||||
Location: args[0],
|
||||
Platform: appConfig.Platform,
|
||||
var platform *image.Platform
|
||||
if appConfig.Platform != "" {
|
||||
platform, err = image.NewPlatform(appConfig.Platform)
|
||||
if err != nil {
|
||||
return fmt.Errorf("invalid platform provided: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
return eventLoop(
|
||||
sbomExecWorker(si, writer),
|
||||
sbomExecWorker(args[0], r.client, platform, writer),
|
||||
setupSignals(),
|
||||
eventSubscription,
|
||||
stereoscope.Cleanup,
|
||||
|
@ -236,21 +249,42 @@ func generateSBOM(src *source.Source) (*sbom.SBOM, error) {
|
|||
return &s, nil
|
||||
}
|
||||
|
||||
func sbomExecWorker(si source.Input, writer sbom.Writer) <-chan error {
|
||||
func sbomExecWorker(userInput string, dockerCli command.Cli, platform *image.Platform, writer sbom.Writer) <-chan error {
|
||||
errs := make(chan error)
|
||||
go func() {
|
||||
defer close(errs)
|
||||
|
||||
src, cleanup, err := source.New(si, nil, appConfig.Exclusions)
|
||||
if cleanup != nil {
|
||||
defer cleanup()
|
||||
}
|
||||
provider := stereoscopeDocker.NewProviderFromDaemon(
|
||||
userInput,
|
||||
file.NewTempDirGenerator(internal.ApplicationName),
|
||||
dockerCli.Client(),
|
||||
platform,
|
||||
)
|
||||
img, err := provider.Provide(context.Background())
|
||||
defer func() {
|
||||
if err := img.Cleanup(); err != nil {
|
||||
log.Warnf("failed to clean up image: %+v", err)
|
||||
}
|
||||
}()
|
||||
if err != nil {
|
||||
errs <- fmt.Errorf("failed to construct source from user input %q: %w", si.UserInput, err)
|
||||
errs <- fmt.Errorf("failed to fetch the image %q: %w", userInput, err)
|
||||
return
|
||||
}
|
||||
|
||||
s, err := generateSBOM(src)
|
||||
err = img.Read()
|
||||
if err != nil {
|
||||
errs <- fmt.Errorf("failed to read the image %q: %w", userInput, err)
|
||||
return
|
||||
}
|
||||
|
||||
src, err := source.NewFromImage(img, userInput)
|
||||
if err != nil {
|
||||
errs <- fmt.Errorf("failed to construct source from user input %q: %w", userInput, err)
|
||||
return
|
||||
}
|
||||
src.Exclusions = appConfig.Exclusions
|
||||
|
||||
s, err := generateSBOM(&src)
|
||||
if err != nil {
|
||||
errs <- err
|
||||
return
|
||||
|
|
15
go.mod
15
go.mod
|
@ -1,12 +1,12 @@
|
|||
module github.com/docker/sbom-cli-plugin
|
||||
|
||||
go 1.17
|
||||
go 1.18
|
||||
|
||||
require (
|
||||
github.com/Microsoft/hcsshim v0.9.2 // indirect
|
||||
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
|
||||
github.com/anchore/stereoscope v0.0.0-20220307154759-8a5a70c227d3
|
||||
github.com/anchore/syft v0.41.1
|
||||
github.com/anchore/stereoscope v0.0.0-20220322123031-7a744f443e99
|
||||
github.com/anchore/syft v0.42.2
|
||||
github.com/containerd/containerd v1.5.10 // indirect
|
||||
github.com/containerd/continuity v0.2.2 // indirect
|
||||
github.com/docker/cli v20.10.12+incompatible
|
||||
|
@ -15,7 +15,7 @@ require (
|
|||
github.com/fvbommel/sortorder v1.0.2 // indirect
|
||||
github.com/gookit/color v1.4.2
|
||||
github.com/hashicorp/go-multierror v1.1.1
|
||||
github.com/moby/sys/mount v0.3.0 // indirect
|
||||
github.com/moby/sys/mount v0.3.1 // indirect
|
||||
github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
github.com/spf13/cobra v1.3.0
|
||||
|
@ -33,13 +33,14 @@ require (
|
|||
|
||||
require (
|
||||
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
|
||||
github.com/CycloneDX/cyclonedx-go v0.4.0 // indirect
|
||||
github.com/CycloneDX/cyclonedx-go v0.5.0 // indirect
|
||||
github.com/Microsoft/go-winio v0.5.1 // indirect
|
||||
github.com/acobaugh/osrelease v0.1.0 // indirect
|
||||
github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
|
||||
github.com/anchore/go-rpmdb v0.0.0-20210914181456-a9c52348da63 // indirect
|
||||
github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 // indirect
|
||||
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b // indirect
|
||||
github.com/anchore/packageurl-go v0.0.0-20210922164639-b3fa992ebd29 // indirect
|
||||
github.com/anchore/packageurl-go v0.1.1-0.20220314153042-1bcd40e5206b // indirect
|
||||
github.com/andybalholm/brotli v1.0.4 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/bmatcuk/doublestar/v4 v4.0.2 // indirect
|
||||
|
@ -84,7 +85,7 @@ require (
|
|||
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
|
||||
github.com/mitchellh/mapstructure v1.4.3 // indirect
|
||||
github.com/moby/sys/mountinfo v0.5.0 // indirect
|
||||
github.com/moby/sys/mountinfo v0.6.0 // indirect
|
||||
github.com/morikuni/aec v1.0.0 // indirect
|
||||
github.com/nwaples/rardecode v1.1.0 // indirect
|
||||
github.com/olekukonko/tablewriter v0.0.5 // indirect
|
||||
|
|
1097
go.sum
1097
go.sum
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -35,7 +35,7 @@ func TestSBOMCmdFlags(t *testing.T) {
|
|||
assertInOutput("docker-sbom ("),
|
||||
assertInOutput("Provider:"),
|
||||
assertInOutput("GitDescription:"),
|
||||
assertInOutput("syft (v0.41.1)"),
|
||||
assertInOutput("syft (v0.42.2)"),
|
||||
assertNotInOutput("not provided"),
|
||||
assertSuccessfulReturnCode,
|
||||
},
|
||||
|
@ -55,7 +55,7 @@ func TestSBOMCmdFlags(t *testing.T) {
|
|||
args: []string{"sbom", "--format", "json", coverageImage},
|
||||
assertions: []traitAssertion{
|
||||
assertJsonReport,
|
||||
assertJsonDescriptor(internal.SyftName, "v0.41.1"),
|
||||
assertJsonDescriptor(internal.SyftName, "v0.42.2"),
|
||||
assertNotInOutput("not provided"),
|
||||
assertSuccessfulReturnCode,
|
||||
},
|
||||
|
|
Загрузка…
Ссылка в новой задаче