Merge pull request #34 from anchore/focus-dkpg-metadata

Add dpkg source field to metadata
2024-11-10 06:14:16 +00:00 · 2020-06-01 17:42:18 -04:00 · 2020-06-01 17:42:18 -04:00 · f0b8aaacda
commit f0b8aaacda
parent 83e486d6ca 17787f856f
8 changed files with 18 additions and 62 deletions
--- a/imgbom/analyzer/dpkg/analyzer.go
+++ b/imgbom/analyzer/dpkg/analyzer.go
@ -59,6 +59,7 @@ func (a *Analyzer) Analyze(contents map[file.Reference]string) ([]pkg.Package, e
 				Name:     entry.Package,
 				Version:  entry.Version,
 				Type:     pkg.DebPkg,
+				FoundBy:  a.Name(),
 				Source:   []file.Reference{reference},
 				Metadata: entry,
 			})
--- a/imgbom/analyzer/dpkg/parser_test.go
+++ b/imgbom/analyzer/dpkg/parser_test.go
@ -24,23 +24,9 @@ func TestSinglePackage(t *testing.T) {
 		{
 			name: "Test Single Package",
 			expected: pkg.DpkgMetadata{
-				Package:        "apt",
-				Status:         "install ok installed",
-				Priority:       "required",
-				InstalledSize:  "4064",
-				Maintainer:     "APT Development Team <deity@lists.debian.org>",
-				Architecture:   "amd64",
-				Version:        "1.8.2",
-				ReplacesPkgs:   "apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)",
-				ProvidesPkgs:   "apt-transport-https (= 1.8.2)",
-				DependsPkgs:    "adduser, gpgv | gpgv2 | gpgv1, debian-archive-keyring, libapt-pkg5.0 (>= 1.7.0~alpha3~), libc6 (>= 2.15), libgcc1 (>= 1:3.0), libgnutls30 (>= 3.6.6), libseccomp2 (>= 1.0.1), libstdc++6 (>= 5.2)",
-				RecommendsPkgs: "ca-certificates",
-				SuggestsPkgs:   "apt-doc, aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), gnupg | gnupg2 | gnupg1, powermgmt-base",
-				ConfigFiles: `
- /etc/apt/apt.conf.d/01autoremove 76120d358bc9037bb6358e737b3050b5
- /etc/cron.daily/apt-compat 49e9b2cfa17849700d4db735d04244f3
- /etc/kernel/postinst.d/apt-auto-removal 4ad976a68f045517cf4696cec7b8aa3a
- /etc/logrotate.d/apt 179f2ed4f85cbaca12fa3d69c2a4a1c3`,
+				Package: "apt",
+				Source:  "apt-dev",
+				Version: "1.8.2",
 			},
 		},
 	}
@ -66,7 +52,6 @@ func TestSinglePackage(t *testing.T) {
 			}

 			compareEntries(t, entry, test.expected)
-
 		})
 	}
 }
@ -80,35 +65,13 @@ func TestMultiplePackages(t *testing.T) {
 			name: "Test Multiple Package",
 			expected: []pkg.DpkgMetadata{
 				{
-					Package:       "tzdata",
-					Status:        "install ok installed",
-					Priority:      "required",
-					InstalledSize: "3036",
-					Maintainer:    "GNU Libc Maintainers <debian-glibc@lists.debian.org>",
-					Architecture:  "all",
-					Version:       "2020a-0+deb10u1",
-					ReplacesPkgs:  "libc0.1, libc0.3, libc6, libc6.1",
-					ProvidesPkgs:  "tzdata-buster",
-					DependsPkgs:   "debconf (>= 0.5) | debconf-2.0",
+					Package: "tzdata",
+					Version: "2020a-0+deb10u1",
+					Source:  "tzdata-dev",
 				},
 				{
-					Package:       "util-linux",
-					Status:        "install ok installed",
-					Priority:      "required",
-					InstalledSize: "4327",
-					Maintainer:    "LaMont Jones <lamont@debian.org>",
-					Architecture:  "amd64",
-					Version:       "2.33.1-0.1",
-					ReplacesPkgs:  "bash-completion (<< 1:2.8), initscripts (<< 2.88dsf-59.2~), login (<< 1:4.5-1.1~), mount (<< 2.29.2-3~), s390-tools (<< 2.2.0-1~), setpriv (<< 2.32.1-0.2~), sysvinit-utils (<< 2.88dsf-59.1~)",
-					DependsPkgs:   "fdisk, login (>= 1:4.5-1.1~)",
-					SuggestsPkgs:  "dosfstools, kbd | console-tools, util-linux-locales",
-					ConfigFiles: `
- /etc/default/hwclock 3916544450533eca69131f894db0ca12
- /etc/init.d/hwclock.sh 1ca5c0743fa797ffa364db95bb8d8d8e
- /etc/pam.d/runuser b8b44b045259525e0fae9e38fdb2aeeb
- /etc/pam.d/runuser-l 2106ea05877e8913f34b2c77fa02be45
- /etc/pam.d/su ce6dcfda3b190a27a455bb38a45ff34a
- /etc/pam.d/su-l 756fef5687fecc0d986e5951427b0c4f`,
+					Package: "util-linux",
+					Version: "2.33.1-0.1",
 				},
 			},
 		},
--- a/imgbom/analyzer/dpkg/test-fixtures/multiple
+++ b/imgbom/analyzer/dpkg/test-fixtures/multiple
@ -1,6 +1,7 @@
 Package: tzdata
 Status: install ok installed
 Priority: required
+Source: tzdata-dev
 Section: localization
 Installed-Size: 3036
 Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
--- a/imgbom/analyzer/dpkg/test-fixtures/single
+++ b/imgbom/analyzer/dpkg/test-fixtures/single
@ -6,6 +6,7 @@ Installed-Size: 4064
 Maintainer: APT Development Team <deity@lists.debian.org>
 Architecture: amd64
 Version: 1.8.2
+Source: apt-dev
 Replaces: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)
 Provides: apt-transport-https (= 1.8.2)
 Depends: adduser, gpgv | gpgv2 | gpgv1, debian-archive-keyring, libapt-pkg5.0 (>= 1.7.0~alpha3~), libc6 (>= 2.15), libgcc1 (>= 1:3.0), libgnutls30 (>= 3.6.6), libseccomp2 (>= 1.0.1), libstdc++6 (>= 5.2)
--- a/imgbom/pkg/metadata.go
+++ b/imgbom/pkg/metadata.go
@ -4,17 +4,7 @@ package pkg
 // Available fields are described at http://manpages.ubuntu.com/manpages/xenial/man1/dpkg-query.1.html
 // in the --showformat section
 type DpkgMetadata struct {
-	Package        string `mapstructure:"Package"`
-	Architecture   string `mapstructure:"Architecture"`
-	DependsPkgs    string `mapstructure:"Depends"`
-	InstalledSize  string `mapstructure:"Installed-Size"`
-	Maintainer     string `mapstructure:"Maintainer"`
-	Priority       string `mapstructure:"Priority"`
-	ProvidesPkgs   string `mapstructure:"Provides"`
-	RecommendsPkgs string `mapstructure:"Recommends"`
-	ReplacesPkgs   string `mapstructure:"Replaces"`
-	Status         string `mapstructure:"Status"`
-	SuggestsPkgs   string `mapstructure:"Suggests"`
-	Version        string `mapstructure:"Version"`
-	ConfigFiles    string `mapstructure:"Conffiles"`
+	Package string `mapstructure:"Package"`
+	Source  string `mapstructure:"Source"`
+	Version string `mapstructure:"Version"`
 }
--- a/imgbom/pkg/package.go
+++ b/imgbom/pkg/package.go
@ -13,6 +13,7 @@ type Package struct {
 	id       ID
 	Name     string
 	Version  string
+	FoundBy  string
 	Source   []file.Reference
 	Licenses []string
 	Type     Type
--- a/imgbom/presenter/json/presenter.go
+++ b/imgbom/presenter/json/presenter.go
@ -35,7 +35,7 @@ type layer struct {
 }

