rm unused dkpg metadata, add dpkg source field, add analyzer source name

imgbom/analyzer/dpkg/analyzer.go

@@ -59,6 +59,7 @@ func (a *Analyzer) Analyze(contents map[file.Reference]string) ([]pkg.Package, e
 				Name:     entry.Package,
 				Version:  entry.Version,
 				Type:     pkg.DebPkg,
+				FoundBy:  a.Name(),
 				Source:   []file.Reference{reference},
 				Metadata: entry,
 			})

imgbom/analyzer/dpkg/parser_test.go

@@ -25,22 +25,8 @@ func TestSinglePackage(t *testing.T) {
 			name: "Test Single Package",
 			expected: pkg.DpkgMetadata{
 				Package: "apt",
-				Status:         "install ok installed",
+				Source:  "apt-dev",
-				Priority:       "required",
-				InstalledSize:  "4064",
-				Maintainer:     "APT Development Team <deity@lists.debian.org>",
-				Architecture:   "amd64",
 				Version: "1.8.2",
-				ReplacesPkgs:   "apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)",
-				ProvidesPkgs:   "apt-transport-https (= 1.8.2)",
-				DependsPkgs:    "adduser, gpgv | gpgv2 | gpgv1, debian-archive-keyring, libapt-pkg5.0 (>= 1.7.0~alpha3~), libc6 (>= 2.15), libgcc1 (>= 1:3.0), libgnutls30 (>= 3.6.6), libseccomp2 (>= 1.0.1), libstdc++6 (>= 5.2)",
-				RecommendsPkgs: "ca-certificates",
-				SuggestsPkgs:   "apt-doc, aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), gnupg | gnupg2 | gnupg1, powermgmt-base",
-				ConfigFiles: `
- /etc/apt/apt.conf.d/01autoremove 76120d358bc9037bb6358e737b3050b5
- /etc/cron.daily/apt-compat 49e9b2cfa17849700d4db735d04244f3
- /etc/kernel/postinst.d/apt-auto-removal 4ad976a68f045517cf4696cec7b8aa3a
- /etc/logrotate.d/apt 179f2ed4f85cbaca12fa3d69c2a4a1c3`,
 			},
 		},
 	}
@@ -66,7 +52,6 @@ func TestSinglePackage(t *testing.T) {
 			}
 
 			compareEntries(t, entry, test.expected)
-
 		})
 	}
 }
@@ -81,34 +66,12 @@ func TestMultiplePackages(t *testing.T) {
 			expected: []pkg.DpkgMetadata{
 				{
 					Package: "tzdata",
-					Status:        "install ok installed",
-					Priority:      "required",
-					InstalledSize: "3036",
-					Maintainer:    "GNU Libc Maintainers <debian-glibc@lists.debian.org>",
-					Architecture:  "all",
 					Version: "2020a-0+deb10u1",
-					ReplacesPkgs:  "libc0.1, libc0.3, libc6, libc6.1",
+					Source:  "tzdata-dev",
-					ProvidesPkgs:  "tzdata-buster",
-					DependsPkgs:   "debconf (>= 0.5) | debconf-2.0",
 				},
 				{
 					Package: "util-linux",
-					Status:        "install ok installed",
-					Priority:      "required",
-					InstalledSize: "4327",
-					Maintainer:    "LaMont Jones <lamont@debian.org>",
-					Architecture:  "amd64",
 					Version: "2.33.1-0.1",
-					ReplacesPkgs:  "bash-completion (<< 1:2.8), initscripts (<< 2.88dsf-59.2~), login (<< 1:4.5-1.1~), mount (<< 2.29.2-3~), s390-tools (<< 2.2.0-1~), setpriv (<< 2.32.1-0.2~), sysvinit-utils (<< 2.88dsf-59.1~)",
-					DependsPkgs:   "fdisk, login (>= 1:4.5-1.1~)",
-					SuggestsPkgs:  "dosfstools, kbd | console-tools, util-linux-locales",
-					ConfigFiles: `
- /etc/default/hwclock 3916544450533eca69131f894db0ca12
- /etc/init.d/hwclock.sh 1ca5c0743fa797ffa364db95bb8d8d8e
- /etc/pam.d/runuser b8b44b045259525e0fae9e38fdb2aeeb
- /etc/pam.d/runuser-l 2106ea05877e8913f34b2c77fa02be45
- /etc/pam.d/su ce6dcfda3b190a27a455bb38a45ff34a
- /etc/pam.d/su-l 756fef5687fecc0d986e5951427b0c4f`,
 				},
 			},
 		},

imgbom/analyzer/dpkg/test-fixtures/multiple

@@ -1,6 +1,7 @@
 Package: tzdata
 Status: install ok installed
 Priority: required
+Source: tzdata-dev
 Section: localization
 Installed-Size: 3036
 Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>

