-
Notifications
You must be signed in to change notification settings - Fork 85
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
ldelossa
committed
Jan 21, 2020
1 parent
04cb83a
commit c80c903
Showing
3 changed files
with
162 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package aws | ||
|
||
import ( | ||
"bytes" | ||
"testing" | ||
|
||
"github.com/google/go-cmp/cmp" | ||
) | ||
|
||
var linux1OSRelease []byte = []byte(`NAME="Amazon Linux AMI" | ||
VERSION="2018.03" | ||
ID="amzn" | ||
ID_LIKE="rhel fedora" | ||
VERSION_ID="2018.03" | ||
PRETTY_NAME="Amazon Linux AMI 2018.03" | ||
ANSI_COLOR="0;33" | ||
CPE_NAME="cpe:/o:amazon:linux:2018.03:ga" | ||
HOME_URL="http://aws.amazon.com/amazon-linux-ami/"`) | ||
|
||
var linux2OSRelease []byte = []byte(`NAME="Amazon Linux" | ||
VERSION="2" | ||
ID="amzn" | ||
ID_LIKE="centos rhel fedora" | ||
VERSION_ID="2" | ||
PRETTY_NAME="Amazon Linux 2" | ||
ANSI_COLOR="0;33" | ||
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2" | ||
HOME_URL="https://amazonlinux.com/"`) | ||
|
||
func TestDistributionScanner(t *testing.T) { | ||
table := []struct { | ||
name string | ||
release Release | ||
osRelease []byte | ||
}{ | ||
{ | ||
name: "linux1", | ||
release: Linux1, | ||
osRelease: linux1OSRelease, | ||
}, | ||
{ | ||
name: "linux2", | ||
release: Linux2, | ||
osRelease: linux2OSRelease, | ||
}, | ||
} | ||
for _, tt := range table { | ||
t.Run(tt.name, func(t *testing.T) { | ||
scanner := DistributionScanner{} | ||
dist := scanner.parse(bytes.NewBuffer(tt.osRelease)) | ||
cmpDist, _ := releaseToDist(tt.release) | ||
if !cmp.Equal(dist, cmpDist) { | ||
t.Fatalf("%v", cmp.Diff(dist, cmpDist)) | ||
} | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
package aws | ||
|
||
import ( | ||
"bytes" | ||
"context" | ||
"regexp" | ||
"runtime/trace" | ||
|
||
"github.com/quay/claircore" | ||
"github.com/quay/claircore/internal/indexer" | ||
"github.com/rs/zerolog" | ||
) | ||
|
||
// AWS Linux keeps a consistent os-release file between | ||
// major releases. | ||
// All tested images on docker hub contained os-release file | ||
|
||
const ( | ||
scannerName = "aws" | ||
scannerVersion = "v0.0.1" | ||
scannerKind = "distribution" | ||
) | ||
|
||
type awsRegex struct { | ||
release Release | ||
regexp *regexp.Regexp | ||
} | ||
|
||
var awsRegexes = []awsRegex{ | ||
{ | ||
release: Linux1, | ||
regexp: regexp.MustCompile(`Amazon Linux AMI 2018.03`), | ||
}, | ||
{ | ||
release: Linux2, | ||
regexp: regexp.MustCompile(`Amazon Linux 2`), | ||
}, | ||
} | ||
|
||
const osReleasePath = `etc/os-release` | ||
|
||
var _ indexer.DistributionScanner = (*DistributionScanner)(nil) | ||
var _ indexer.VersionedScanner = (*DistributionScanner)(nil) | ||
|
||
// DistributionScanner attempts to discover if a layer | ||
// displays characteristics of a AWS distribution | ||
type DistributionScanner struct{} | ||
|
||
// Name implements scanner.VersionedScanner. | ||
func (*DistributionScanner) Name() string { return scannerName } | ||
|
||
// Version implements scanner.VersionedScanner. | ||
func (*DistributionScanner) Version() string { return scannerVersion } | ||
|
||
// Kind implements scanner.VersionedScanner. | ||
func (*DistributionScanner) Kind() string { return scannerKind } | ||
|
||
// Scan will inspect the layer for an os-release or lsb-release file | ||
// and perform a regex match for keywords indicating the associated AWS release | ||
// | ||
// If neither file is found a (nil,nil) is returned. | ||
// If the files are found but all regexp fail to match an empty distribution is returned. | ||
func (ds *DistributionScanner) Scan(ctx context.Context, l *claircore.Layer) ([]*claircore.Distribution, error) { | ||
defer trace.StartRegion(ctx, "Scanner.Scan").End() | ||
log := zerolog.Ctx(ctx).With(). | ||
Str("component", "aws_dist_scanner"). | ||
Str("name", ds.Name()). | ||
Str("version", ds.Version()). | ||
Str("kind", ds.Kind()). | ||
Str("layer", l.Hash). | ||
Logger() | ||
log.Debug().Msg("start") | ||
defer log.Debug().Msg("done") | ||
files, err := l.Files(osReleasePath) | ||
if err != nil { | ||
log.Debug().Msg("didn't find an os-release") | ||
return nil, nil | ||
} | ||
for _, buff := range files { | ||
dist := ds.parse(buff) | ||
if dist != nil { | ||
return []*claircore.Distribution{dist}, nil | ||
} | ||
} | ||
return []*claircore.Distribution{&claircore.Distribution{}}, nil | ||
} | ||
|
||
// parse attempts to match all AWS release regexp and returns the associated | ||
// distribution if it exists. | ||
// | ||
// separated to it's own method to aide testing. | ||
func (ds *DistributionScanner) parse(buff *bytes.Buffer) *claircore.Distribution { | ||
for _, ur := range awsRegexes { | ||
if ur.regexp.Match(buff.Bytes()) { | ||
dist, err := releaseToDist(ur.release) | ||
if err != nil { | ||
panic("aws distrubution scanner: awsRegex configured with unknown release") | ||
} | ||
return dist | ||
} | ||
} | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters