From 8524d7c46a8ae72ab3eae5a245963cac24163abb Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 10 Aug 2024 15:19:45 +0300 Subject: [PATCH 1/8] add enable to files cataloger Signed-off-by: tomersein --- cmd/syft/internal/options/catalog.go | 1 + cmd/syft/internal/options/file.go | 2 ++ syft/cataloging/filecataloging/config.go | 1 + syft/create_sbom_config.go | 25 ++++++++++++------------ syft/format/syftjson/encoder.go | 10 ++++++---- syft/sbom/sbom.go | 8 +++++--- 6 files changed, 28 insertions(+), 19 deletions(-) diff --git a/cmd/syft/internal/options/catalog.go b/cmd/syft/internal/options/catalog.go index 99359abec51..06f74ca1dda 100644 --- a/cmd/syft/internal/options/catalog.go +++ b/cmd/syft/internal/options/catalog.go @@ -109,6 +109,7 @@ func (cfg Catalog) ToFilesConfig() filecataloging.Config { } return filecataloging.Config{ + Enabled: cfg.File.Enabled, Selection: cfg.File.Metadata.Selection, Hashers: hashers, Content: filecontent.Config{ diff --git a/cmd/syft/internal/options/file.go b/cmd/syft/internal/options/file.go index 6ac9c8d2ba3..18fa7d86d2d 100644 --- a/cmd/syft/internal/options/file.go +++ b/cmd/syft/internal/options/file.go @@ -12,6 +12,7 @@ import ( ) type fileConfig struct { + Enabled bool `yaml:"enabled" json:"enabled" mapstructure:"enabled"` Metadata fileMetadata `yaml:"metadata" json:"metadata" mapstructure:"metadata"` Content fileContent `yaml:"content" json:"content" mapstructure:"content"` Executable fileExecutable `yaml:"executable" json:"executable" mapstructure:"executable"` @@ -33,6 +34,7 @@ type fileExecutable struct { func defaultFileConfig() fileConfig { return fileConfig{ + Enabled: true, Metadata: fileMetadata{ Selection: file.FilesOwnedByPackageSelection, Digests: []string{"sha1", "sha256"}, diff --git a/syft/cataloging/filecataloging/config.go b/syft/cataloging/filecataloging/config.go index cc639c2f17b..ba36fbfa265 100644 --- a/syft/cataloging/filecataloging/config.go +++ b/syft/cataloging/filecataloging/config.go @@ -14,6 +14,7 @@ import ( ) type Config struct { + Enabled bool `yaml:"enabled" json:"enabled" mapstructure:"enabled"` Selection file.Selection `yaml:"selection" json:"selection" mapstructure:"selection"` Hashers []crypto.Hash `yaml:"hashers" json:"hashers" mapstructure:"hashers"` Content filecontent.Config `yaml:"content" json:"content" mapstructure:"content"` diff --git a/syft/create_sbom_config.go b/syft/create_sbom_config.go index 1f7deb18d72..998e9c5ed01 100644 --- a/syft/create_sbom_config.go +++ b/syft/create_sbom_config.go @@ -201,18 +201,19 @@ func (c *CreateSBOMConfig) makeTaskGroups(src source.Description) ([][]task.Task // fileTasks returns the set of tasks that should be run to catalog files. func (c *CreateSBOMConfig) fileTasks() []task.Task { var tsks []task.Task - - if t := task.NewFileDigestCatalogerTask(c.Files.Selection, c.Files.Hashers...); t != nil { - tsks = append(tsks, t) - } - if t := task.NewFileMetadataCatalogerTask(c.Files.Selection); t != nil { - tsks = append(tsks, t) - } - if t := task.NewFileContentCatalogerTask(c.Files.Content); t != nil { - tsks = append(tsks, t) - } - if t := task.NewExecutableCatalogerTask(c.Files.Selection, c.Files.Executable); t != nil { - tsks = append(tsks, t) + if c.Files.Enabled { + if t := task.NewFileDigestCatalogerTask(c.Files.Selection, c.Files.Hashers...); t != nil { + tsks = append(tsks, t) + } + if t := task.NewFileMetadataCatalogerTask(c.Files.Selection); t != nil { + tsks = append(tsks, t) + } + if t := task.NewFileContentCatalogerTask(c.Files.Content); t != nil { + tsks = append(tsks, t) + } + if t := task.NewExecutableCatalogerTask(c.Files.Selection, c.Files.Executable); t != nil { + tsks = append(tsks, t) + } } return tsks diff --git a/syft/format/syftjson/encoder.go b/syft/format/syftjson/encoder.go index 8427dd7cad5..b3b3fa2b4e1 100644 --- a/syft/format/syftjson/encoder.go +++ b/syft/format/syftjson/encoder.go @@ -13,8 +13,9 @@ var _ sbom.FormatEncoder = (*encoder)(nil) const ID sbom.FormatID = "syft-json" type EncoderConfig struct { - Legacy bool // transform the output to the legacy syft-json format (pre v1.0 changes, enumerated in the README.md) - Pretty bool // don't include spaces and newlines; same as jq -c + Legacy bool // transform the output to the legacy syft-json format (pre v1.0 changes, enumerated in the README.md) + Pretty bool // don't include spaces and newlines; same as jq -c + IncludeFiles bool } type encoder struct { @@ -37,8 +38,9 @@ func NewFormatEncoderWithConfig(cfg EncoderConfig) (sbom.FormatEncoder, error) { func DefaultEncoderConfig() EncoderConfig { return EncoderConfig{ - Legacy: false, - Pretty: false, + Legacy: false, + Pretty: false, + IncludeFiles: true, } } diff --git a/syft/sbom/sbom.go b/syft/sbom/sbom.go index ba3f95f3d46..46ee2dc2846 100644 --- a/syft/sbom/sbom.go +++ b/syft/sbom/sbom.go @@ -62,9 +62,11 @@ func (s SBOM) AllCoordinates() []file.Coordinates { for coordinates := range s.Artifacts.FileDigests { set.Add(coordinates) } - for _, relationship := range s.Relationships { - for _, coordinates := range extractCoordinates(relationship) { - set.Add(coordinates) + if len(set.ToSlice()) > 0 { + for _, relationship := range s.Relationships { + for _, coordinates := range extractCoordinates(relationship) { + set.Add(coordinates) + } } } return set.ToSlice() From 6bd156096f58909126085e39277dc41f57be5183 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 10 Aug 2024 15:25:16 +0300 Subject: [PATCH 2/8] add enable to files cataloger Signed-off-by: tomersein --- syft/format/syftjson/encoder.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/syft/format/syftjson/encoder.go b/syft/format/syftjson/encoder.go index b3b3fa2b4e1..045e8866129 100644 --- a/syft/format/syftjson/encoder.go +++ b/syft/format/syftjson/encoder.go @@ -38,9 +38,8 @@ func NewFormatEncoderWithConfig(cfg EncoderConfig) (sbom.FormatEncoder, error) { func DefaultEncoderConfig() EncoderConfig { return EncoderConfig{ - Legacy: false, - Pretty: false, - IncludeFiles: true, + Legacy: false, + Pretty: false, } } From 18590916baca65c61029430dc8f977d95f0812f9 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 10 Aug 2024 15:26:22 +0300 Subject: [PATCH 3/8] add enable to files cataloger Signed-off-by: tomersein --- syft/format/syftjson/encoder.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/syft/format/syftjson/encoder.go b/syft/format/syftjson/encoder.go index 045e8866129..8427dd7cad5 100644 --- a/syft/format/syftjson/encoder.go +++ b/syft/format/syftjson/encoder.go @@ -13,9 +13,8 @@ var _ sbom.FormatEncoder = (*encoder)(nil) const ID sbom.FormatID = "syft-json" type EncoderConfig struct { - Legacy bool // transform the output to the legacy syft-json format (pre v1.0 changes, enumerated in the README.md) - Pretty bool // don't include spaces and newlines; same as jq -c - IncludeFiles bool + Legacy bool // transform the output to the legacy syft-json format (pre v1.0 changes, enumerated in the README.md) + Pretty bool // don't include spaces and newlines; same as jq -c } type encoder struct { From 82b3d2e8746c77580399e4020352c95db3eb7565 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sun, 11 Aug 2024 17:30:44 +0300 Subject: [PATCH 4/8] sss --- Taskfile.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Taskfile.yaml b/Taskfile.yaml index c0a8bc33402..0637c109de7 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -185,7 +185,8 @@ tasks: - fixtures vars: TEST_PKGS: - sh: "go list ./... | grep -v {{ .OWNER }}/{{ .PROJECT }}/test | grep -v {{ .OWNER }}/{{ .PROJECT }}/cmd/syft/internal/test | tr '\n' ' '" + sh: "go test syft/pkg/cataloger/redhat/parse_rpm_archive_test.go" + # sh: "go list ./... | grep -v {{ .OWNER }}/{{ .PROJECT }}/test | grep -v {{ .OWNER }}/{{ .PROJECT }}/cmd/syft/internal/test | tr '\n' ' '" # unit test coverage threshold (in % coverage) COVERAGE_THRESHOLD: 62 From 8f526105927c5be750847cdbae8a6c0b1c3ddda6 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 17 Aug 2024 12:20:51 +0300 Subject: [PATCH 5/8] fix none in files Signed-off-by: tomersein --- syft/cataloging/filecataloging/config.