Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: normalize image id before inserting to map #224

Merged
merged 2 commits into from Aug 17, 2022
Merged

fix: normalize image id before inserting to map #224

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ee758a5
normalize image id before inserting to map
Aug 17, 2022
34a5d03
dont return error
Aug 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion runtime_scan/pkg/scanner/scanner.go
View file
Open in desktop
Expand Up @@ -205,7 +205,7 @@ func (s *Scanner) initScan() error {
// from image name in the `pod.Spec.Containers` we will take only image id from `pod.Status.ContainerStatuses`.
containerNameToImageID := make(map[string]string)
for _, container := range append(pod.Status.ContainerStatuses, pod.Status.InitContainerStatuses...) {
containerNameToImageID[container.Name] = k8sutils.ParseImageID(container.ImageID)
containerNameToImageID[container.Name] = k8sutils.NormalizeImageID(container.ImageID)
}

containers := append(pod.Spec.Containers, pod.Spec.InitContainers...)
Expand Down
13 changes: 10 additions & 3 deletions shared/pkg/utils/k8s/k8s_utils.go
View file
Open in desktop
Expand Up @@ -108,10 +108,17 @@ func ParseImageHash(imageID string) string {
return imageID[index+1:]
}

// ParseImageID remove "docker-pullable://" prefix from imageID if exists
// NormalizeImageID remove "docker-pullable://" prefix from imageID if exists and then normalize it.
// https://github.com/kubernetes/kubernetes/issues/95968
// input: docker-pullable://gcr.io/development-infra-208909/kubeclarity@sha256:6d5d0e4065777eec8237cefac4821702a31cd5b6255483ac50c334c057ffecfa
// output: gcr.io/development-infra-208909/kubeclarity@sha256:6d5d0e4065777eec8237cefac4821702a31cd5b6255483ac50c334c057ffecfa
func ParseImageID(imageID string) string {
return strings.TrimPrefix(imageID, "docker-pullable://")
func NormalizeImageID(imageID string) string {
imageID = strings.TrimPrefix(imageID, "docker-pullable://")

named, err := reference.ParseNormalizedNamed(imageID)
if err != nil {
log.Errorf("Failed to parse image id. image id=%v: %v", imageID, err)
return imageID
}
return named.String()
}
13 changes: 10 additions & 3 deletions shared/pkg/utils/k8s/k8s_utils_test.go
View file
Open in desktop
Expand Up @@ -243,7 +243,7 @@ func TestGetMatchingSecretName(t *testing.T) {
}
}

func TestParseImageID(t *testing.T) {
func TestNormalizeImageID(t *testing.T) {
type args struct {
imageID string
}
Expand All @@ -259,6 +259,13 @@ func TestParseImageID(t *testing.T) {
},
want: "gcr.io/development-infra-208909/kubeclarity@sha256:6d5d0e4065777eec8237cefac4821702a31cd5b6255483ac50c334c057ffecfa",
},
{
name: "image id with docker-pullable prefix - not normalized",
args: args{
imageID: "docker-pullable://mongo@sha256:4200c3073389d5b303070e53ff8f5e4472efb534340d28599458ccc24f378025",
},
want: "docker.io/library/mongo@sha256:4200c3073389d5b303070e53ff8f5e4472efb534340d28599458ccc24f378025",
},
{
name: "image id without docker-pullable prefix",
args: args{
Expand All @@ -276,8 +283,8 @@ func TestParseImageID(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := ParseImageID(tt.args.imageID); got != tt.want {
t.Errorf("ParseImageID() = %v, want %v", got, tt.want)
if got := NormalizeImageID(tt.args.imageID); got != tt.want {
t.Errorf("NormalizeImageID() = %v, want %v", got, tt.want)
}
})
}
Expand Down