From 21e3cfb6798d871dfc3566d12112e07b857fc8a5 Mon Sep 17 00:00:00 2001 From: Benji Visser Date: Mon, 15 May 2023 16:02:59 -0400 Subject: [PATCH 1/2] fixing issue #60 Signed-off-by: Benji Visser --- cmd/root.go | 8 ++--- .../snapshot/TestJsonDirsPresenter.golden | 35 +++++++++++++++++++ .../snapshot/TestJsonImgsPresenter.golden | 35 +++++++++++++++++++ xeol/presenter/models/document.go | 19 ++++++---- xeol/presenter/models/models_helpers.go | 17 ++++++++- xeol/presenter/table/presenter.go | 6 ++-- 6 files changed, 106 insertions(+), 14 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index 6f97975d..0861be4f 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -214,7 +214,7 @@ func startWorker(userInput string, failOnEolFound bool, eolMatchDate time.Time) var store *store.Store var status *db.Status var dbCloser *db.Closer - var sbomPackages []pkg.Package + var packages []pkg.Package var sbom *sbom.SBOM var pkgContext pkg.Context var wg = &sync.WaitGroup{} @@ -236,7 +236,7 @@ func startWorker(userInput string, failOnEolFound bool, eolMatchDate time.Time) go func() { defer wg.Done() log.Debugf("gathering packages") - sbomPackages, pkgContext, sbom, err = pkg.Provide(userInput, getProviderConfig()) + packages, pkgContext, sbom, err = pkg.Provide(userInput, getProviderConfig()) if err != nil { errs <- fmt.Errorf("failed to catalog: %w", err) return @@ -257,7 +257,7 @@ func startWorker(userInput string, failOnEolFound bool, eolMatchDate time.Time) Distro: distroMatcher.MatcherConfig(appConfig.Match.Distro), }) - allMatches, err := xeol.FindEol(*store, pkgContext.Distro, matchers, sbomPackages, failOnEolFound, eolMatchDate) + allMatches, err := xeol.FindEol(*store, pkgContext.Distro, matchers, packages, failOnEolFound, eolMatchDate) if err != nil { errs <- err if !errors.Is(err, xeolerr.ErrEolFound) { @@ -267,7 +267,7 @@ func startWorker(userInput string, failOnEolFound bool, eolMatchDate time.Time) pb := models.PresenterConfig{ Matches: allMatches, - Packages: sbomPackages, + Packages: packages, SBOM: sbom, Context: pkgContext, AppConfig: appConfig, diff --git a/xeol/presenter/json/test-fixtures/snapshot/TestJsonDirsPresenter.golden b/xeol/presenter/json/test-fixtures/snapshot/TestJsonDirsPresenter.golden index 81d5df1e..81723df3 100644 --- a/xeol/presenter/json/test-fixtures/snapshot/TestJsonDirsPresenter.golden +++ b/xeol/presenter/json/test-fixtures/snapshot/TestJsonDirsPresenter.golden @@ -90,6 +90,41 @@ "modularityLabel": "" } } + }, + { + "Cycle": { + "ProductName": "Ubuntu", + "ReleaseCycle": "16.04", + "Eol": "2021-04-02", + "LatestRelease": "", + "LatestReleaseDate": "2016-07-31", + "ReleaseDate": "2016-07-31" + }, + "Package": { + "ID": "", + "Name": "", + "Version": "", + "Locations": {}, + "Language": "", + "Licenses": null, + "Type": "", + "CPEs": null, + "PURL": "", + "Upstreams": null, + "MetadataType": "", + "Metadata": null + }, + "artifact": { + "name": "ubuntu", + "version": "16.04", + "type": "os", + "locations": [], + "language": "", + "licenses": [], + "cpes": [], + "purl": "", + "upstreams": [] + } } ], "source": { diff --git a/xeol/presenter/json/test-fixtures/snapshot/TestJsonImgsPresenter.golden b/xeol/presenter/json/test-fixtures/snapshot/TestJsonImgsPresenter.golden index b1fde523..03b33f9d 100644 --- a/xeol/presenter/json/test-fixtures/snapshot/TestJsonImgsPresenter.golden +++ b/xeol/presenter/json/test-fixtures/snapshot/TestJsonImgsPresenter.golden @@ -90,6 +90,41 @@ "modularityLabel": "" } } + }, + { + "Cycle": { + "ProductName": "Ubuntu", + "ReleaseCycle": "16.04", + "Eol": "2021-04-02", + "LatestRelease": "", + "LatestReleaseDate": "2016-07-31", + "ReleaseDate": "2016-07-31" + }, + "Package": { + "ID": "", + "Name": "", + "Version": "", + "Locations": {}, + "Language": "", + "Licenses": null, + "Type": "", + "CPEs": null, + "PURL": "", + "Upstreams": null, + "MetadataType": "", + "Metadata": null + }, + "artifact": { + "name": "ubuntu", + "version": "16.04", + "type": "os", + "locations": [], + "language": "", + "licenses": [], + "cpes": [], + "purl": "", + "upstreams": [] + } } ], "source": { diff --git a/xeol/presenter/models/document.go b/xeol/presenter/models/document.go index 8ae7e4b7..de0bb639 100644 --- a/xeol/presenter/models/document.go +++ b/xeol/presenter/models/document.go @@ -22,13 +22,20 @@ func NewDocument(packages []pkg.Package, context pkg.Context, matches match.Matc // we must preallocate the findings to ensure the JSON document does not show "null" when no matches are found var findings = make([]Match, 0) for _, m := range matches.Sorted() { - p := pkg.ByID(m.Package.ID, packages) - if p == nil { - return Document{}, fmt.Errorf("unable to find package in collection: %+v", p) - } + // syft doesn't treat OS packages as real "packages", so they won't exist in the + // packages collection. we need to handle this case separately. + if m.Package.Type == "os" { + matchModel := newMatch(m, m.Package) + findings = append(findings, *matchModel) + } else { + p := pkg.ByID(m.Package.ID, packages) + if p == nil { + return Document{}, fmt.Errorf("unable to find package in collection: %+v", p) + } - matchModel := newMatch(m, *p) - findings = append(findings, *matchModel) + matchModel := newMatch(m, *p) + findings = append(findings, *matchModel) + } } var src *source diff --git a/xeol/presenter/models/models_helpers.go b/xeol/presenter/models/models_helpers.go index 999bb184..b7c45d1a 100644 --- a/xeol/presenter/models/models_helpers.go +++ b/xeol/presenter/models/models_helpers.go @@ -82,7 +82,6 @@ func generateMatches(t *testing.T, p, p2 pkg.Package) match.Matches { Package: p, }, { - Cycle: eol.Cycle{ ProductName: "MongoDB Server", ReleaseDate: "2016-07-31", @@ -93,6 +92,22 @@ func generateMatches(t *testing.T, p, p2 pkg.Package) match.Matches { }, Package: p2, }, + { + Cycle: eol.Cycle{ + ProductName: "Ubuntu", + ReleaseDate: "2016-07-31", + ReleaseCycle: "16.04", + Eol: "2021-04-02", + EolBool: false, + LatestReleaseDate: "2016-07-31", + }, + Package: pkg.Package{ + ID: pkg.ID(uuid.NewString()), + Name: "ubuntu", + Version: "16.04", + Type: "os", + }, + }, } collection := match.NewMatches(matches...) diff --git a/xeol/presenter/table/presenter.go b/xeol/presenter/table/presenter.go index 2f60e581..fa86624e 100644 --- a/xeol/presenter/table/presenter.go +++ b/xeol/presenter/table/presenter.go @@ -18,14 +18,14 @@ var now = time.Now // Presenter is a generic struct for holding fields needed for reporting type Presenter struct { - results match.Matches + matches match.Matches packages []pkg.Package } // NewPresenter is a *Presenter constructor func NewPresenter(pb models.PresenterConfig) *Presenter { return &Presenter{ - results: pb.Matches, + matches: pb.Matches, packages: pb.Packages, } } @@ -36,7 +36,7 @@ func (pres *Presenter) Present(output io.Writer) error { columns := []string{"NAME", "VERSION", "EOL", "DAYS EOL", "TYPE"} // Generate rows for matches - for m := range pres.results.Enumerate() { + for m := range pres.matches.Enumerate() { if m.Package.Name == "" { continue } From 3bb455efc0b5be0d59cd75b8b0e9844b7e5a025d Mon Sep 17 00:00:00 2001 From: Benji Visser Date: Mon, 15 May 2023 16:11:47 -0400 Subject: [PATCH 2/2] update test fixtures Signed-off-by: Benji Visser --- .../table/test-fixtures/snapshot/TestTablePresenter.golden | 1 + 1 file changed, 1 insertion(+) diff --git a/xeol/presenter/table/test-fixtures/snapshot/TestTablePresenter.golden b/xeol/presenter/table/test-fixtures/snapshot/TestTablePresenter.golden index effd0642..a45460bf 100644 --- a/xeol/presenter/table/test-fixtures/snapshot/TestTablePresenter.golden +++ b/xeol/presenter/table/test-fixtures/snapshot/TestTablePresenter.golden @@ -1,3 +1,4 @@ NAME VERSION EOL DAYS EOL TYPE package-1 1.1.1 2018-07-31 1614 rpm package-2 2.2.2 YES - deb +ubuntu 16.04 2021-04-02 638 os