Merge pull request #388 from anchore/add-apk-extra-fields

Use the standard file.Digest for apk checksums

schema/json/schema-1.1.0.json

@@ -19,8 +19,9 @@
         "permissions": {
           "type": "string"
         },
-        "checksum": {
+        "digest": {
-          "type": "string"
+          "$schema": "http://json-schema.org/draft-04/schema#",
+          "$ref": "#/definitions/Digest"
         }
       },
       "additionalProperties": true,
@@ -283,7 +284,6 @@
           "type": "string"
         },
         "digest": {
-          "$schema": "http://json-schema.org/draft-04/schema#",
           "$ref": "#/definitions/Digest"
         },
         "isConfigFile": {

syft/pkg/apk_metadata.go

@@ -3,6 +3,8 @@ package pkg
 import (
 	"sort"
 
+	"github.com/anchore/syft/syft/file"
+
 	"github.com/package-url/packageurl-go"
 	"github.com/scylladb/go-set/strset"
 )
@@ -35,11 +37,11 @@ type ApkMetadata struct {
 
 // ApkFileRecord represents a single file listing and metadata from a APK DB entry (which may have many of these file records).
 type ApkFileRecord struct {
-	Path        string `json:"path"`
+	Path        string      `json:"path"`
-	OwnerUID    string `json:"ownerUid,omitempty"`
+	OwnerUID    string      `json:"ownerUid,omitempty"`
-	OwnerGID    string `json:"ownerGid,omitempty"`
+	OwnerGID    string      `json:"ownerGid,omitempty"`
-	Permissions string `json:"permissions,omitempty"`
+	Permissions string      `json:"permissions,omitempty"`
-	Checksum    string `json:"checksum,omitempty"`
+	Digest      file.Digest `json:"digest,omitempty"`
 }
 
 // PackageURL returns the PURL for the specific Alpine package (see https://github.com/package-url/purl-spec)

syft/pkg/cataloger/apkdb/parse_apk_db.go

@@ -8,6 +8,8 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/anchore/syft/syft/file"
+
 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/syft/pkg"
 	"github.com/anchore/syft/syft/pkg/cataloger/common"
@@ -126,7 +128,10 @@ func parseApkDBEntry(reader io.Reader) (*pkg.ApkMetadata, error) {
 				log.Warnf("checksum field with no parent record: %q", value)
 				continue
 			}
-			fileRecord.Checksum = value
+			fileRecord.Digest = file.Digest{
+				Algorithm: "sha1",
+				Value:     value,
+			}
 		case "I", "S":
 			// coerce to integer
 			iVal, err := strconv.Atoi(value)

syft/pkg/cataloger/apkdb/parse_apk_db_test.go

@@ -5,6 +5,8 @@ import (
 	"os"
 	"testing"
 
+	"github.com/anchore/syft/syft/file"
+
 	"github.com/go-test/deep"
 
