Skip to content

Commit

Permalink
Merge pull request #106 from kubescape/incomplete
Browse files Browse the repository at this point in the history 
syft error marks sbom as incomplete, use instanceidhandler.Incomplete
  • Loading branch information
@matthyx
matthyx committed May 9, 2023
2 parents f12bb48 + fc3b5b4 commit 757296d
Show file tree
Hide file tree
Showing 10 changed files with 17 additions and 14 deletions.
2 changes: 1 addition & 1 deletion adapters/mocksbom.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func (m MockSBOMAdapter) CreateSBOM(ctx context.Context, imageID string, _ domai
},
}
if m.timeout {
sbom.Status = domain.SBOMStatusIncomplete
sbom.Status = instanceidhandler.Incomplete
}
return sbom, nil
}
Expand Down
3 changes: 2 additions & 1 deletion adapters/mocksbom_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"testing"

"github.com/kubescape/k8s-interface/instanceidhandler/v1"
"github.com/kubescape/kubevuln/core/domain"
"gotest.tools/v3/assert"
)
Expand All @@ -23,7 +24,7 @@ func TestMockSBOMAdapter_CreateSBOM_Error(t *testing.T) {
func TestMockSBOMAdapter_CreateSBOM_Timeout(t *testing.T) {
m := NewMockSBOMAdapter(false, true)
sbom, _ := m.CreateSBOM(context.TODO(), "image", domain.RegistryOptions{})
assert.Assert(t, sbom.Status == domain.SBOMStatusIncomplete)
assert.Assert(t, sbom.Status == instanceidhandler.Incomplete)
}

func TestMockSBOMAdapter_Version(t *testing.T) {
Expand Down
6 changes: 4 additions & 2 deletions adapters/v1/syft.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ func (s *SyftAdapter) CreateSBOM(ctx context.Context, imageID string, options do
switch {
case errors.Is(err, ErrImageTooLarge):
logger.L().Ctx(ctx).Warning("Image exceeds size limit", helpers.Int("maxImageSize", int(s.maxImageSize)), helpers.String("imageID", imageID))
domainSBOM.Status = domain.SBOMStatusIncomplete
domainSBOM.Status = instanceidhandler.Incomplete
return domainSBOM, nil
case err != nil:
return domainSBOM, err
Expand All @@ -126,11 +126,13 @@ func (s *SyftAdapter) CreateSBOM(ctx context.Context, imageID string, options do
switch err {
case deadline.ErrTimedOut:
logger.L().Ctx(ctx).Warning("Syft timed out", helpers.String("imageID", imageID))
domainSBOM.Status = domain.SBOMStatusIncomplete
domainSBOM.Status = instanceidhandler.Incomplete
return domainSBOM, nil
case nil:
// continue
default:
// also mark as incomplete if we failed to extract packages
domainSBOM.Status = instanceidhandler.Incomplete
return domainSBOM, err
}
// generate SBOM
Expand Down
3 changes: 2 additions & 1 deletion adapters/v1/syft_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (

"github.com/go-test/deep"
"github.com/kinbiko/jsonassert"
"github.com/kubescape/k8s-interface/instanceidhandler/v1"
"github.com/kubescape/kubevuln/core/domain"
"github.com/kubescape/kubevuln/internal/tools"
"gotest.tools/v3/assert"
Expand Down Expand Up @@ -80,7 +81,7 @@ func Test_syftAdapter_CreateSBOM(t *testing.T) {
t.Errorf("CreateSBOM() error = %v, wantErr %v", err, tt.wantErr)
return
}
if tt.wantIncomplete && got.Status != domain.SBOMStatusIncomplete {
if tt.wantIncomplete && got.Status != instanceidhandler.Incomplete {
t.Errorf("CreateSBOM() want incomplete SBOM, got %v", got.Status)
return
}
Expand Down
4 changes: 0 additions & 4 deletions core/domain/sbom.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,6 @@ import (
"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
)

const (
SBOMStatusIncomplete = "incomplete"
)

