mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
b0ab75fd89
* remove existing cataloging API Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add file cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package cataloging config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add configs for cross-cutting concerns Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename CLI option configs to not require import aliases later Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update all nested structs for the Catalog struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update Catalog cli options - add new cataloger selection options (selection and default) - remove the excludeBinaryOverlapByOwnership - deprecate "catalogers" flag - add new javascript configuration Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * migrate relationship capabilities to separate internal package Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor golang cataloger to use configuration options when creating packages Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create internal object to facilitate reading from and writing to an SBOM Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * create a command-like object (task) to facilitate partial SBOM creation Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add cataloger selection capability - be able to parse string expressions into a set of resolved actions against sets - be able to use expressions to select/add/remove tasks to/from the final set of tasks to run Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add package, file, and environment related tasks Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update existing file catalogers to use nested UI elements Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOMConfig that drives the SBOM creation process Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * capture SBOM creation info as a struct Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add CreateSBOM() function Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update docs with SBOM selection help + breaking changes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix multiple override default inputs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix deprecation flag printing to stdout Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * refactor cataloger selection description to separate object Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * keep expression errors and show specific suggestions only Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address additional review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * address more review comments Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * addressed additional PR review feedback Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix file selection references Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove guess language data generation option Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add tests for coordinatesForSelection Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename relationship attributes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add descriptions to relationships config fields Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * improve documentation around configuration options Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add explicit errors around legacy config entries Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
92 lines
2.7 KiB
Go
92 lines
2.7 KiB
Go
package integration
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/anchore/clio"
|
|
"github.com/anchore/stereoscope/pkg/imagetest"
|
|
"github.com/anchore/syft/cmd/syft/cli/options"
|
|
"github.com/anchore/syft/syft"
|
|
"github.com/anchore/syft/syft/cataloging/pkgcataloging"
|
|
"github.com/anchore/syft/syft/sbom"
|
|
"github.com/anchore/syft/syft/source"
|
|
)
|
|
|
|
func catalogFixtureImage(t *testing.T, fixtureImageName string, scope source.Scope, catalogerSelection ...string) (sbom.SBOM, source.Source) {
|
|
cfg := options.DefaultCatalog().ToSBOMConfig(clio.Identification{
|
|
Name: "syft-tester",
|
|
Version: "v0.99.0",
|
|
}).WithCatalogerSelection(
|
|
pkgcataloging.NewSelectionRequest().
|
|
WithExpression(catalogerSelection...),
|
|
)
|
|
cfg.Search.Scope = scope
|
|
|
|
return catalogFixtureImageWithConfig(t, fixtureImageName, cfg)
|
|
}
|
|
|
|
func catalogFixtureImageWithConfig(t *testing.T, fixtureImageName string, cfg *syft.CreateSBOMConfig) (sbom.SBOM, source.Source) {
|
|
cfg.CatalogerSelection = cfg.CatalogerSelection.WithDefaults(pkgcataloging.ImageTag)
|
|
|
|
// get the fixture image tar file
|
|
imagetest.GetFixtureImage(t, "docker-archive", fixtureImageName)
|
|
tarPath := imagetest.GetFixtureImageTarPath(t, fixtureImageName)
|
|
userInput := "docker-archive:" + tarPath
|
|
|
|
// get the source to build an SBOM against
|
|
detection, err := source.Detect(userInput, source.DefaultDetectConfig())
|
|
require.NoError(t, err)
|
|
|
|
theSource, err := detection.NewSource(source.DefaultDetectionSourceConfig())
|
|
require.NoError(t, err)
|
|
|
|
t.Cleanup(func() {
|
|
theSource.Close()
|
|
})
|
|
|
|
s, err := syft.CreateSBOM(context.Background(), theSource, cfg)
|
|
|
|
require.NoError(t, err)
|
|
require.NotNil(t, s)
|
|
|
|
return *s, theSource
|
|
}
|
|
|
|
func catalogDirectory(t *testing.T, dir string, catalogerSelection ...string) (sbom.SBOM, source.Source) {
|
|
cfg := options.DefaultCatalog().ToSBOMConfig(clio.Identification{
|
|
Name: "syft-tester",
|
|
Version: "v0.99.0",
|
|
}).WithCatalogerSelection(
|
|
pkgcataloging.NewSelectionRequest().
|
|
WithExpression(catalogerSelection...),
|
|
)
|
|
|
|
return catalogDirectoryWithConfig(t, dir, cfg)
|
|
}
|
|
|
|
func catalogDirectoryWithConfig(t *testing.T, dir string, cfg *syft.CreateSBOMConfig) (sbom.SBOM, source.Source) {
|
|
cfg.CatalogerSelection = cfg.CatalogerSelection.WithDefaults(pkgcataloging.DirectoryTag)
|
|
|
|
// get the source to build an sbom against
|
|
userInput := "dir:" + dir
|
|
detection, err := source.Detect(userInput, source.DefaultDetectConfig())
|
|
require.NoError(t, err)
|
|
|
|
theSource, err := detection.NewSource(source.DefaultDetectionSourceConfig())
|
|
require.NoError(t, err)
|
|
t.Cleanup(func() {
|
|
theSource.Close()
|
|
})
|
|
|
|
// build the SBOM
|
|
s, err := syft.CreateSBOM(context.Background(), theSource, cfg)
|
|
|
|
require.NoError(t, err)
|
|
require.NotNil(t, s)
|
|
|
|
return *s, theSource
|
|
}
|