 	"github.com/anchore/syft/syft/pkg"
@@ -39,7 +41,10 @@ func TestExtraFileAttributes(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1M0C9qfC/+kdRiOodeihG2GMRtkE=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1M0C9qfC/+kdRiOodeihG2GMRtkE=",
+						},
 					},
 				},
 			},
@@ -105,7 +110,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1Kja2+POZKxEkUOZqwSjC6kmaED4=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1Kja2+POZKxEkUOZqwSjC6kmaED4=",
+						},
 					},
 					{
 						Path: "/usr",
@@ -118,28 +126,40 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1CVmFbdY+Hv6/jAHl1gec2Kbx1EY=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1CVmFbdY+Hv6/jAHl1gec2Kbx1EY=",
+						},
 					},
 					{
 						Path:        "/usr/bin/ldd",
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1yFAhGggmL7ERgbIA7KQxyTzf3ks=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1yFAhGggmL7ERgbIA7KQxyTzf3ks=",
+						},
 					},
 					{
 						Path:        "/usr/bin/getconf",
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1dAdYK8M/INibRQF5B3Rw7cmNDDA=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1dAdYK8M/INibRQF5B3Rw7cmNDDA=",
+						},
 					},
 					{
 						Path:        "/usr/bin/getent",
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1eR2Dz/WylabgbWMTkd2+hGmEya4=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1eR2Dz/WylabgbWMTkd2+hGmEya4=",
+						},
 					},
 				},
 			},
@@ -174,70 +194,115 @@ func TestSinglePackageDetails(t *testing.T) {
 						Path: "/etc",
 					},
 					{
-						Path:     "/etc/fstab",
+						Path: "/etc/fstab",
-						Checksum: "Q11Q7hNe8QpDS531guqCdrXBzoA/o=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q11Q7hNe8QpDS531guqCdrXBzoA/o=",
+						},
 					},
 					{
-						Path:     "/etc/group",
+						Path: "/etc/group",
-						Checksum: "Q1oJ16xWudgKOrXIEquEDzlF2Lsm4=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1oJ16xWudgKOrXIEquEDzlF2Lsm4=",
+						},
 					},
 					{
-						Path:     "/etc/hostname",
+						Path: "/etc/hostname",
-						Checksum: "Q16nVwYVXP/tChvUPdukVD2ifXOmc=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q16nVwYVXP/tChvUPdukVD2ifXOmc=",
+						},
 					},
 					{
-						Path:     "/etc/hosts",
+						Path: "/etc/hosts",
-						Checksum: "Q1BD6zJKZTRWyqGnPi4tSfd3krsMU=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1BD6zJKZTRWyqGnPi4tSfd3krsMU=",
+						},
 					},
 					{
-						Path:     "/etc/inittab",
+						Path: "/etc/inittab",
-						Checksum: "Q1TsthbhW7QzWRe1E/NKwTOuD4pHc=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1TsthbhW7QzWRe1E/NKwTOuD4pHc=",
+						},
 					},
 					{
-						Path:     "/etc/modules",
+						Path: "/etc/modules",
-						Checksum: "Q1toogjUipHGcMgECgPJX64SwUT1M=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1toogjUipHGcMgECgPJX64SwUT1M=",
+						},
 					},
 					{
-						Path:     "/etc/motd",
+						Path: "/etc/motd",
-						Checksum: "Q1XmduVVNURHQ27TvYp1Lr5TMtFcA=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1XmduVVNURHQ27TvYp1Lr5TMtFcA=",
+						},
 					},
 					{
 						Path:        "/etc/mtab",
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "777",
-						Checksum:    "Q1kiljhXXH1LlQroHsEJIkPZg2eiw=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1kiljhXXH1LlQroHsEJIkPZg2eiw=",
+						},
 					},
 					{
-						Path:     "/etc/passwd",
+						Path: "/etc/passwd",
