mirror of
https://github.com/anchore/syft.git
synced 2026-06-10 06:18:24 +02:00
b0ab75fd89
* remove existing cataloging API Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add file cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add configs for cross-cutting concerns Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename CLI option configs to not require import aliases later Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update all nested structs for the Catalog struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update Catalog cli options - add new cataloger selection options (selection and default) - remove the excludeBinaryOverlapByOwnership - deprecate "catalogers" flag - add new javascript configuration Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * migrate relationship capabilities to separate internal package Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor golang cataloger to use configuration options when creating packages Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create internal object to facilitate reading from and writing to an SBOM Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create a command-like object (task) to facilitate partial SBOM creation Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add cataloger selection capability - be able to parse string expressions into a set of resolved actions against sets - be able to use expressions to select/add/remove tasks to/from the final set of tasks to run Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package, file, and environment related tasks Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update existing file catalogers to use nested UI elements Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOMConfig that drives the SBOM creation process Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * capture SBOM creation info as a struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOM() function Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update docs with SBOM selection help + breaking changes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix multiple override default inputs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix deprecation flag printing to stdout Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor cataloger selection description to separate object Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * keep expression errors and show specific suggestions only Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address additional review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address more review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * addressed additional PR review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix file selection references Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove guess language data generation option Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add tests for coordinatesForSelection Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename relationship attributes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add descriptions to relationships config fields Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * improve documentation around configuration options Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add explicit errors around legacy config entries Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
116 lines
3.0 KiB
Go
116 lines
3.0 KiB
Go
package filedigest
|
|
|
|
import (
|
|
"crypto"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/dustin/go-humanize"
|
|
|
|
stereoscopeFile "github.com/anchore/stereoscope/pkg/file"
|
|
"github.com/anchore/syft/internal"
|
|
"github.com/anchore/syft/internal/bus"
|
|
intFile "github.com/anchore/syft/internal/file"
|
|
"github.com/anchore/syft/internal/log"
|
|
"github.com/anchore/syft/syft/event/monitor"
|
|
"github.com/anchore/syft/syft/file"
|
|
intCataloger "github.com/anchore/syft/syft/file/cataloger/internal"
|
|
)
|
|
|
|
var ErrUndigestableFile = errors.New("undigestable file")
|
|
|
|
type Cataloger struct {
|
|
hashes []crypto.Hash
|
|
}
|
|
|
|
func NewCataloger(hashes []crypto.Hash) *Cataloger {
|
|
return &Cataloger{
|
|
hashes: hashes,
|
|
}
|
|
}
|
|
|
|
func (i *Cataloger) Catalog(resolver file.Resolver, coordinates ...file.Coordinates) (map[file.Coordinates][]file.Digest, error) {
|
|
results := make(map[file.Coordinates][]file.Digest)
|
|
var locations []file.Location
|
|
|
|
if len(coordinates) == 0 {
|
|
locations = intCataloger.AllRegularFiles(resolver)
|
|
} else {
|
|
for _, c := range coordinates {
|
|
locs, err := resolver.FilesByPath(c.RealPath)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("unable to get file locations for path %q: %w", c.RealPath, err)
|
|
}
|
|
locations = append(locations, locs...)
|
|
}
|
|
}
|
|
|
|
prog := catalogingProgress(int64(len(locations)))
|
|
for _, location := range locations {
|
|
result, err := i.catalogLocation(resolver, location)
|
|
|
|
if errors.Is(err, ErrUndigestableFile) {
|
|
continue
|
|
}
|
|
|
|
prog.AtomicStage.Set(location.Path())
|
|
|
|
if internal.IsErrPathPermission(err) {
|
|
log.Debugf("file digests cataloger skipping %q: %+v", location.RealPath, err)
|
|
continue
|
|
}
|
|
|
|
if err != nil {
|
|
prog.SetError(err)
|
|
return nil, fmt.Errorf("failed to process file %q: %w", location.RealPath, err)
|
|
}
|
|
|
|
prog.Increment()
|
|
|
|
results[location.Coordinates] = result
|
|
}
|
|
|
|
log.Debugf("file digests cataloger processed %d files", prog.Current())
|
|
|
|
prog.AtomicStage.Set(fmt.Sprintf("%s files", humanize.Comma(prog.Current())))
|
|
prog.SetCompleted()
|
|
|
|
return results, nil
|
|
}
|
|
|
|
func (i *Cataloger) catalogLocation(resolver file.Resolver, location file.Location) ([]file.Digest, error) {
|
|
meta, err := resolver.FileMetadataByLocation(location)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// we should only attempt to report digests for files that are regular files (don't attempt to resolve links)
|
|
if meta.Type != stereoscopeFile.TypeRegular {
|
|
return nil, ErrUndigestableFile
|
|
}
|
|
|
|
contentReader, err := resolver.FileContentsByLocation(location)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer internal.CloseAndLogError(contentReader, location.AccessPath)
|
|
|
|
digests, err := intFile.NewDigestsFromFile(contentReader, i.hashes)
|
|
if err != nil {
|
|
return nil, internal.ErrPath{Context: "digests-cataloger", Path: location.RealPath, Err: err}
|
|
}
|
|
|
|
return digests, nil
|
|
}
|
|
|
|
func catalogingProgress(locations int64) *monitor.CatalogerTaskProgress {
|
|
info := monitor.GenericTask{
|
|
Title: monitor.Title{
|
|
Default: "File digests",
|
|
},
|
|
ParentID: monitor.TopLevelCatalogingTaskID,
|
|
}
|
|
|
|
return bus.StartCatalogerTask(info, locations, "")
|
|
}
|