From 7d92b7c39008f4ef68b84eb238bd164fbaee4f93 Mon Sep 17 00:00:00 2001 From: Checkmarx Automation Date: Wed, 9 Jul 2025 14:02:39 +0300 Subject: [PATCH] Update go.mod and go.sum to bump containers-syft-packages-extractor to v1.0.13 and modify containerScanner to use AnalyzeImagesWithPlatform method --- go.mod | 2 +- go.sum | 4 ++-- pkg/containerResolver/containerScanner.go | 2 +- pkg/containerResolver/containerScanner_test.go | 11 ++++++++--- 4 files changed, 12 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index fec681e..53444ee 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.24.1 require ( github.com/Checkmarx/containers-images-extractor v1.0.9 - github.com/Checkmarx/containers-syft-packages-extractor v1.0.12 + github.com/Checkmarx/containers-syft-packages-extractor v1.0.13 github.com/Checkmarx/containers-types v1.0.3 github.com/rs/zerolog v1.34.0 github.com/stretchr/testify v1.10.0 diff --git a/go.sum b/go.sum index 65d666b..d576e4e 100644 --- a/go.sum +++ b/go.sum @@ -63,8 +63,8 @@ github.com/BurntSushi/toml v1.5.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Checkmarx/containers-images-extractor v1.0.9 h1:+Qe5yWiI43icWg2HDg7C4Xsp5qb5iaryQXUFKvwVDq4= github.com/Checkmarx/containers-images-extractor v1.0.9/go.mod h1:KqOq3DUekL9VbklOVgTdZJC/+KLOYdfEoCSY/SWHdxU= -github.com/Checkmarx/containers-syft-packages-extractor v1.0.12 h1:BgLMkqu0hfoVRoc9/h6Trf6qXoVnAYgOH3Oar78PWPg= -github.com/Checkmarx/containers-syft-packages-extractor v1.0.12/go.mod h1:EFeB4//lO4KMVj9+eMg6z5jnO9F1e1T4jUoIcx0/19M= +github.com/Checkmarx/containers-syft-packages-extractor v1.0.13 h1:9ah0rruMGgRiug/bD/JJDSrDqEqS7sKGVdc5sqbkwk8= +github.com/Checkmarx/containers-syft-packages-extractor v1.0.13/go.mod h1:EFeB4//lO4KMVj9+eMg6z5jnO9F1e1T4jUoIcx0/19M= github.com/Checkmarx/containers-types v1.0.3 h1:srk+RQnyPXyFKmVHA6P9SQZAtjczyndZ1aa0CWF/6/0= github.com/Checkmarx/containers-types v1.0.3/go.mod h1:F13rfevriqYHR+0ahk3W9H8uLK0Msbts012f1pIxJb0= github.com/CycloneDX/cyclonedx-go v0.9.2 h1:688QHn2X/5nRezKe2ueIVCt+NRqf7fl3AVQk+vaFcIo= diff --git a/pkg/containerResolver/containerScanner.go b/pkg/containerResolver/containerScanner.go index 392363d..60fe77c 100644 --- a/pkg/containerResolver/containerScanner.go +++ b/pkg/containerResolver/containerScanner.go @@ -56,7 +56,7 @@ func (cr *ContainersResolver) Resolve(scanPath string, resolutionFolderPath stri } //4. get images resolution - resolutionResult, err := cr.AnalyzeImages(imagesToAnalyze) + resolutionResult, err := cr.AnalyzeImagesWithPlatform(imagesToAnalyze, "linux/amd64") if err != nil { log.Err(err).Msg("Could not analyze images.") return err diff --git a/pkg/containerResolver/containerScanner_test.go b/pkg/containerResolver/containerScanner_test.go index 846dead..26da2cb 100644 --- a/pkg/containerResolver/containerScanner_test.go +++ b/pkg/containerResolver/containerScanner_test.go @@ -45,6 +45,11 @@ func (m *MockSyftPackagesExtractor) AnalyzeImages(images []types.ImageModel) ([] return args.Get(0).([]*syftPackagesExtractor.ContainerResolution), args.Error(1) } +func (m *MockSyftPackagesExtractor) AnalyzeImagesWithPlatform(images []types.ImageModel, platform string) ([]*syftPackagesExtractor.ContainerResolution, error) { + args := m.Called(images, platform) + return args.Get(0).([]*syftPackagesExtractor.ContainerResolution), args.Error(1) +} + func createTestFolder(dir string) { // Create the directory if it doesn't exist if _, err := os.Stat(dir); os.IsNotExist(err) { @@ -130,7 +135,7 @@ func TestResolve(t *testing.T) { types.ToImageModels(images), map[string]map[string]string{"settings.json": {"key": "value"}}). Return([]types.ImageModel{{Name: "image1"}}, nil) - mockSyftPackagesExtractor.On("AnalyzeImages", mock.Anything).Return(expectedResolution, nil) + mockSyftPackagesExtractor.On("AnalyzeImagesWithPlatform", mock.Anything, mock.Anything).Return(expectedResolution, nil) mockImagesExtractor.On("SaveObjectToFile", checkmarxPath, expectedResolution).Return(nil) err := resolver.Resolve(scanPath, resolutionFolderPath, images, true) @@ -138,7 +143,7 @@ func TestResolve(t *testing.T) { mockImagesExtractor.AssertCalled(t, "ExtractFiles", scanPath) mockImagesExtractor.AssertCalled(t, "ExtractAndMergeImagesFromFiles", sampleFileImages, mock.Anything, mock.Anything) - mockSyftPackagesExtractor.AssertCalled(t, "AnalyzeImages", mock.Anything) + mockSyftPackagesExtractor.AssertCalled(t, "AnalyzeImagesWithPlatform", mock.Anything, "linux/amd64") mockImagesExtractor.AssertCalled(t, "SaveObjectToFile", checkmarxPath, expectedResolution) }) @@ -184,7 +189,7 @@ func TestResolve(t *testing.T) { map[string]map[string]string{"settings.json": {"key": "value"}}). Return([]types.ImageModel{{Name: "image1"}}, nil) - mockSyftPackagesExtractor.On("AnalyzeImages", mock.Anything).Return(expectedResolution, errors.New("error analyzing images")) + mockSyftPackagesExtractor.On("AnalyzeImagesWithPlatform", mock.Anything, "linux/amd64").Return(expectedResolution, errors.New("error analyzing images")) err := resolver.Resolve(scanPath, resolutionFolderPath, images, false) assert.Error(t, err)