Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass correct output file #1391

Merged
merged 1 commit into from
Jul 17, 2023
Merged

Pass correct output file #1391

merged 1 commit into from
Jul 17, 2023

Conversation

willmurphyscode
Copy link
Contributor

@willmurphyscode willmurphyscode commented Jul 17, 2023
edited
Loading

Previously, the wrong path would get passed, and the template file would get truncated.

Fixes #1388

Manual testing done:

❯ go run cmd/grype/main.go -o template=foo.csv -o json -t templates/csv.tmpl alpine:latest
 ✔ Vulnerability DB                [no update available]  
 ✔ Loaded image                                                                                                                                                                                               alpine:latest
 ✔ Parsed image                                                                                                                                     sha256:5053b247d78b5e43b5543fec77c856ce70b8dc705d9f38336fa77736f25ff47c
 ✔ Cataloged packages              [16 packages]  
 ✔ Scanned for vulnerabilities     [2 vulnerabilities]  
   ├── 0 critical, 0 high, 0 medium, 0 low, 0 negligible (2 unknown)
   └── 2 fixed
# json got written to stdout:
{
 "matches": [
  {
   "vulnerability": {
    "id": "CVE-2023-2975",
    "dataSource": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2975",
    "namespace": "alpine:distro:alpine:3.18",
    "severity": "Unknown",
    "urls": [
... snip
# csv got written
❯ cat foo.csv 
"Package","Version Installed","Vulnerability ID","Severity"
"libcrypto3","3.1.1-r1","CVE-2023-2975","Unknown"
"libssl3","3.1.1-r1","CVE-2023-2975","Unknown"
# template file used did not get truncated
❯ cat templates/csv.tmpl 
"Package","Version Installed","Vulnerability ID","Severity"
{{- range .Matches}}
"{{.Artifact.Name}}","{{.Artifact.Version}}","{{.Vulnerability.ID}}","{{.Vulnerability.Severity}}"
{{- end}}

Testing that --file still works

 go run cmd/grype/main.go -o template=foo.csv -o json --file test.json -t templates/csv.tmpl alpine:latest
 ✔ Vulnerability DB                [no update available]  
 ✔ Loaded image                                                                                                                                                                                               alpine:latest
 ✔ Parsed image                                                                                                                                     sha256:5053b247d78b5e43b5543fec77c856ce70b8dc705d9f38336fa77736f25ff47c
 ✔ Cataloged packages              [16 packages]  
 ✔ Scanned for vulnerabilities     [2 vulnerabilities]  
   ├── 0 critical, 0 high, 0 medium, 0 low, 0 negligible (2 unknown)
   └── 2 fixed

❯ head test.json 
{
 "matches": [
  {
   "vulnerability": {
    "id": "CVE-2023-2975",
    "dataSource": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2975",
    "namespace": "alpine:distro:alpine:3.18",
    "severity": "Unknown",
    "urls": [
     "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2975"

❯ head foo.csv 
"Package","Version Installed","Vulnerability ID","Severity"
"libcrypto3","3.1.1-r1","CVE-2023-2975","Unknown"
"libssl3","3.1.1-r1","CVE-2023-2975","Unknown"

@willmurphyscode
Pass correct output file
7dfd8bd 
Previously, the wrong path would get passed, and the template file would
get truncated.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
kzantow
kzantow approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@willmurphyscode willmurphyscode merged commit 43bcf30 into main Jul 17, 2023
9 checks passed
@willmurphyscode willmurphyscode deleted the fix-1388 branch July 17, 2023 20:16
@chenrui333 chenrui333 mentioned this pull request Jul 17, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

grype v0.64.0 template zeroes the template content
2 participants
@willmurphyscode @kzantow