add acceptance test to cover gem cataloger + fix gem cataloger parent dir (#207)

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

syft/cataloger/ruby/catalogers.go

@@ -19,7 +19,7 @@ func NewGemFileLockCataloger() *common.GenericCataloger {
 // NewGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec).
 func NewGemSpecCataloger() *common.GenericCataloger {
 	globParsers := map[string]common.ParserFn{
-		"**/specification/*.gemspec": parseGemSpecEntries,
+		"**/specifications/*.gemspec": parseGemSpecEntries,
 	}
 
 	return common.NewGenericCataloger(nil, globParsers, "ruby-gemspec-cataloger")

test/inline-compare/Makefile

@@ -25,7 +25,7 @@ all: clean-syft
 compare-image: $(SYFT_REPORT) $(INLINE_REPORT)
 	./compare.py $(COMPARE_IMAGE)
 
-.PHONY: gather-iamge
+.PHONY: gather-image
 gather-image: $(SYFT_REPORT) $(INLINE_REPORT)
 
 $(INLINE_REPORT):

test/inline-compare/compare-all.sh

@@ -2,7 +2,7 @@
 set -eu
 
 # TODO: Add "alpine:3.12.0" back in when we've figured out how to handle the apk version field w/ and w/o release information (see issue: https://github.com/anchore/syft/pull/195)
-images=("debian:10.5" "centos:8.2.2004")
+images=("debian:10.5" "centos:8.2.2004" "rails:5.0.1")
 
 # gather all image analyses
 for img in "${images[@]}"; do

test/inline-compare/compare.py

@@ -33,8 +33,9 @@ class InlineScan:
 
     def packages(self):
         python_packages, python_metadata = self._python_packages()
-        os_pacakges, os_metadata = self._os_packages()
+        gem_packages, gem_metadata = self._gem_packages()
-        return python_packages | os_pacakges, {**python_metadata, **os_metadata}
+        os_packages, os_metadata = self._os_packages()
+        return python_packages | os_packages | gem_packages , {**python_metadata, **os_metadata, **gem_metadata}
 
     def _report_path(self, report):
         return os.path.join(
@@ -67,6 +68,18 @@ class InlineScan:
 
         return packages, metadata
 
+    def _gem_packages(self):
+        packages = set()
+        metadata = collections.defaultdict(dict)
+        for entry in self._enumerate_section(
+                report="content-gem", section="content"
+        ):
+            package = Package(name=entry["package"], type=entry["type"].lower(),)
+            packages.add(package)
+            metadata[package.type][package] = Metadata(version=entry["version"])
+
+        return packages, metadata
+
     def _os_packages(self):
         packages = set()
         metadata = collections.defaultdict(dict)
@@ -162,7 +175,7 @@ def main(image):
     for package in syft_packages:
         metadata = syft_metadata[package.type][package]
         # we only want to really count mismatched metadata for packages that are at least found by inline
-        if package in inline_metadata[package.type]:
+        if package in inline_metadata.get(package.type, []):
             syft_overlap_metadata_set.add((package, metadata))
 
     same_metadata = syft_overlap_metadata_set & inline_metadata_set
@@ -202,8 +215,10 @@ def main(image):
 
     print(colors.bold+"Summary:", colors.reset)
     print("   Image: %s" % image)
-    print("   Inline Packages: %d" % len(inline_packages))
+    print("   Inline Packages : %d" % len(inline_packages))
-    print("   Syft Packages: %d" % len(syft_packages))
+    print("   Syft Packages   : %d" % len(syft_packages))
+    print("         (extra)   : %d" % len(bonus_packages))
+    print("       (missing)   : %d" % len(missing_packages))
     print(
         "   Baseline Packages Matched: %2.3f %% (%d/%d packages)"
         % (percent_overlap_packages, len(same_packages), len(inline_packages))