gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-14 16:40:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix: handle empty OS family (#2768)

Browse Source
This commit is contained in:
Teppei Fukuda
2022-08-29 08:53:13 +03:00
committed by GitHub
parent 77616bebae
commit db67f16ac6
3 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yaml vendored
View File

@@ -10,7 +10,7 @@ jobs:
uses: ./.github/workflows/reusable-release.yaml uses: ./.github/workflows/reusable-release.yaml
with: with:
goreleaser_config: goreleaser.yml goreleaser_config: goreleaser.yml
goreleaser_options: '--rm-dist --timeout 60m' goreleaser_options: '--rm-dist --timeout 90m'
secrets: inherit secrets: inherit
deploy-packages: deploy-packages:

2
.github/workflows/test.yaml vendored
View File

@@ -113,7 +113,7 @@ jobs:
uses: goreleaser/goreleaser-action@v3 uses: goreleaser/goreleaser-action@v3
with: with:
version: v1.4.1 version: v1.4.1
args: release --snapshot --rm-dist --skip-publish --timeout 60m args: release --snapshot --rm-dist --skip-publish --timeout 90m
build-documents: build-documents:
name: Documentation Test name: Documentation Test

13
pkg/scanner/local/scan.go
View File

@@ -80,6 +80,11 @@ func (s Scanner) Scan(ctx context.Context, target, artifactKey string, blobKeys
case errors.Is(err, analyzer.ErrUnknownOS): case errors.Is(err, analyzer.ErrUnknownOS):
log.Logger.Debug("OS is not detected.") log.Logger.Debug("OS is not detected.")
// Packages may contain OS-independent binary information even though OS is not detected.
if len(artifactDetail.Packages) != 0 {
artifactDetail.OS = &ftypes.OS{Family: "none"}
}
// If OS is not detected and repositories are detected, we'll try to use repositories as OS. // If OS is not detected and repositories are detected, we'll try to use repositories as OS.
if artifactDetail.Repository != nil { if artifactDetail.Repository != nil {
log.Logger.Debugf("Package repository: %s %s", artifactDetail.Repository.Family, artifactDetail.Repository.Release) log.Logger.Debugf("Package repository: %s %s", artifactDetail.Repository.Family, artifactDetail.Repository.Release)
@@ -167,12 +172,10 @@ func (s Scanner) Scan(ctx context.Context, target, artifactKey string, blobKeys
} }
func (s Scanner) osPkgsToResult(target string, detail ftypes.ArtifactDetail, options types.ScanOptions) *types.Result { func (s Scanner) osPkgsToResult(target string, detail ftypes.ArtifactDetail, options types.ScanOptions) *types.Result {
if len(detail.Packages) == 0 { if len(detail.Packages) == 0 || detail.OS == nil {
return nil return nil
} }
if detail.OS != nil {
target = fmt.Sprintf("%s (%s %s)", target, detail.OS.Family, detail.OS.Name)
}
pkgs := detail.Packages pkgs := detail.Packages
if options.ScanRemovedPackages { if options.ScanRemovedPackages {
pkgs = mergePkgs(pkgs, detail.HistoryPackages) pkgs = mergePkgs(pkgs, detail.HistoryPackages)
@@ -181,7 +184,7 @@ func (s Scanner) osPkgsToResult(target string, detail ftypes.ArtifactDetail, opt
return strings.Compare(pkgs[i].Name, pkgs[j].Name) <= 0 return strings.Compare(pkgs[i].Name, pkgs[j].Name) <= 0
}) })
return &types.Result{ return &types.Result{
Target: target, Target: fmt.Sprintf("%s (%s %s)", target, detail.OS.Family, detail.OS.Name),
Class: types.ClassOSPkg, Class: types.ClassOSPkg,
Type: detail.OS.Family, Type: detail.OS.Family,
Packages: pkgs, Packages: pkgs,