Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refine the docs for building a cataloger #2175

Merged
merged 2 commits into from
Oct 9, 2023
Merged

Refine the docs for building a cataloger #2175

merged 2 commits into from
Oct 9, 2023

Conversation

wagoodman
Copy link
Contributor

No description provided.

@wagoodman
refine the docs for building a cataloger
f626ba7 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman force-pushed the massage-building-a-cataloger-docs branch from 209c2a4 to f626ba7 Compare September 25, 2023 20:51
willmurphyscode
willmurphyscode reviewed Sep 26, 2023
View reviewed changes
DEVELOPING.md Outdated
See this [link for an example](https://github.com/anchore/syft/tree/v0.70.0/syft/pkg/cataloger/apkdb/parse_apk_db.go#L22-L102).
Catalogers must fulfill the [`pkg.Cataloger` interface](https://github.com/anchore/syft/tree/v0.70.0/syft/pkg/cataloger.go) in order to add packages to the SBOM.
All catalogers that are implemented in syft should be added to the [global list of catalogers](https://github.com/anchore/syft/blob/9995950c70e849f9921919faffbfcf46401f71f3/syft/pkg/cataloger/cataloger.go#L39-L89),
one list for each kind of scan syft supports --when an author has finished writing a new cataloger this is the spot to plug in the new catalog constructor.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had to read this sentence a couple of times. Maybe something like this:

All catalogers should be added to the global list of all catalogers. Additionally, there are two lists, one of each type of cataloger, and each cataloger should be added to one of those: directory catalogers, image catalogers.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agreed, I've broken this out into bullets for clarity.

willmurphyscode
willmurphyscode reviewed Sep 26, 2023
View reviewed changes
DEVELOPING.md
Metadata Note: Identified packages are also assigned specific metadata that can be unique to their environment.
See [this folder](https://github.com/anchore/syft/tree/v0.70.0/syft/pkg) for examples of the different metadata types.
Identified packages share a common `pkg.Package` struct so be sure that when the new cataloger is constructing a new package it is using the [`Package` struct](https://github.com/anchore/syft/tree/v0.70.0/syft/pkg/package.go#L16-L31).
If you want to return more information than what is available on the `pkg.Package` struct then you can do so in the `pkg.Package.Metadata` section of the struct, which is unique for each [`pkg.Type`](https://github.com/anchore/syft/blob/v0.70.0/syft/pkg/type.go).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sometimes we say "you" and sometimes we say "the author." I think either is fine, but we may want to pick one.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in this doc I don't see any references to author, did you see this in another doc?

willmurphyscode
willmurphyscode reviewed Sep 26, 2023
View reviewed changes
DEVELOPING.md Outdated
- [Calling the APK package constructor from the parser function](https://github.com/anchore/syft/blob/v0.70.0/syft/pkg/cataloger/apkdb/parse_apk_db.go#L106)
- [The APK package constructor itself](https://github.com/anchore/syft/tree/v0.70.0/syft/pkg/cataloger/apkdb/package.go#L12-L27)

Interested in building a new cataloger? Checkout the [list of issues with the `new-cataloger` label](https://github.com/anchore/syft/issues?q=is%3Aopen+is%3Aissue+label%3Anew-cataloger)!
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This link should include the "assigned to nobody" filter to reduce the chances that folks pick up redundant work.

@wagoodman
incorporate comments
f10bde9 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman marked this pull request as ready for review October 6, 2023 18:19
@spiffcs spiffcs merged commit 185d0d1 into main Oct 9, 2023
9 checks passed
@spiffcs spiffcs deleted the massage-building-a-cataloger-docs branch October 9, 2023 17:44
@chenrui333 chenrui333 mentioned this pull request Oct 10, 2023
Merged
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@wagoodman
Refine the docs for building a cataloger (anchore#2175)
5a11d0b 
* refine the docs for building a cataloger

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* incorporate comments

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willmurphyscode willmurphyscode willmurphyscode left review comments

@spiffcs spiffcs spiffcs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wagoodman @willmurphyscode @spiffcs