// SBOM contains an SPDX SBOM in JSON format with some metadata
type SBOM struct {
ID string
Expand Down
5 changes: 3 additions & 2 deletions core/services/scan.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/google/uuid"
"github.com/kubescape/go-logger"
"github.com/kubescape/go-logger/helpers"
"github.com/kubescape/k8s-interface/instanceidhandler/v1"
"github.com/kubescape/kubevuln/core/domain"
"github.com/kubescape/kubevuln/core/ports"
"go.opentelemetry.io/otel"
Expand Down Expand Up @@ -142,7 +143,7 @@ func (s *ScanService) ScanCVE(ctx context.Context) error {
}

// do not process timed out SBOM
if sbom.Status == domain.SBOMStatusIncomplete {
if sbom.Status == instanceidhandler.Incomplete {
return errors.New("SBOM incomplete due to timeout, skipping CVE scan")
}

Expand Down Expand Up @@ -232,7 +233,7 @@ func (s *ScanService) ScanRegistry(ctx context.Context) error {
}

// do not process timed out SBOM
if sbom.Status == domain.SBOMStatusIncomplete {
if sbom.Status == instanceidhandler.Incomplete {
return errors.New("SBOM incomplete due to timeout, skipping CVE scan")
}

Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ require (
github.com/hashicorp/go-multierror v1.1.1
github.com/kinbiko/jsonassert v1.1.1
github.com/kubescape/go-logger v0.0.11
github.com/kubescape/k8s-interface v0.0.122
github.com/kubescape/k8s-interface v0.0.123
github.com/kubescape/storage v0.2.0
github.com/spdx/tools-golang v0.5.0-rc1
github.com/spf13/viper v1.15.0
Expand Down
2 changes: 2 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -681,6 +681,8 @@ github.com/kubescape/k8s-interface v0.0.121 h1:nk9NDuVPo4lWcVU7WDvJCfH6ZM4dE9gTN
github.com/kubescape/k8s-interface v0.0.121/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
github.com/kubescape/k8s-interface v0.0.122 h1:Aq6xf1wq+nl2UtLX6rjFaGULZxES8OlzvXNLQcZk9+0=
github.com/kubescape/k8s-interface v0.0.122/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
github.com/kubescape/k8s-interface v0.0.123 h1:7KjQ1bHoaggzAPcufdT6NZeffyL4t0WWZBoaJ1tCgmY=
github.com/kubescape/k8s-interface v0.0.123/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
github.com/kubescape/storage v0.2.0 h1:WZXy4Dyjf5ltEMtk0SOD9RFL1haS9ffFPGfs1gUV1aM=
github.com/kubescape/storage v0.2.0/go.mod h1:sPE749pFNoxoskBn6JTpNQyguF2rv/u2kYqzRd3MvXw=
github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
Expand Down
2 changes: 1 addition & 1 deletion repositories/apiserver.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@ func (a *APIServerStore) GetSBOM(ctx context.Context, imageID, SBOMCreatorVersio
}

func validateSBOMp(manifest *v1beta1.SBOMSPDXv2p3Filtered) error {
if status, ok := manifest.Annotations[instanceidhandler.StatusMetadataKey]; ok && status == domain.SBOMStatusIncomplete {
if status, ok := manifest.Annotations[instanceidhandler.StatusMetadataKey]; ok && status == instanceidhandler.Incomplete {
return fmt.Errorf("relevant SBOM is incomplete")
}
return nil
Expand Down
2 changes: 1 addition & 1 deletion repositories/apiserver_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ func (a *APIServerStore) storeSBOMp(ctx context.Context, sbom domain.SBOM, incom
manifest.Spec.SPDX = *sbom.Content
}
if incomplete {
manifest.Annotations[instanceidhandler.StatusMetadataKey] = domain.SBOMStatusIncomplete
manifest.Annotations[instanceidhandler.StatusMetadataKey] = instanceidhandler.Incomplete
}
_, err := a.StorageClient.SBOMSPDXv2p3Filtereds(a.Namespace).Create(ctx, &manifest, metav1.CreateOptions{})
return err
Expand Down

0 comments on commit 757296d

Please sign in to comment.