mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 08:23:15 +01:00
4194a2cd34
This PR adds DependencyOf relationships when ELF packages have been discovered by the binary cataloger. The discovered file.Executable type has a []ImportedLibraries that's read from the file when discovered by syft. By mapping these imported libraries back to the package collection, syft is able to create relationships showing which packages are dependencies of other packages by just reading metadata from the ELF executable. --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Brian Ebarb <ebarb.brian@sers.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
62 lines
1.7 KiB
YAML
62 lines
1.7 KiB
YAML
name: "Bootstrap"
|
|
|
|
description: "Bootstrap all tools and dependencies"
|
|
inputs:
|
|
go-version:
|
|
description: "Go version to install"
|
|
required: true
|
|
default: "1.21.x"
|
|
go-dependencies:
|
|
description: "Download go dependencies"
|
|
required: true
|
|
default: "true"
|
|
cache-key-prefix:
|
|
description: "Prefix all cache keys with this value"
|
|
required: true
|
|
default: "1ac8281053"
|
|
compute-fingerprints:
|
|
description: "Compute test fixture fingerprints"
|
|
required: true
|
|
default: "true"
|
|
bootstrap-apt-packages:
|
|
description: "Space delimited list of tools to install via apt"
|
|
default: "libxml2-utils"
|
|
|
|
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
# note: go mod and build is automatically cached on default with v4+
|
|
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 #v5.0.1
|
|
if: inputs.go-version != ''
|
|
with:
|
|
go-version: ${{ inputs.go-version }}
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 #v3.3.2
|
|
with:
|
|
path: ${{ github.workspace }}/.tool
|
|
key: ${{ inputs.cache-key-prefix }}-${{ runner.os }}-tool-${{ hashFiles('.binny.yaml') }}
|
|
|
|
- name: Install project tools
|
|
shell: bash
|
|
run: make tools
|
|
|
|
- name: Install go dependencies
|
|
if: inputs.go-dependencies == 'true'
|
|
shell: bash
|
|
run: make ci-bootstrap-go
|
|
|
|
- name: Install apt packages
|
|
if: inputs.bootstrap-apt-packages != ''
|
|
shell: bash
|
|
run: |
|
|
DEBIAN_FRONTEND=noninteractive sudo apt update && sudo -E apt install -y ${{ inputs.bootstrap-apt-packages }}
|
|
|
|
- name: Create all cache fingerprints
|
|
if: inputs.compute-fingerprints == 'true'
|
|
shell: bash
|
|
run: make fingerprints
|
|
|