From 0a4847302ab868fc0fd35daef38e10211bdcde8a Mon Sep 17 00:00:00 2001 From: Willis Berrios Date: Tue, 21 Jan 2025 18:02:20 +0000 Subject: [PATCH 1/5] feat: Add configuration option to enable/disable Docker Scout - Integrated ConfigManager to retrieve 'enable_docker_scout' setting. - Modified DockerScoutManager to respect the configuration option, allowing users to enable or disable Docker Scout functionality. - Updated init_hook to conditionally check Docker Scout installation based on configuration. - Added logic to short-circuit Docker Scout operations if disabled via configuration. --- surfactant/infoextractors/docker_image.py | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/surfactant/infoextractors/docker_image.py b/surfactant/infoextractors/docker_image.py index f6220dae..abdbe123 100644 --- a/surfactant/infoextractors/docker_image.py +++ b/surfactant/infoextractors/docker_image.py @@ -12,15 +12,26 @@ import surfactant.plugin from surfactant.sbomtypes import SBOM, Software +from surfactant.configmanager import ConfigManager class DockerScoutManager: def __init__(self) -> None: - self.disable_docker_scout = True + # Initialize ConfigManager + config_manager = ConfigManager() + + # Retrieve the configuration option + enable_docker_scout = config_manager.get("docker", "enable_docker_scout", True) + + # Set disable_docker_scout based on the configuration + self.disable_docker_scout = not enable_docker_scout self.docker_scout_installed = False def check_docker_scout_installed(self) -> None: """Check if Docker Scout is installed and update the state accordingly.""" + if self.disable_docker_scout: + return # Do nothing if Docker Scout is disabled by config + try: result = subprocess.run(["docker", "scout"], capture_output=True, check=False) self.docker_scout_installed = result.returncode == 0 @@ -29,10 +40,16 @@ def check_docker_scout_installed(self) -> None: self.disable_docker_scout = not self.docker_scout_installed if not self.docker_scout_installed: - logger.warning("Install Docker Scout to scan containers for additional information") + logger.warning( + "Install Docker Scout to scan containers for additional information. " + "You can also disable this check by running 'surfactant config docker.enable_docker_scout false'." + ) def run_docker_scout(self, filename: str) -> object: """Run Docker Scout on the given file and return the results.""" + if self.disable_docker_scout: + return {} # Do nothing if Docker Scout is disabled by config + try: result = subprocess.run( ["docker", "scout", "sbom", "--format", "spdx", f"fs://{filename}"], @@ -80,5 +97,5 @@ def extract_docker_info(filetype: str, filename: str) -> object: @surfactant.plugin.hookimpl def init_hook(command_name: Optional[str] = None) -> None: - if command_name != "update-db": + if command_name != "update-db" and not dsManager.disable_docker_scout: dsManager.check_docker_scout_installed() From efb643cf18a389055bb6ad768d670742006bd998 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 21 Jan 2025 18:05:13 +0000 Subject: [PATCH 2/5] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- surfactant/infoextractors/docker_image.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/surfactant/infoextractors/docker_image.py b/surfactant/infoextractors/docker_image.py index abdbe123..06cfa475 100644 --- a/surfactant/infoextractors/docker_image.py +++ b/surfactant/infoextractors/docker_image.py @@ -11,18 +11,18 @@ from loguru import logger import surfactant.plugin -from surfactant.sbomtypes import SBOM, Software from surfactant.configmanager import ConfigManager +from surfactant.sbomtypes import SBOM, Software class DockerScoutManager: def __init__(self) -> None: # Initialize ConfigManager config_manager = ConfigManager() - + # Retrieve the configuration option enable_docker_scout = config_manager.get("docker", "enable_docker_scout", True) - + # Set disable_docker_scout based on the configuration self.disable_docker_scout = not enable_docker_scout self.docker_scout_installed = False @@ -31,7 +31,7 @@ def check_docker_scout_installed(self) -> None: """Check if Docker Scout is installed and update the state accordingly.""" if self.disable_docker_scout: return # Do nothing if Docker Scout is disabled by config - + try: result = subprocess.run(["docker", "scout"], capture_output=True, check=False) self.docker_scout_installed = result.returncode == 0 From 0ec59f9f474261ea875ceabc2a9775f9b93abaaa Mon Sep 17 00:00:00 2001 From: Willis Berrios Date: Tue, 21 Jan 2025 18:11:41 +0000 Subject: [PATCH 3/5] Updated readme. --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 02e0074d..fec1d99a 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,14 @@ Getting the currently set value for the option would then be done with: surfactant config core.recorded_institution ``` +### Configuration Options + +- **docker.enable_docker_scout**: Controls whether Docker Scout is enabled. Default is `true`. To disable Docker Scout, run: + +```bash +surfactant config docker.enable_docker_scout false +``` + ### Manual Editing If desired, the settings config file can also be manually edited. The location of the file will depend on your platform. From c76917e7656f463567189412dc7ca4b2244a5f55 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 21 Jan 2025 18:12:35 +0000 Subject: [PATCH 4/5] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index fec1d99a..9bed3cb8 100644 --- a/README.md +++ b/README.md @@ -121,7 +121,7 @@ surfactant config core.recorded_institution ### Configuration Options - **docker.enable_docker_scout**: Controls whether Docker Scout is enabled. Default is `true`. To disable Docker Scout, run: - + ```bash surfactant config docker.enable_docker_scout false ``` From 545dfad5d2b80967518ddf5b470cf9042a2f0dac Mon Sep 17 00:00:00 2001 From: Ryan Mast Date: Mon, 27 Jan 2025 12:58:37 -0800 Subject: [PATCH 5/5] doc updates --- README.md | 4 +--- docs/settings.md | 5 +++++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9bed3cb8..a6612685 100644 --- a/README.md +++ b/README.md @@ -118,9 +118,7 @@ Getting the currently set value for the option would then be done with: surfactant config core.recorded_institution ``` -### Configuration Options - -- **docker.enable_docker_scout**: Controls whether Docker Scout is enabled. Default is `true`. To disable Docker Scout, run: +Another example of a setting you might want to change is `docker.enable_docker_scout`, which controls whether Docker Scout is enabled. To disable Docker Scout (which also suppresses the warning message about installing Docker Scout), set this option to `false`: ```bash surfactant config docker.enable_docker_scout false diff --git a/docs/settings.md b/docs/settings.md index bba6b9b3..8bd7aed3 100644 --- a/docs/settings.md +++ b/docs/settings.md @@ -11,6 +11,11 @@ See the [this page](configuration_files.md#settings-configuration-file) for deta - recorded_institution - Name of user's institution. +## docker + +- enable_docker_scout + - Controls whether Docker Scout is enabled. Default is `true`. Docker Scout must be installed on the same system as Surfactant to work. To disable Docker Scout and/or suppress the message about installing Docker Scout, run `surfactant config docker.enable_docker_scout false`. + ## macho > Note: Mach-O file support requires installing Surfactant with the `macho` optional dependencies (e.g. `pipx install surfactant[macho]`).