Skip to content

Commit

Permalink
Merge f80ff1a into cf07a79
Browse files Browse the repository at this point in the history
  • Loading branch information
@matthyx
matthyx committed Mar 29, 2023
2 parents cf07a79 + f80ff1a commit 6d53c82
Show file tree
Hide file tree
Showing 6 changed files with 23 additions and 12 deletions.
4 changes: 4 additions & 0 deletions adapters/v1/grype_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@ import (
"context"
"encoding/json"
"net/http"
"path"
"testing"
"time"

"github.com/adrg/xdg"
"github.com/google/uuid"
"github.com/kinbiko/jsonassert"
"github.com/kubescape/kubevuln/core/domain"
Expand All @@ -19,6 +21,7 @@ func Test_grypeAdapter_DBVersion(t *testing.T) {
ctx := context.TODO()
go http.ListenAndServe(":8000", http.FileServer(http.Dir("testdata")))
g := NewGrypeAdapter()
g.dbConfig.DBRootDir = path.Join(xdg.CacheHome, "grype-light", "db")
g.dbConfig.ListingURL = "http://localhost:8000/listing.json"
g.Ready(ctx) // need to call ready to load the DB
version := g.DBVersion(ctx)
Expand Down Expand Up @@ -65,6 +68,7 @@ func Test_grypeAdapter_ScanSBOM(t *testing.T) {
ctx = context.WithValue(ctx, domain.ScanIDKey{}, uuid.New().String())
ctx = context.WithValue(ctx, domain.WorkloadKey{}, domain.ScanCommand{})
g := NewGrypeAdapter()
g.dbConfig.DBRootDir = path.Join(xdg.CacheHome, "grype-light", "db")
g.dbConfig.ListingURL = "http://localhost:8000/listing.json"
g.Ready(ctx) // need to call ready to load the DB
got, err := g.ScanSBOM(ctx, tt.sbom)
Expand Down
4 changes: 0 additions & 4 deletions core/domain/sbom.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,6 @@ import (
)

const (
ImageTagKey = "kubescape.io/image-tag"
InstanceIDKey = "kubescape.io/instance-id"
StatusKey = "kubescape.io/status"
WlidKey = "kubescape.io/wlid"
SBOMStatusTimedOut = "timed out"
)