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/syft/cataloging/filecataloging/config.go b/syft/cataloging/filecataloging/config.go index ba36fbfa265..2dd37e84c11 100644 --- a/syft/cataloging/filecataloging/config.go +++ b/syft/cataloging/filecataloging/config.go @@ -22,6 +22,7 @@ type Config struct { } type configMarshaledForm struct { + Enabled bool `yaml:"enabled" json:"enabled" mapstructure:"enabled"` Selection file.Selection `yaml:"selection" json:"selection" mapstructure:"selection"` Hashers []string `yaml:"hashers" json:"hashers" mapstructure:"hashers"` Content filecontent.Config `yaml:"content" json:"content" mapstructure:"content"` @@ -33,6 +34,7 @@ func DefaultConfig() Config { log.WithFields("error", err).Warn("unable to create file hashers") } return Config{ + Enabled: true, Selection: file.FilesOwnedByPackageSelection, Hashers: hashers, Content: filecontent.DefaultConfig(), @@ -42,6 +44,7 @@ func DefaultConfig() Config { func (cfg Config) MarshalJSON() ([]byte, error) { marshaled := configMarshaledForm{ + Enabled: cfg.Enabled, Selection: cfg.Selection, Hashers: hashersToString(cfg.Hashers), } From a8896d4745dbd81c7396857e674bea091bff9b86 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 17 Aug 2024 12:31:46 +0300 Subject: [PATCH 6/8] fix none in files Signed-off-by: tomersein --- syft/cataloging/filecataloging/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/syft/cataloging/filecataloging/config.go b/syft/cataloging/filecataloging/config.go index 2dd37e84c11..8d571ff12b3 100644 --- a/syft/cataloging/filecataloging/config.go +++ b/syft/cataloging/filecataloging/config.go @@ -34,7 +34,7 @@ func DefaultConfig() Config { log.WithFields("error", err).Warn("unable to create file hashers") } return Config{ - Enabled: true, + Enabled: false, Selection: file.FilesOwnedByPackageSelection, Hashers: hashers, Content: filecontent.DefaultConfig(), From 927123955454e96d5e9cba9fba1b54098e500792 Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 17 Aug 2024 12:31:57 +0300 Subject: [PATCH 7/8] fix none in files Signed-off-by: tomersein --- syft/cataloging/filecataloging/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/syft/cataloging/filecataloging/config.go b/syft/cataloging/filecataloging/config.go index 8d571ff12b3..2dd37e84c11 100644 --- a/syft/cataloging/filecataloging/config.go +++ b/syft/cataloging/filecataloging/config.go @@ -34,7 +34,7 @@ func DefaultConfig() Config { log.WithFields("error", err).Warn("unable to create file hashers") } return Config{ - Enabled: false, + Enabled: true, Selection: file.FilesOwnedByPackageSelection, Hashers: hashers, Content: filecontent.DefaultConfig(), From 07511aa4f5474d363db2f1bda4020c061130578b Mon Sep 17 00:00:00 2001 From: tomersein Date: Sat, 17 Aug 2024 12:40:18 +0300 Subject: [PATCH 8/8] fix none in files Signed-off-by: tomersein --- Taskfile.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Taskfile.yaml b/Taskfile.yaml index 0637c109de7..c0a8bc33402 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -185,8 +185,7 @@ tasks: - fixtures vars: TEST_PKGS: - sh: "go test syft/pkg/cataloger/redhat/parse_rpm_archive_test.go" - # sh: "go list ./... | grep -v {{ .OWNER }}/{{ .PROJECT }}/test | grep -v {{ .OWNER }}/{{ .PROJECT }}/cmd/syft/internal/test | tr '\n' ' '" + sh: "go list ./... | grep -v {{ .OWNER }}/{{ .PROJECT }}/test | grep -v {{ .OWNER }}/{{ .PROJECT }}/cmd/syft/internal/test | tr '\n' ' '" # unit test coverage threshold (in % coverage) COVERAGE_THRESHOLD: 62