mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 08:23:15 +01:00
b0ab75fd89
* remove existing cataloging API Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add file cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add configs for cross-cutting concerns Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename CLI option configs to not require import aliases later Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update all nested structs for the Catalog struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update Catalog cli options - add new cataloger selection options (selection and default) - remove the excludeBinaryOverlapByOwnership - deprecate "catalogers" flag - add new javascript configuration Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * migrate relationship capabilities to separate internal package Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor golang cataloger to use configuration options when creating packages Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create internal object to facilitate reading from and writing to an SBOM Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create a command-like object (task) to facilitate partial SBOM creation Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add cataloger selection capability - be able to parse string expressions into a set of resolved actions against sets - be able to use expressions to select/add/remove tasks to/from the final set of tasks to run Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package, file, and environment related tasks Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update existing file catalogers to use nested UI elements Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOMConfig that drives the SBOM creation process Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * capture SBOM creation info as a struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOM() function Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update docs with SBOM selection help + breaking changes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix multiple override default inputs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix deprecation flag printing to stdout Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor cataloger selection description to separate object Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * keep expression errors and show specific suggestions only Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address additional review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address more review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * addressed additional PR review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix file selection references Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove guess language data generation option Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add tests for coordinatesForSelection Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename relationship attributes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add descriptions to relationships config fields Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * improve documentation around configuration options Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add explicit errors around legacy config entries Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
84 lines
1.5 KiB
Go
84 lines
1.5 KiB
Go
package sbomsync
|
|
|
|
import (
|
|
"sync"
|
|
|
|
"github.com/anchore/syft/syft/artifact"
|
|
"github.com/anchore/syft/syft/linux"
|
|
"github.com/anchore/syft/syft/pkg"
|
|
"github.com/anchore/syft/syft/sbom"
|
|
)
|
|
|
|
var _ interface {
|
|
Accessor
|
|
Builder
|
|
} = (*sbomBuilder)(nil) // integrity check
|
|
|
|
// Builder provides a simple facade for simple additions to the SBOM
|
|
type Builder interface {
|
|
// nodes
|
|
|
|
AddPackages(...pkg.Package)
|
|
|
|
// edges
|
|
|
|
AddRelationships(...artifact.Relationship)
|
|
|
|
// other
|
|
|
|
SetLinuxDistribution(linux.Release)
|
|
}
|
|
|
|
// Accessor allows for low-level access to the SBOM
|
|
type Accessor interface {
|
|
WriteToSBOM(func(*sbom.SBOM))
|
|
ReadFromSBOM(func(*sbom.SBOM))
|
|
}
|
|
|
|
type sbomBuilder struct {
|
|
sbom *sbom.SBOM
|
|
lock *sync.RWMutex
|
|
}
|
|
|
|
func NewBuilder(s *sbom.SBOM) Builder {
|
|
return &sbomBuilder{
|
|
sbom: s,
|
|
lock: &sync.RWMutex{},
|
|
}
|
|
}
|
|
|
|
func (b sbomBuilder) WriteToSBOM(fn func(*sbom.SBOM)) {
|
|
b.lock.Lock()
|
|
defer b.lock.Unlock()
|
|
|
|
fn(b.sbom)
|
|
}
|
|
|
|
func (b sbomBuilder) ReadFromSBOM(fn func(*sbom.SBOM)) {
|
|
b.lock.RLock()
|
|
defer b.lock.RUnlock()
|
|
|
|
fn(b.sbom)
|
|
}
|
|
|
|
func (b sbomBuilder) AddPackages(p ...pkg.Package) {
|
|
b.lock.Lock()
|
|
defer b.lock.Unlock()
|
|
|
|
b.sbom.Artifacts.Packages.Add(p...)
|
|
}
|
|
|
|
func (b sbomBuilder) AddRelationships(relationship ...artifact.Relationship) {
|
|
b.lock.Lock()
|
|
defer b.lock.Unlock()
|
|
|
|
b.sbom.Relationships = append(b.sbom.Relationships, relationship...)
|
|
}
|
|
|
|
func (b sbomBuilder) SetLinuxDistribution(release linux.Release) {
|
|
b.lock.Lock()
|
|
defer b.lock.Unlock()
|
|
|
|
b.sbom.Artifacts.LinuxDistribution = &release
|
|
}
|