Alex Goodman
1b7c755536
add file-type mix as golden image
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 16:50:57 -04:00
Alex Goodman
8854d83934
cache mac acceptance image
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 15:03:25 -04:00
Alex Goodman
3ef30f99be
pull in stereoscope cache fix + add test cache makefile target helpers
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 14:31:59 -04:00
Alex Goodman
12f419111e
remove docker layer cache from validation pipeline
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 13:04:13 -04:00
Alex Goodman
68c4bf8bbe
update documentation to reflect root vs packages subcommand
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 13:00:25 -04:00
Alex Goodman
929b78efbf
remove prealloc nolint rule in catalogers
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 12:56:00 -04:00
Alex Goodman
d420368ba9
add tests around new file metadata cataloger
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 11:00:59 -04:00
Alex Goodman
40199096e9
stabilize json file metadata presenter order
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 11:00:36 -04:00
Alex Goodman
0e9c1c1d86
arrange power-user tasks ahead of parsing the source image
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 10:29:38 -04:00
Alex Goodman
77e4c89a5a
bump coverage threshold + use ubuntu for snapshot builds
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 10:28:57 -04:00
Alex Goodman
e3b1522394
upgrade goreleaser + constrain pipeline tool cache
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 06:58:30 -04:00
Alex Goodman
46636ccb3c
simplify command alias logic + remove deprecation warning for root command
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 15:25:04 -04:00
Alex Goodman
36e4af1953
adjust jsom schema version + adopt java pom properies test fixtures
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 11:27:01 -04:00
Alex Goodman
abca2c5f0b
remove token usage from benchmark sticky comment action
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
f180d1c537
improve config parsing + fix command deprecation warning
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
b1b57f6ba6
remove benchmark test event filter in validations pipeline
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:08 -04:00
Alex Goodman
4bde850f04
add file-metadata config options to docs
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:08 -04:00
Alex Goodman
1d87f07da1
update pipeline with new levels of testing
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:07 -04:00
Alex Goodman
cf516add95
add cli testing
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
68d698e9f2
remove inline-compare testing
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
efcd8a8b9a
update integration and acceptance tests for new resolvers
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
ae32942a18
update import to require patching image metadata source field
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
18dd2950ac
update event handlers relative to new command structure
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:18 -04:00
Alex Goodman
6a960ec1f3
update json schema with optional poweruser data shape
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:56:16 -04:00
Alex Goodman
97f0f83544
add poweruser command and alias root to packages subcommand
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:53:53 -04:00
Alex Goodman
a6cba5d9db
remove multi* content fetching from resolvers
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:53:51 -04:00
Alex Goodman
f22d7d23c1
add poweruser concerns to the application config
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:52:37 -04:00
Alex Goodman
ff4ed40d50
migrate syft/presenter to internal/presenter
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:52:33 -04:00
Alex Goodman
4666ca8469
migrate syft/cataloger to syft/pkg/cataloger
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:46:51 -04:00
Alex Goodman
cb5e7d0e08
Merge pull request #345 from westonsteimel/rust-cargo-cataloger
...
add cataloger for rust crates from Cargo.lock files
2021-03-22 09:51:57 -04:00
Alex Goodman
48a1d4711a
update presenter tests with json schema 1.0.3 examples + rename rust metadata type
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 09:44:55 -04:00
Weston Steimel
35cc00b74a
capture extra metadata about rust crates from the Cargo.lock file
...
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-03-22 09:13:17 -04:00
Alex Goodman
26a4dd36a8
Merge pull request #348 from anchore/fix-java-pom-properties-parse-delimiter
...
Allow for multiple pom.properties delimiters
2021-03-20 12:23:57 -04:00
Alex Goodman
e9e9fe6d9c
prefer warnings over errors when parsing java manifests and pom properties
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-20 08:08:46 -04:00
Alex Goodman
2f8a568d4f
check for multiple delimiters when parsing pom properties
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-20 08:00:08 -04:00
Alex Goodman
c828e47765
Merge pull request #346 from anchore/fix-snapshot-build
...
Run snapshot build on ubuntu
2021-03-19 09:40:37 -04:00
Alex Goodman
83778677c1
run snapshot build on ubuntu
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-19 08:42:27 -04:00
Alex Goodman
a5ae8e9668
Merge pull request #344 from anchore/add-docker-image
...
Add Docker image to release process
2021-03-18 16:45:22 -04:00
Alex Goodman
9f57e17887
add labels to the docker image + pin the docker pipeline install version
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-18 16:28:03 -04:00
Weston Steimel
ba81bfe529
add cataloger for rust crates from Cargo.lock files
...
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-03-18 03:12:51 +00:00
Alex Goodman
a83d79f330
Merge pull request #341 from octarinesec/add_photon_to_list_of_distros
...
Added Photon OS to the list of distros
2021-03-16 07:29:18 -04:00
Haim Helman
87e1a0f501
Added Photon OS to the list of distros
...
Signed-off-by: Haim Helman <hhelman@vmware.com>
2021-03-11 19:06:17 -08:00
Alex Goodman
e9105c180a
add dockerfile + docker build step
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 16:45:20 -05:00
Alex Goodman
c7b26c55ac
add docker to mac instance
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 14:01:00 -05:00
Alex Goodman
0c2a51554a
Merge pull request #343 from anchore/revert-310-add-docker-image-and-refactor-release-pipeline
...
Revert "Add docker image and refactor release pipeline"
2021-03-11 12:47:49 -05:00
Alex Goodman
5e62bca72f
Revert "Add docker image and refactor release pipeline ( #310 )"
...
This reverts commit 6195002ae5
.
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2021-03-11 12:42:18 -05:00
Dan Luhring
6195002ae5
Add docker image and refactor release pipeline ( #310 )
...
* Create independent build targets for Mac and Linux
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Create targets for macOS signing and notarization
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Create target for Linux packaging
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Update release workflow and leverage new make targets
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add release assets to release draft
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add homebrew formula release follow-up and improve Makefile
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add follow-up workflow for updating version check file
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Get rid of fetch depth 0 for checkout action
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add follow-up workflow for Docker images
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Restore wait-for-checks job
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Replace make functions with shell functions
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Account for envsubst command in bootstrap-ci-linux
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* move homebrew generation into script
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add release approval step; remove goreleaser; add docker image smoke testing in acceptance step
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* replace homebrew formula template file with heredoc template
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update release documentation
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-10 13:25:31 -05:00
Alex Goodman
8c4370b7cc
Merge pull request #332 from westonsteimel/detect-distroless-packages
...
allow ability to catalog packages from /var/lib/dpkg/status.d/
2021-03-09 10:37:22 -05:00
Weston Steimel
6c80f9910f
add to dpkg integration test cases to detect packages from /var/lib/dpkg/status.d/
...
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-02-27 01:58:59 +00:00
Weston Steimel
b963be219b
allow ability to catalog packages from /var/lib/dpkg/status.d/
...
Some debian-based variants (such as Google's Distroless images)
don't write a single file to `/var/lib/dpkg/status`, but rather write
a file per package to `/var/lib/dpkg/status.d/`
related to #44
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
2021-02-27 01:20:44 +00:00