-						Checksum: "Q1TchuuLUfur0izvfZQZxgN/LJhB8=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1TchuuLUfur0izvfZQZxgN/LJhB8=",
+						},
 					},
 					{
-						Path:     "/etc/profile",
+						Path: "/etc/profile",
-						Checksum: "Q1KpFb8kl5LvwXWlY3e58FNsjrI34=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1KpFb8kl5LvwXWlY3e58FNsjrI34=",
+						},
 					},
 					{
-						Path:     "/etc/protocols",
+						Path: "/etc/protocols",
-						Checksum: "Q13FqXUnvuOpMDrH/6rehxuYAEE34=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q13FqXUnvuOpMDrH/6rehxuYAEE34=",
+						},
 					},
 					{
-						Path:     "/etc/services",
+						Path: "/etc/services",
-						Checksum: "Q1C6HJNgQvLWqt5VY+n7MZJ1rsDuY=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1C6HJNgQvLWqt5VY+n7MZJ1rsDuY=",
+						},
 					},
 					{
 						Path:        "/etc/shadow",
 						OwnerUID:    "0",
 						OwnerGID:    "42",
 						Permissions: "640",
-						Checksum:    "Q1ltrPIAW2zHeDiajsex2Bdmq3uqA=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1ltrPIAW2zHeDiajsex2Bdmq3uqA=",
+						},
 					},
 					{
-						Path:     "/etc/shells",
+						Path: "/etc/shells",
-						Checksum: "Q1ojm2YdpCJ6B/apGDaZ/Sdb2xJkA=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1ojm2YdpCJ6B/apGDaZ/Sdb2xJkA=",
+						},
 					},
 					{
-						Path:     "/etc/sysctl.conf",
+						Path: "/etc/sysctl.conf",
-						Checksum: "Q14upz3tfnNxZkIEsUhWn7Xoiw96g=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q14upz3tfnNxZkIEsUhWn7Xoiw96g=",
+						},
 					},
 					{
 						Path: "/etc/apk",
@@ -253,7 +318,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "600",
-						Checksum:    "Q1vfk1apUWI4yLJGhhNRd0kJixfvY=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1vfk1apUWI4yLJGhhNRd0kJixfvY=",
+						},
 					},
 					{
 						Path: "/etc/init.d",
@@ -262,20 +330,32 @@ func TestSinglePackageDetails(t *testing.T) {
 						Path: "/etc/modprobe.d",
 					},
 					{
-						Path:     "/etc/modprobe.d/aliases.conf",
+						Path: "/etc/modprobe.d/aliases.conf",
-						Checksum: "Q1WUbh6TBYNVK7e4Y+uUvLs/7viqk=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1WUbh6TBYNVK7e4Y+uUvLs/7viqk=",
+						},
 					},
 					{
-						Path:     "/etc/modprobe.d/blacklist.conf",
+						Path: "/etc/modprobe.d/blacklist.conf",
-						Checksum: "Q1xxYGU6S6TLQvb7ervPrWWwAWqMg=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1xxYGU6S6TLQvb7ervPrWWwAWqMg=",
+						},
 					},
 					{
-						Path:     "/etc/modprobe.d/i386.conf",
+						Path: "/etc/modprobe.d/i386.conf",
-						Checksum: "Q1pnay/njn6ol9cCssL7KiZZ8etlc=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1pnay/njn6ol9cCssL7KiZZ8etlc=",
+						},
 					},
 					{
-						Path:     "/etc/modprobe.d/kms.conf",
+						Path: "/etc/modprobe.d/kms.conf",
-						Checksum: "Q1ynbLn3GYDpvajba/ldp1niayeog=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1ynbLn3GYDpvajba/ldp1niayeog=",
+						},
 					},
 					{
 						Path: "/etc/modules-load.d",
@@ -320,12 +400,18 @@ func TestSinglePackageDetails(t *testing.T) {
 						Path: "/etc/profile.d",
 					},
 					{
-						Path:     "/etc/profile.d/color_prompt",
+						Path: "/etc/profile.d/color_prompt",
-						Checksum: "Q10wL23GuSCVfumMRgakabUI6EsSk=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q10wL23GuSCVfumMRgakabUI6EsSk=",
+						},
 					},
 					{
-						Path:     "/etc/profile.d/locale",
+						Path: "/etc/profile.d/locale",