Expand Down
2 changes: 2 additions & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ require (
github.com/hashicorp/go-multierror v1.1.1
github.com/kinbiko/jsonassert v1.1.1
github.com/kubescape/go-logger v0.0.11
github.com/kubescape/k8s-interface v0.0.116
github.com/kubescape/storage v0.2.0
github.com/spdx/tools-golang v0.5.0-rc1
github.com/spf13/viper v1.15.0
Expand Down Expand Up @@ -233,6 +234,7 @@ require (
modernc.org/sqlite v1.17.3 // indirect
modernc.org/strutil v1.1.1 // indirect
modernc.org/token v1.0.0 // indirect
sigs.k8s.io/controller-runtime v0.12.3 // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
Expand Down
7 changes: 7 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -412,6 +412,7 @@ github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk=
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
github.com/go-openapi/jsonreference v0.20.1 h1:FBLnyygC4/IZZr893oiomc9XaghoveYTrLC1F86HID8=
Expand Down Expand Up @@ -672,6 +673,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/kubescape/go-logger v0.0.11 h1:oucpq2S7+DT7O+UclG5IrmHado/tj6+IkYf9czVk/aY=
github.com/kubescape/go-logger v0.0.11/go.mod h1:yGiKBJ2lhq/kxzY/MVYDREL9fLV3RGD6gv+UFjslaew=
github.com/kubescape/k8s-interface v0.0.116 h1:Sn76gsMLAArc5kbHZVoRMS6QlM4mOz9Dolpym9BOul8=
github.com/kubescape/k8s-interface v0.0.116/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
github.com/kubescape/storage v0.2.0 h1:WZXy4Dyjf5ltEMtk0SOD9RFL1haS9ffFPGfs1gUV1aM=
github.com/kubescape/storage v0.2.0/go.mod h1:sPE749pFNoxoskBn6JTpNQyguF2rv/u2kYqzRd3MvXw=
github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
Expand Down Expand Up @@ -753,6 +756,7 @@ github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJE
github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
github.com/nwaples/rardecode v1.1.0 h1:vSxaY8vQhOcVr4mm5e8XllHWTiM4JF507A0Katqw7MQ=
github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
Expand Down Expand Up @@ -1611,6 +1615,7 @@ gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
Expand Down Expand Up @@ -1693,6 +1698,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
schneider.vip/problem v1.8.1 h1:oAgLMu286aNHgvjuoR1PowYx+7hyBUjyzbrFPR1dEMI=
schneider.vip/problem v1.8.1/go.mod h1:6hLRfO1e1MQWdG23Kl5b3Yp5FSexE+YiGVqCkAp3HUQ=
sigs.k8s.io/controller-runtime v0.12.3 h1:FCM8xeY/FI8hoAfh/V4XbbYMY20gElh9yh+A98usMio=
sigs.k8s.io/controller-runtime v0.12.3/go.mod h1:qKsk4WE6zW2Hfj0G4v10EnNB2jMG1C+NTb8h+DwCoU0=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
Expand Down
15 changes: 8 additions & 7 deletions repositories/apiserver.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/distribution/distribution/reference"
"github.com/kubescape/go-logger"
"github.com/kubescape/go-logger/helpers"
"github.com/kubescape/k8s-interface/instanceidhandler/v1"
"github.com/kubescape/kubevuln/core/domain"
"github.com/kubescape/kubevuln/core/ports"
"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
Expand Down Expand Up @@ -106,10 +107,10 @@ func (a *APIServerStore) StoreCVE(ctx context.Context, cve domain.CVEManifest, w
name := hashFromImageID(cve.ID)
annotations := make(map[string]string)
if withRelevancy {
annotations[domain.InstanceIDKey] = cve.ID
annotations[domain.WlidKey] = cve.Wlid
annotations[instanceidhandler.InstanceIDAnnotationKey] = cve.ID
annotations[instanceidhandler.WlidAnnotationKey] = cve.Wlid
} else {
annotations[domain.ImageTagKey] = cve.ID
annotations[instanceidhandler.ImageTagAnnotationKey] = cve.ID
}
manifest := v1beta1.VulnerabilityManifest{
ObjectMeta: metav1.ObjectMeta{
Expand Down Expand Up @@ -171,7 +172,7 @@ func (a *APIServerStore) GetSBOM(ctx context.Context, imageID, SBOMCreatorVersio
SBOMCreatorVersion: SBOMCreatorVersion,
Content: &manifest.Spec.SPDX,
}
if status, ok := manifest.Annotations[domain.StatusKey]; ok {
if status, ok := manifest.Annotations[instanceidhandler.StatusAnnotationKey]; ok {
result.Status = status
}
logger.L().Debug("got SBOM from storage", helpers.String("ID", imageID))
Expand Down Expand Up @@ -205,7 +206,7 @@ func (a *APIServerStore) GetSBOMp(ctx context.Context, instanceID, SBOMCreatorVe
Content: &manifest.Spec.SPDX,
Labels: manifest.Labels,
}
if status, ok := manifest.Annotations[domain.StatusKey]; ok {
if status, ok := manifest.Annotations[instanceidhandler.StatusAnnotationKey]; ok {
result.Status = status
}
logger.L().Debug("got relevant SBOM from storage", helpers.String("ID", instanceID))
Expand All @@ -223,8 +224,8 @@ func (a *APIServerStore) StoreSBOM(ctx context.Context, sbom domain.SBOM) error
ObjectMeta: metav1.ObjectMeta{
Name: hashFromImageID(sbom.ID),
Annotations: map[string]string{
domain.ImageTagKey: sbom.ID,
domain.StatusKey: sbom.Status,
instanceidhandler.ImageTagAnnotationKey: sbom.ID,
instanceidhandler.StatusAnnotationKey: sbom.Status,
},
},
Spec: v1beta1.SBOMSPDXv2p3Spec{
Expand Down
3 changes: 2 additions & 1 deletion repositories/apiserver_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"testing"
"time"

"github.com/kubescape/k8s-interface/instanceidhandler/v1"
"github.com/kubescape/kubevuln/core/domain"
"github.com/kubescape/kubevuln/internal/tools"
"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
Expand All @@ -20,7 +21,7 @@ func (a *APIServerStore) storeSBOMp(ctx context.Context, sbom domain.SBOM) error
ObjectMeta: metav1.ObjectMeta{
Name: sbom.ID,
Annotations: map[string]string{
domain.StatusKey: sbom.Status,
instanceidhandler.StatusAnnotationKey: sbom.Status,
},
},
Spec: v1beta1.SBOMSPDXv2p3Spec{
Expand Down

0 comments on commit 6d53c82

Please sign in to comment.