 type source struct {
-	Source  string   `json:"source"`
+	FoundBy string   `json:"foundBy"`
 	Layer   int      `json:"layer"`
 	Effects []string `json:"effects"`
 }
@ -81,7 +81,6 @@ func (pres *Presenter) Present(output io.Writer, img *stereoscopeImg.Image, cata
 			Name:     p.Name,
 			Version:  p.Version,
 			Type:     p.Type.String(),
-			Analyzer: "TODO", // TODO
 			Sources:  make([]source, len(p.Source)),
 			Metadata: p.Metadata,
 		}
@ -94,7 +93,7 @@ func (pres *Presenter) Present(output io.Writer, img *stereoscopeImg.Image, cata
 			}

 			srcObj := source{
-				Source:  "",
+				FoundBy: p.FoundBy,
 				Layer:   int(fileMetadata.Source.Metadata.Index),
 				Effects: []string{}, // TODO
 			}
--- a/imgbom/presenter/json/test-fixtures/snapshot/TestJsonPresenter.golden
+++ b/imgbom/presenter/json/test-fixtures/snapshot/TestJsonPresenter.golden
@ -1 +1 @@
-{"image":{"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:056c0789fa9ad629ceae6d09713fb035f84115af3c4a88a43aa60f13bc683053","size":22},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:b461c48116592c570a66fed71d5b09662a8172e168b7938cf317af47872cdc9b","size":16},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:00b80053e05c01da485015610d288ce3185fac00d251e2ada02b45a7a7c5f589","size":27}],"size":65,"digest":"sha256:3c53d2d891940f8d8e95acb77b58752f54dc5de9d91d19dd90ced2db76256cea","mediaType":"application/vnd.docker.distribution.manifest.v2+json","tags":["anchore-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7"]},"artifacts":[{"name":"package-1","version":"1.0.1","type":"deb","analyzer":"TODO","sources":[{"source":"","layer":0,"effects":[]}],"metadata":null},{"name":"package-2","version":"2.0.1","type":"deb","analyzer":"TODO","sources":[{"source":"","layer":1,"effects":[]}],"metadata":null}]}
+{"image":{"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:056c0789fa9ad629ceae6d09713fb035f84115af3c4a88a43aa60f13bc683053","size":22},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:b461c48116592c570a66fed71d5b09662a8172e168b7938cf317af47872cdc9b","size":16},{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:00b80053e05c01da485015610d288ce3185fac00d251e2ada02b45a7a7c5f589","size":27}],"size":65,"digest":"sha256:3c53d2d891940f8d8e95acb77b58752f54dc5de9d91d19dd90ced2db76256cea","mediaType":"application/vnd.docker.distribution.manifest.v2+json","tags":["anchore-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7"]},"artifacts":[{"name":"package-1","version":"1.0.1","type":"deb","analyzer":"","sources":[{"foundBy":"","layer":0,"effects":[]}],"metadata":null},{"name":"package-2","version":"2.0.1","type":"deb","analyzer":"","sources":[{"foundBy":"","layer":1,"effects":[]}],"metadata":null}]}