Add modularitylabel metadata to RPM type records generated by syft (#1148)

* bump cosign to v1.10.1 (#1144) Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145. Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update to address lint failures Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Update syft/pkg/rpmdb_metadata.go Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update json schema to match camel case Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2024-11-10 06:14:16 +00:00 · 2022-08-08 04:52:32 -07:00 · 2022-08-08 04:52:32 -07:00 · 04387301ce
commit 04387301ce
parent 4df84d380d
7 changed files with 1496 additions and 27 deletions
--- a/internal/constants.go
+++ b/internal/constants.go
@ -6,5 +6,5 @@ const (

 	// JSONSchemaVersion is the current schema version output by the JSON encoder
 	// This is roughly following the "SchemaVer" guidelines for versioning the JSON schema. Please see schema/json/README.md for details on how to increment.
-	JSONSchemaVersion = "3.3.1"
+	JSONSchemaVersion = "3.3.2"
 )
--- a/internal/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden
+++ b/internal/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden
@ -88,7 +88,7 @@
  }
 },
 "schema": {
-  "version": "3.3.1",
-  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.1.json"
+  "version": "3.3.2",
+  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.2.json"
 }
 }
--- a/internal/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden
+++ b/internal/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden
@ -184,7 +184,7 @@
  }
 },
 "schema": {
-  "version": "3.3.1",
-  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.1.json"
+  "version": "3.3.2",
+  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.2.json"
 }
 }
--- a/internal/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden
+++ b/internal/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden
@ -111,7 +111,7 @@
  }
 },
 "schema": {
-  "version": "3.3.1",
-  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.1.json"
+  "version": "3.3.2",
+  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.2.json"
 }
 }
--- a/schema/json/schema-3.3.2.json
+++ b/schema/json/schema-3.3.2.json
--- a/syft/pkg/cataloger/rpmdb/parse_rpmdb.go
+++ b/syft/pkg/cataloger/rpmdb/parse_rpmdb.go
@ -69,16 +69,17 @@ func newPkg(resolver source.FilePathResolver, dbLocation source.Location, entry
 	}

 	metadata := pkg.RpmdbMetadata{
-		Name:      entry.Name,
-		Version:   entry.Version,
-		Epoch:     entry.Epoch,
-		Arch:      entry.Arch,
-		Release:   entry.Release,
-		SourceRpm: entry.SourceRpm,
-		Vendor:    entry.Vendor,
-		License:   entry.License,
-		Size:      entry.Size,
-		Files:     fileRecords,
+		Name:            entry.Name,
+		Version:         entry.Version,
+		Epoch:           entry.Epoch,
+		Arch:            entry.Arch,
+		Release:         entry.Release,
+		SourceRpm:       entry.SourceRpm,
+		Vendor:          entry.Vendor,
+		License:         entry.License,
+		Size:            entry.Size,
+		ModularityLabel: entry.Modularitylabel,
+		Files:           fileRecords,
 	}

 	p := pkg.Package{
--- a/syft/pkg/rpmdb_metadata.go
+++ b/syft/pkg/rpmdb_metadata.go
@ -26,16 +26,17 @@ var (

 // RpmdbMetadata represents all captured data for a RPM DB package entry.
 type RpmdbMetadata struct {
-	Name      string            `json:"name"`
-	Version   string            `json:"version"`
-	Epoch     *int              `json:"epoch"  cyclonedx:"epoch" jsonschema:"nullable"`
-	Arch      string            `json:"architecture"`
-	Release   string            `json:"release" cyclonedx:"release"`
-	SourceRpm string            `json:"sourceRpm" cyclonedx:"sourceRpm"`
-	Size      int               `json:"size" cyclonedx:"size"`
-	License   string            `json:"license"`
-	Vendor    string            `json:"vendor"`
-	Files     []RpmdbFileRecord `json:"files"`
+	Name            string            `json:"name"`
+	Version         string            `json:"version"`
+	Epoch           *int              `json:"epoch"  cyclonedx:"epoch" jsonschema:"nullable"`
+	Arch            string            `json:"architecture"`
+	Release         string            `json:"release" cyclonedx:"release"`
+	SourceRpm       string            `json:"sourceRpm" cyclonedx:"sourceRpm"`
+	Size            int               `json:"size" cyclonedx:"size"`
+	License         string            `json:"license"`
+	Vendor          string            `json:"vendor"`
+	ModularityLabel string            `json:"modularityLabel"`
+	Files           []RpmdbFileRecord `json:"files"`
 }

 // RpmdbFileRecord represents the file metadata for a single file attributed to a RPM package.