From e3140063d498e6edce4bdd3241d7b6da3738b8d5 Mon Sep 17 00:00:00 2001
From: Joye Lin <y12studio@gmail.com>
Date: Thu, 16 Mar 2023 02:53:22 +0800
Subject: [PATCH] feat: add argocd, helm, kustomize and kubectl binary
 classifiers (#1663)

* add argocd, helm, kustomize and kubectl binary classifiers
* update golang PURL
* address PR faceback about binary/test-fixtures/Makefile
* remove the /v[n] suffix from the PURL in both argocd and helm

---------

Signed-off-by: y12studio <y12studio@gmail.com>
---
 syft/pkg/cataloger/binary/cataloger_test.go   | 108 ++++++++++++++++++
 .../cataloger/binary/default_classifiers.go   |  36 ++++++
 .../cataloger/binary/test-fixtures/Makefile   |  66 ++++++++++-
 3 files changed, 209 insertions(+), 1 deletion(-)

diff --git a/syft/pkg/cataloger/binary/cataloger_test.go b/syft/pkg/cataloger/binary/cataloger_test.go
index 8d277f558..5977abd77 100644
--- a/syft/pkg/cataloger/binary/cataloger_test.go
+++ b/syft/pkg/cataloger/binary/cataloger_test.go
@@ -239,6 +239,114 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("redis-binary"),
 			},
 		},
+		{
+			name:       "positive-argocd-2.5.11",
+			fixtureDir: "test-fixtures/classifiers/dynamic/argocd-2.5.11",
+			expected: pkg.Package{
+				Name:      "argocd",
+				Version:   "2.5.11",
+				Type:      "binary",
+				PURL:      "pkg:golang/github.com/argoproj/argo-cd@2.5.11",
+				Locations: locations("argocd"),
+				Metadata:  metadata("argocd"),
+			},
+		},
+		{
+			name:       "positive-argocd-2.6.4",
+			fixtureDir: "test-fixtures/classifiers/dynamic/argocd-2.6.4",
+			expected: pkg.Package{
+				Name:      "argocd",
+				Version:   "2.6.4",
+				Type:      "binary",
+				PURL:      "pkg:golang/github.com/argoproj/argo-cd@2.6.4",
+				Locations: locations("argocd"),
+				Metadata:  metadata("argocd"),
+			},
+		},
+		{
+			name:       "positive-helm-3.11.1",
+			fixtureDir: "test-fixtures/classifiers/dynamic/helm-3.11.1",
+			expected: pkg.Package{
+				Name:      "helm",
+				Version:   "3.11.1",
+				Type:      "binary",
+				PURL:      "pkg:golang/helm.sh/helm@3.11.1",
+				Locations: locations("helm"),
+				Metadata:  metadata("helm"),
+			},
+		},
+		{
+			name:       "positive-helm-3.10.3",
+			fixtureDir: "test-fixtures/classifiers/dynamic/helm-3.10.3",
+			expected: pkg.Package{
+				Name:      "helm",
+				Version:   "3.10.3",
+				Type:      "binary",
+				PURL:      "pkg:golang/helm.sh/helm@3.10.3",
+				Locations: locations("helm"),
+				Metadata:  metadata("helm"),
+			},
+		},
+		{
+			name:       "positive-kubectl-1.24.11",
+			fixtureDir: "test-fixtures/classifiers/dynamic/kubectl-1.24.11",
+			expected: pkg.Package{
+				Name:      "kubectl",
+				Version:   "1.24.11",
+				Type:      "binary",
+				PURL:      "pkg:golang/k8s.io/kubectl@1.24.11",
+				Locations: locations("kubectl"),
+				Metadata:  metadata("kubectl"),
+			},
+		},
+		{
+			name:       "positive-kubectl-1.25.7",
+			fixtureDir: "test-fixtures/classifiers/dynamic/kubectl-1.25.7",
+			expected: pkg.Package{
+				Name:      "kubectl",
+				Version:   "1.25.7",
+				Type:      "binary",
+				PURL:      "pkg:golang/k8s.io/kubectl@1.25.7",
+				Locations: locations("kubectl"),
+				Metadata:  metadata("kubectl"),
+			},
+		},
+		{
+			name:       "positive-kubectl-1.26.2",
+			fixtureDir: "test-fixtures/classifiers/dynamic/kubectl-1.26.2",
+			expected: pkg.Package{
+				Name:      "kubectl",
+				Version:   "1.26.2",
+				Type:      "binary",
+				PURL:      "pkg:golang/k8s.io/kubectl@1.26.2",
+				Locations: locations("kubectl"),
+				Metadata:  metadata("kubectl"),
+			},
+		},
+		{