-						Checksum: "Q1R4bIEpnKxxOSrlnZy9AoawqZ5DU=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1R4bIEpnKxxOSrlnZy9AoawqZ5DU=",
+						},
 					},
 					{
 						Path: "/etc/sysctl.d",
@@ -349,8 +435,11 @@ func TestSinglePackageDetails(t *testing.T) {
 						Path: "/lib/sysctl.d",
 					},
 					{
-						Path:     "/lib/sysctl.d/00-alpine.conf",
+						Path: "/lib/sysctl.d/00-alpine.conf",
-						Checksum: "Q1HpElzW1xEgmKfERtTy7oommnq6c=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1HpElzW1xEgmKfERtTy7oommnq6c=",
+						},
 					},
 					{
 						Path: "/media",
@@ -390,7 +479,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "755",
-						Checksum:    "Q1YeuSmC7iDbEWrusPzA/zUQF6YSg=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1YeuSmC7iDbEWrusPzA/zUQF6YSg=",
+						},
 					},
 					{
 						Path: "/srv",
@@ -445,7 +537,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "777",
-						Checksum:    "Q11/SNZz/8cK2dSKK+cJpVrZIuF4Q=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q11/SNZz/8cK2dSKK+cJpVrZIuF4Q=",
+						},
 					},
 					{
 						Path: "/var/cache",
@@ -491,7 +586,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "777",
-						Checksum:    "Q1dzbdazYZA2nTzSIG3YyNw7d4Juc=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1dzbdazYZA2nTzSIG3YyNw7d4Juc=",
+						},
 					},
 					{
 						Path: "/var/spool/cron",
@@ -501,7 +599,10 @@ func TestSinglePackageDetails(t *testing.T) {
 						OwnerUID:    "0",
 						OwnerGID:    "0",
 						Permissions: "777",
-						Checksum:    "Q1OFZt+ZMp7j0Gny0rqSKuWJyqYmA=",
+						Digest: file.Digest{
+							Algorithm: "sha1",
+							Value:     "Q1OFZt+ZMp7j0Gny0rqSKuWJyqYmA=",
+						},
 					},
 					{
 						Path:        "/var/tmp",
@@ -603,7 +704,10 @@ func TestMultiplePackages(t *testing.T) {
 								OwnerUID:    "0",
 								OwnerGID:    "0",
 								Permissions: "755",
-								Checksum:    "Q1Kja2+POZKxEkUOZqwSjC6kmaED4=",
+								Digest: file.Digest{
+									Algorithm: "sha1",
+									Value:     "Q1Kja2+POZKxEkUOZqwSjC6kmaED4=",
+								},
 							},
 							{
 								Path: "/usr",
@@ -616,28 +720,40 @@ func TestMultiplePackages(t *testing.T) {
 								OwnerUID:    "0",
 								OwnerGID:    "0",
 								Permissions: "755",
-								Checksum:    "Q1CVmFbdY+Hv6/jAHl1gec2Kbx1EY=",
+								Digest: file.Digest{
+									Algorithm: "sha1",
+									Value:     "Q1CVmFbdY+Hv6/jAHl1gec2Kbx1EY=",
+								},
 							},
 							{
 								Path:        "/usr/bin/ldd",
 								OwnerUID:    "0",
 								OwnerGID:    "0",
 								Permissions: "755",
-								Checksum:    "Q1yFAhGggmL7ERgbIA7KQxyTzf3ks=",
+								Digest: file.Digest{
+									Algorithm: "sha1",
+									Value:     "Q1yFAhGggmL7ERgbIA7KQxyTzf3ks=",
+								},
 							},
 							{
 								Path:        "/usr/bin/getconf",
 								OwnerUID:    "0",
 								OwnerGID:    "0",
 								Permissions: "755",
-								Checksum:    "Q1dAdYK8M/INibRQF5B3Rw7cmNDDA=",
+								Digest: file.Digest{
+									Algorithm: "sha1",
+									Value:     "Q1dAdYK8M/INibRQF5B3Rw7cmNDDA=",
+								},
 							},
 							{
 								Path:        "/usr/bin/getent",
 								OwnerUID:    "0",
 								OwnerGID:    "0",
 								Permissions: "755",
-								Checksum:    "Q1eR2Dz/WylabgbWMTkd2+hGmEya4=",
+								Digest: file.Digest{
+									Algorithm: "sha1",
+									Value:     "Q1eR2Dz/WylabgbWMTkd2+hGmEya4=",
+								},
 							},
 						},
 					},