imgbom/analyzer/dpkg/test-fixtures/single

@@ -6,6 +6,7 @@ Installed-Size: 4064
 Maintainer: APT Development Team <deity@lists.debian.org>
 Architecture: amd64
 Version: 1.8.2
+Source: apt-dev
 Replaces: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)
 Provides: apt-transport-https (= 1.8.2)
 Depends: adduser, gpgv | gpgv2 | gpgv1, debian-archive-keyring, libapt-pkg5.0 (>= 1.7.0~alpha3~), libc6 (>= 2.15), libgcc1 (>= 1:3.0), libgnutls30 (>= 3.6.6), libseccomp2 (>= 1.0.1), libstdc++6 (>= 5.2)

imgbom/pkg/metadata.go

@@ -5,16 +5,6 @@ package pkg
 // in the --showformat section
 type DpkgMetadata struct {
 	Package string `mapstructure:"Package"`
-	Architecture   string `mapstructure:"Architecture"`
+	Source  string `mapstructure:"Source"`
-	DependsPkgs    string `mapstructure:"Depends"`
-	InstalledSize  string `mapstructure:"Installed-Size"`
-	Maintainer     string `mapstructure:"Maintainer"`
-	Priority       string `mapstructure:"Priority"`
-	ProvidesPkgs   string `mapstructure:"Provides"`
-	RecommendsPkgs string `mapstructure:"Recommends"`
-	ReplacesPkgs   string `mapstructure:"Replaces"`
-	Status         string `mapstructure:"Status"`
-	SuggestsPkgs   string `mapstructure:"Suggests"`
 	Version string `mapstructure:"Version"`
-	ConfigFiles    string `mapstructure:"Conffiles"`
 }

imgbom/pkg/package.go

@@ -13,6 +13,7 @@ type Package struct {
 	id       ID
 	Name     string
 	Version  string
+	FoundBy  string
 	Source   []file.Reference
 	Licenses []string
 	Type     Type

imgbom/presenter/json/presenter.go

@@ -35,7 +35,7 @@ type layer struct {
 }
 
 type source struct {
-	Source  string   `json:"source"`
+	FoundBy string   `json:"foundBy"`
 	Layer   int      `json:"layer"`
 	Effects []string `json:"effects"`
 }
@@ -81,7 +81,6 @@ func (pres *Presenter) Present(output io.Writer, img *stereoscopeImg.Image, cata
 			Name:     p.Name,
 			Version:  p.Version,
 			Type:     p.Type.String(),
-			Analyzer: "TODO", // TODO
 			Sources:  make([]source, len(p.Source)),
 			Metadata: p.Metadata,
 		}
@@ -94,7 +93,7 @@ func (pres *Presenter) Present(output io.Writer, img *stereoscopeImg.Image, cata
 			}
 
 			srcObj := source{
-				Source:  "",
+				FoundBy: p.FoundBy,
 				Layer:   int(fileMetadata.Source.Metadata.Index),
 				Effects: []string{}, // TODO
 			}

imgbom/presenter/json/test-fixtures/snapshot/TestJsonPresenter.golden

@@ -1 +1 @@
-{"image":{"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:056c0789fa9ad629ceae6d09713fb035f84115af3c4a88a43aa60f13bc683053","size":22},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:b461c48116592c570a66fed71d5b09662a8172e168b7938cf317af47872cdc9b","size":16},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:00b80053e05c01da485015610d288ce3185fac00d251e2ada02b45a7a7c5f589","size":27}],"size":65,"digest":"sha256:3c53d2d891940f8d8e95acb77b58752f54dc5de9d91d19dd90ced2db76256cea","mediaType":"application/vnd.docker.distribution.manifest.v2+json","tags":["anchore-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7"]},"artifacts":[{"name":"package-1","version":"1.0.1","type":"deb","analyzer":"TODO","sources":[{"source":"","layer":0,"effects":[]}],"metadata":null},{"name":"package-2","version":"2.0.1","type":"deb","analyzer":"TODO","sources":[{"source":"","layer":1,"effects":[]}],"metadata":null}]}
+{"image":{"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:056c0789fa9ad629ceae6d09713fb035f84115af3c4a88a43aa60f13bc683053","size":22},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:b461c48116592c570a66fed71d5b09662a8172e168b7938cf317af47872cdc9b","size":16},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:00b80053e05c01da485015610d288ce3185fac00d251e2ada02b45a7a7c5f589","size":27}],"size":65,"digest":"sha256:3c53d2d891940f8d8e95acb77b58752f54dc5de9d91d19dd90ced2db76256cea","mediaType":"application/vnd.docker.distribution.manifest.v2+json","tags":["anchore-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7"]},"artifacts":[{"name":"package-1","version":"1.0.1","type":"deb","analyzer":"","sources":[{"foundBy":"","layer":0,"effects":[]}],"metadata":null},{"name":"package-2","version":"2.0.1","type":"deb","analyzer":"","sources":[{"foundBy":"","layer":1,"effects":[]}],"metadata":null}]}