+			name:       "positive-kustomize-4.5.7",
+			fixtureDir: "test-fixtures/classifiers/dynamic/kustomize-4.5.7",
+			expected: pkg.Package{
+				Name:      "kustomize",
+				Version:   "4.5.7",
+				Type:      "binary",
+				PURL:      "pkg:golang/sigs.k8s.io/kustomize@4.5.7",
+				Locations: locations("kustomize"),
+				Metadata:  metadata("kustomize"),
+			},
+		},
+		{
+			name:       "positive-kustomize-5.0.0",
+			fixtureDir: "test-fixtures/classifiers/dynamic/kustomize-5.0.0",
+			expected: pkg.Package{
+				Name:      "kustomize",
+				Version:   "5.0.0",
+				Type:      "binary",
+				PURL:      "pkg:golang/sigs.k8s.io/kustomize@5.0.0",
+				Locations: locations("kustomize"),
+				Metadata:  metadata("kustomize"),
+			},
+		},
 		{
 			name:       "positive-redis-4.0.11",
 			fixtureDir: "test-fixtures/classifiers/positive/redis-server-4.0.11",
diff --git a/syft/pkg/cataloger/binary/default_classifiers.go b/syft/pkg/cataloger/binary/default_classifiers.go
index ca51759b2..852ff323e 100644
--- a/syft/pkg/cataloger/binary/default_classifiers.go
+++ b/syft/pkg/cataloger/binary/default_classifiers.go
@@ -46,6 +46,42 @@ var defaultClassifiers = []classifier{
 		PURL:    mustPURL("pkg:generic/go@version"),
 		CPEs:    singleCPE("cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"),
 	},
+	{
+		Class:    "argocd",
+		FileGlob: "**/argocd",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			`(?m)common\.version=(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
+		Package: "argocd",
+		PURL:    mustPURL("pkg:golang/github.com/argoproj/argo-cd@version"),
+		CPEs:    singleCPE("cpe:2.3:a:argoproj:argocd:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "helm",
+		FileGlob: "**/helm",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			`(?m)\x00v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`),
+		Package: "helm",
+		PURL:    mustPURL("pkg:golang/helm.sh/helm@version"),
+		CPEs:    singleCPE("cpe:2.3:a:helm:helm:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "kustomize",
+		FileGlob: "**/kustomize",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			`(?m)version=kustomize/v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)`),
+		Package: "kustomize",
+		PURL:    mustPURL("pkg:golang/sigs.k8s.io/kustomize@version"),
+		CPEs:    singleCPE("cpe:2.3:a:kustomize:kustomize:*:*:*:*:*:*:*"),
+	},
+	{
+		Class:    "kubectl",
+		FileGlob: "**/kubectl",
+		EvidenceMatcher: fileContentsVersionMatcher(
+			`(?m)\x00v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`),
+		Package: "kubectl",
+		PURL:    mustPURL("pkg:golang/k8s.io/kubectl@version"),
+		CPEs:    singleCPE("cpe:2.3:a:kubectl:kubectl:*:*:*:*:*:*:*"),
+	},
 	{
 		Class:    "redis-binary",
 		FileGlob: "**/redis-server",
diff --git a/syft/pkg/cataloger/binary/test-fixtures/Makefile b/syft/pkg/cataloger/binary/test-fixtures/Makefile
index 6f944202f..d6db74559 100644
--- a/syft/pkg/cataloger/binary/test-fixtures/Makefile
+++ b/syft/pkg/cataloger/binary/test-fixtures/Makefile
@@ -5,7 +5,17 @@ all: \
 	classifiers/dynamic/python-binary-with-version-3.9 \
 	classifiers/dynamic/python-binary-3.4-alpine \
 	classifiers/dynamic/ruby-library-3.2.1 \
-	classifiers/dynamic/ruby-library-2.7.7
+	classifiers/dynamic/ruby-library-2.7.7 \
+	classifiers/dynamic/argocd-2.5.11 \
+	classifiers/dynamic/argocd-2.6.4 \
+	classifiers/dynamic/helm-3.11.1 \
+	classifiers/dynamic/helm-3.10.3 \
+	classifiers/dynamic/kubectl-1.24.11 \
+	classifiers/dynamic/kubectl-1.25.7 \
+	classifiers/dynamic/kubectl-1.26.2 \
+	classifiers/dynamic/kustomize-4.5.7 \
+	classifiers/dynamic/kustomize-5.0.0
+
 
