fix: improve redhat-release parsing fallback for RHEL clones (#4808)

Ensures the correct distro id for AlmaLinux and Rocky Linux when falling
back to parsing distro information from the redhat-release file.  Also
sets the idlike to `rhel` for these instances as that is necessary to
ensure correct vulnerability data matching.

Signed-off-by: Weston Steimel <author@code.w.steimel.me.uk>

syft/linux/identify_release.go

@@ -200,13 +200,26 @@ func parseRedhatRelease(contents string) (*Release, error) {
 	case strings.HasPrefix(id, "centos"):
 		// ignore the parenthetical version information
 		version = versionID
+	case strings.HasPrefix(id, "rocky linux"):
+		id = "rocky"
+	case strings.HasPrefix(id, "scientific linux"):
+		id = "scientific"
+	}
+
+	idLike := []string{id}
+
+	// Because this is the RedHat release file, assume that this distro is a rhel clone and
+	// add `rhel` to the idLike slice.  This ensures that vulnerability matching will at least
+	// fall back to rhel if nothing more specific can be identified
+	if id != "rhel" {
+		idLike = append(idLike, "rhel")
 	}
 
 	return &Release{
 		PrettyName: contents,
 		Name:       name,
 		ID:         id,
-		IDLike:     []string{id},
+		IDLike:     idLike,
 		Version:    version,
 		VersionID:  versionID,
 	}, nil

syft/linux/identify_release_test.go

@@ -294,7 +294,7 @@ func TestIdentifyRelease(t *testing.T) {
 				PrettyName: "CentOS release 5.7 (Final)",
 				Name:       "CentOS",
 				ID:         "centos",
-				IDLike:     []string{"centos"},
+				IDLike:     []string{"centos", "rhel"},
 				Version:    "5.7",
 				VersionID:  "5.7",
 			},
@@ -314,7 +314,7 @@ func TestIdentifyRelease(t *testing.T) {
 			},
 		},
 		{
-			fixture: "testdata/os/rockylinux",
+			fixture: "testdata/os/rockylinux/from-os-release",
 			release: &Release{
 				PrettyName: "Rocky Linux 8.4 (Green Obsidian)",
 				Name:       "Rocky Linux",
@@ -331,7 +331,21 @@ func TestIdentifyRelease(t *testing.T) {
 			},
 		},
 		{
-			fixture: "testdata/os/almalinux",
+			fixture: "testdata/os/rockylinux/from-redhat-release",
+			release: &Release{
+				PrettyName: "Rocky Linux release 8.10 (Green Obsidian)",
+				Name:       "Rocky Linux",
+				ID:         "rocky",
+				IDLike: []string{
+					"rocky",
+					"rhel",
+				},
+				Version:   "8.10 (Green Obsidian)",
+				VersionID: "8.10",
+			},
+		},
+		{
+			fixture: "testdata/os/almalinux/from-os-release",
 			release: &Release{
 				PrettyName: "AlmaLinux 8.4 (Electric Cheetah)",
 				Name:       "AlmaLinux",
@@ -348,6 +362,52 @@ func TestIdentifyRelease(t *testing.T) {
 				CPEName:      "cpe:/o:almalinux:almalinux:8.4:GA",
 			},
 		},
+		{
+			fixture: "testdata/os/almalinux/from-redhat-release",
+			release: &Release{
+				PrettyName: "AlmaLinux release 8.10 (Cerulean Leopard)",
+				Name:       "AlmaLinux",
+				ID:         "almalinux",
+				IDLike: []string{
+					"almalinux",
+					"rhel",
+				},
+				Version:   "8.10 (Cerulean Leopard)",
+				VersionID: "8.10",
+			},
+		},
+		{
+			fixture: "testdata/os/scientific/from-os-release",
+			release: &Release{
+				PrettyName: "Scientific Linux 7.5 (Nitrogen)",
+				Name:       "Scientific Linux",
+				ID:         "scientific",
+				IDLike: []string{
+					"rhel",
+					"centos",
+					"fedora",
+				},
+				Version:      "7.5 (Nitrogen)",
+				VersionID:    "7.5",
+				HomeURL:      "http://www.scientificlinux.org//",
+				BugReportURL: "mailto:scientific-linux-devel@listserv.fnal.gov",
+				CPEName:      "cpe:/o:scientificlinux:scientificlinux:7.5:GA",
+			},
+		},
+		{
+			fixture: "testdata/os/scientific/from-redhat-release",
+			release: &Release{
+				PrettyName: "Scientific Linux release 7.9 (Nitrogen)",
+				Name:       "Scientific Linux",
+				ID:         "scientific",
+				IDLike: []string{
+					"scientific",
+					"rhel",
+				},
+				Version:   "7.9 (Nitrogen)",
+				VersionID: "7.9",
+			},
+		},
 		{
 			fixture: "testdata/os/wolfi",
 			release: &Release{
@@ -534,7 +594,7 @@ func TestParseRedhatRelease(t *testing.T) {
 				PrettyName: "CentOS release 5.7 (Final)",
 				Name:       "CentOS",
 				ID:         "centos",
-				IDLike:     []string{"centos"},
+				IDLike:     []string{"centos", "rhel"},
 				Version:    "5.7",
 				VersionID:  "5.7",
 			},

syft/linux/testdata/os/almalinux/from-redhat-release/etc/redhat-release

@@ -0,0 +1 @@
+AlmaLinux release 8.10 (Cerulean Leopard)

syft/linux/testdata/os/rockylinux/from-redhat-release/etc/redhat-release

@@ -0,0 +1 @@
+Rocky Linux release 8.10 (Green Obsidian)

syft/linux/testdata/os/scientific/from-os-release/etc/os-release

@@ -0,0 +1,15 @@
+NAME="Scientific Linux"
+VERSION="7.5 (Nitrogen)"
+ID="scientific"
+ID_LIKE="rhel centos fedora"
+VERSION_ID="7.5"
+PRETTY_NAME="Scientific Linux 7.5 (Nitrogen)"
+ANSI_COLOR="0;31"
+CPE_NAME="cpe:/o:scientificlinux:scientificlinux:7.5:GA"
+HOME_URL="http://www.scientificlinux.org//"
+BUG_REPORT_URL="mailto:scientific-linux-devel@listserv.fnal.gov"
+
+REDHAT_BUGZILLA_PRODUCT="Scientific Linux 7"
+REDHAT_BUGZILLA_PRODUCT_VERSION=7.5
+REDHAT_SUPPORT_PRODUCT="Scientific Linux"
+REDHAT_SUPPORT_PRODUCT_VERSION="7.5"

syft/linux/testdata/os/scientific/from-redhat-release/etc/redhat-release

@@ -0,0 +1 @@
+Scientific Linux release 7.9 (Nitrogen)