Commit graph

548 commits

Author SHA1 Message Date
Alex Goodman
1b7c755536
add file-type mix as golden image
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 16:50:57 -04:00
Alex Goodman
8854d83934
cache mac acceptance image
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 15:03:25 -04:00
Alex Goodman
3ef30f99be
pull in stereoscope cache fix + add test cache makefile target helpers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 14:31:59 -04:00
Alex Goodman
12f419111e
remove docker layer cache from validation pipeline
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 13:04:13 -04:00
Alex Goodman
68c4bf8bbe
update documentation to reflect root vs packages subcommand
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 13:00:25 -04:00
Alex Goodman
929b78efbf
remove prealloc nolint rule in catalogers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 12:56:00 -04:00
Alex Goodman
d420368ba9
add tests around new file metadata cataloger
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 11:00:59 -04:00
Alex Goodman
40199096e9
stabilize json file metadata presenter order
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 11:00:36 -04:00
Alex Goodman
0e9c1c1d86
arrange power-user tasks ahead of parsing the source image
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 10:29:38 -04:00
Alex Goodman
77e4c89a5a
bump coverage threshold + use ubuntu for snapshot builds
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 10:28:57 -04:00
Alex Goodman
e3b1522394
upgrade goreleaser + constrain pipeline tool cache
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 06:58:30 -04:00
Alex Goodman
46636ccb3c
simplify command alias logic + remove deprecation warning for root command
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 15:25:04 -04:00
Alex Goodman
36e4af1953
adjust jsom schema version + adopt java pom properies test fixtures
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 11:27:01 -04:00
Alex Goodman
abca2c5f0b
remove token usage from benchmark sticky comment action
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
f180d1c537
improve config parsing + fix command deprecation warning
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
b1b57f6ba6
remove benchmark test event filter in validations pipeline
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:08 -04:00
Alex Goodman
4bde850f04
add file-metadata config options to docs
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:08 -04:00
Alex Goodman
1d87f07da1
update pipeline with new levels of testing
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:07 -04:00
Alex Goodman
cf516add95
add cli testing
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
68d698e9f2
remove inline-compare testing
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
efcd8a8b9a
update integration and acceptance tests for new resolvers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
ae32942a18
update import to require patching image metadata source field
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
18dd2950ac
update event handlers relative to new command structure
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
6a960ec1f3
update json schema with optional poweruser data shape
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:16 -04:00
Alex Goodman
97f0f83544
add poweruser command and alias root to packages subcommand
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:53:53 -04:00
Alex Goodman
a6cba5d9db
remove multi* content fetching from resolvers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:53:51 -04:00
Alex Goodman
f22d7d23c1
add poweruser concerns to the application config
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:52:37 -04:00
Alex Goodman
ff4ed40d50
migrate syft/presenter to internal/presenter
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:52:33 -04:00
Alex Goodman
4666ca8469
migrate syft/cataloger to syft/pkg/cataloger
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:46:51 -04:00
Alex Goodman
cb5e7d0e08
Merge pull request #345 from westonsteimel/rust-cargo-cataloger
add cataloger for rust crates from Cargo.lock files
2021-03-22 09:51:57 -04:00
Alex Goodman
48a1d4711a
update presenter tests with json schema 1.0.3 examples + rename rust metadata type
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 09:44:55 -04:00
Weston Steimel
35cc00b74a
capture extra metadata about rust crates from the Cargo.lock file
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-03-22 09:13:17 -04:00
Alex Goodman
26a4dd36a8
Merge pull request #348 from anchore/fix-java-pom-properties-parse-delimiter
Allow for multiple pom.properties delimiters
2021-03-20 12:23:57 -04:00
Alex Goodman
e9e9fe6d9c
prefer warnings over errors when parsing java manifests and pom properties
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-20 08:08:46 -04:00
Alex Goodman
2f8a568d4f
check for multiple delimiters when parsing pom properties
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-20 08:00:08 -04:00
Alex Goodman
c828e47765
Merge pull request #346 from anchore/fix-snapshot-build
Run snapshot build on ubuntu
2021-03-19 09:40:37 -04:00
Alex Goodman
83778677c1
run snapshot build on ubuntu
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-19 08:42:27 -04:00
Alex Goodman
a5ae8e9668
Merge pull request #344 from anchore/add-docker-image
Add Docker image to release process
2021-03-18 16:45:22 -04:00
Alex Goodman
9f57e17887
add labels to the docker image + pin the docker pipeline install version
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-18 16:28:03 -04:00
Weston Steimel
ba81bfe529
add cataloger for rust crates from Cargo.lock files
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-03-18 03:12:51 +00:00
Alex Goodman
a83d79f330
Merge pull request #341 from octarinesec/add_photon_to_list_of_distros
Added Photon OS to the list of distros
2021-03-16 07:29:18 -04:00
Haim Helman
87e1a0f501 Added Photon OS to the list of distros
Signed-off-by: Haim Helman <hhelman@vmware.com>
2021-03-11 19:06:17 -08:00
Alex Goodman
e9105c180a
add dockerfile + docker build step
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 16:45:20 -05:00
Alex Goodman
c7b26c55ac
add docker to mac instance
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 14:01:00 -05:00
Alex Goodman
0c2a51554a
Merge pull request #343 from anchore/revert-310-add-docker-image-and-refactor-release-pipeline
Revert "Add docker image and refactor release pipeline"
2021-03-11 12:47:49 -05:00
Alex Goodman
5e62bca72f
Revert "Add docker image and refactor release pipeline (#310)"
This reverts commit 6195002ae5.

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2021-03-11 12:42:18 -05:00
Dan Luhring
6195002ae5
Add docker image and refactor release pipeline (#310)
* Create independent build targets for Mac and Linux

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Create targets for macOS signing and notarization

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Create target for Linux packaging

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Update release workflow and leverage new make targets

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add release assets to release draft

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add homebrew formula release follow-up and improve Makefile

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add follow-up workflow for updating version check file

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Get rid of fetch depth 0 for checkout action

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add follow-up workflow for Docker images

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Restore wait-for-checks job

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Replace make functions with shell functions

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Account for envsubst command in bootstrap-ci-linux

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* move homebrew generation into script

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add release approval step; remove goreleaser; add docker image smoke testing in acceptance step

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* replace homebrew formula template file with heredoc template

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update release documentation

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-10 13:25:31 -05:00
Alex Goodman
8c4370b7cc
Merge pull request #332 from westonsteimel/detect-distroless-packages
allow ability to catalog packages from /var/lib/dpkg/status.d/
2021-03-09 10:37:22 -05:00
Weston Steimel
6c80f9910f
add to dpkg integration test cases to detect packages from /var/lib/dpkg/status.d/
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-02-27 01:58:59 +00:00
Weston Steimel
b963be219b
allow ability to catalog packages from /var/lib/dpkg/status.d/
Some debian-based variants (such as Google's Distroless images)
don't write a single file to `/var/lib/dpkg/status`, but rather write
a file per package to `/var/lib/dpkg/status.d/`

related to #44

Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-02-27 01:20:44 +00:00