 classifiers/dynamic/python-binary-shared-lib-3.11:
 	$(eval $@_image := "python:3.11-slim@sha256:0b106e1d2bf485c2a41474bc9cd5103e9eea4e179f40f10741b53b127059221e")
@@ -64,6 +74,60 @@ classifiers/dynamic/ruby-library-2.7.7:
 		/usr/local/lib/libruby.so.2.7 \
 		$@/libruby.so.2.7
 
+classifiers/dynamic/argocd-2.5.11:
+	$(eval $@_image := "argoproj/argocd:v2.5.11@sha256:d1062935b3256ec69422843ebcb50debb54fd389436961586000c8ce6ee7f249")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/argocd \
+		$@/argocd
+
+classifiers/dynamic/argocd-2.6.4:
+	$(eval $@_image := "argoproj/argocd:v2.6.4@sha256:61fcbba187ff53c00696cb580edf70cada59c45cf399d8477631acf43cf522ee")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/argocd \
+		$@/argocd
+
+classifiers/dynamic/helm-3.11.1:
+	$(eval $@_image := "alpine/helm:3.11.1@sha256:8628e3695fb743a8b9de89626f1b7a221280c2152c0e288c2504e59b68233e8b")
+	./get-image-file.sh $($@_image) \
+		/usr/bin/helm \
+		$@/helm
+
+classifiers/dynamic/helm-3.10.3:
+	$(eval $@_image := "argoproj/argocd:v2.6.4@sha256:61fcbba187ff53c00696cb580edf70cada59c45cf399d8477631acf43cf522ee")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/helm \
+		$@/helm
+
+classifiers/dynamic/kubectl-1.24.11:
+	$(eval $@_image := "bitnami/kubectl:1.24.11@sha256:79d60c5ac8a1dc84e2c39f56d8e8cc0053159b5ed88f283bdf8fbda1ee86c8bc")
+	./get-image-file.sh $($@_image) \
+		/opt/bitnami/kubectl/bin/kubectl \
+		$@/kubectl
+
+classifiers/dynamic/kubectl-1.25.7:
+	$(eval $@_image := "bitnami/kubectl:1.25.7@sha256:d7b00dbfdc6d8890aefe40edfb6c1d4c90cbb6c978794bb51a21744edc34ba7a")
+	./get-image-file.sh $($@_image) \
+		/opt/bitnami/kubectl/bin/kubectl \
+		$@/kubectl
+
+classifiers/dynamic/kubectl-1.26.2:
+	$(eval $@_image := "line/kubectl-kustomize:1.26.2-5.0.0@sha256:9ee3b4a9a21f0777fc1d8c64208290f818a2e68c5e9e892e931621bda089bf06")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/kubectl \
+		$@/kubectl
+
+classifiers/dynamic/kustomize-4.5.7:
+	$(eval $@_image := "argoproj/argocd:v2.6.4@sha256:61fcbba187ff53c00696cb580edf70cada59c45cf399d8477631acf43cf522ee")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/kustomize \
+		$@/kustomize
+
+classifiers/dynamic/kustomize-5.0.0:
+	$(eval $@_image := "line/kubectl-kustomize:1.26.2-5.0.0@sha256:9ee3b4a9a21f0777fc1d8c64208290f818a2e68c5e9e892e931621bda089bf06")
+	./get-image-file.sh $($@_image) \
+		/usr/local/bin/kustomize \
+		$@/kustomize
+
 .PHONY: clean
 clean:
 	rm -rf classifiers/dynamic