From f352f6b66355fe3636c9e4e9f3edd089c551a81c Mon Sep 17 00:00:00 2001 From: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Date: Thu, 9 Jan 2025 18:45:45 +0600 Subject: [PATCH] fix(redhat): check `usr/share/buildinfo/` dir to detect content sets (#8222) --- pkg/fanal/analyzer/buildinfo/content_manifest.go | 8 +++++++- .../analyzer/buildinfo/content_manifest_test.go | 14 ++++++++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/pkg/fanal/analyzer/buildinfo/content_manifest.go b/pkg/fanal/analyzer/buildinfo/content_manifest.go index 7d5372dc7266..ccb4b175a645 100644 --- a/pkg/fanal/analyzer/buildinfo/content_manifest.go +++ b/pkg/fanal/analyzer/buildinfo/content_manifest.go @@ -10,12 +10,18 @@ import ( "github.com/aquasecurity/trivy/pkg/fanal/analyzer" "github.com/aquasecurity/trivy/pkg/fanal/types" + "github.com/aquasecurity/trivy/pkg/set" ) func init() { analyzer.RegisterAnalyzer(&contentManifestAnalyzer{}) } +var contentSetsDirs = set.New[string]( + "root/buildinfo/content_manifests/", + "usr/share/buildinfo/", // for RHCOS +) + const contentManifestAnalyzerVersion = 1 type contentManifest struct { @@ -44,7 +50,7 @@ func (a contentManifestAnalyzer) Analyze(_ context.Context, target analyzer.Anal func (a contentManifestAnalyzer) Required(filePath string, _ os.FileInfo) bool { dir, file := filepath.Split(filepath.ToSlash(filePath)) - if dir != "root/buildinfo/content_manifests/" { + if !contentSetsDirs.Contains(dir) { return false } return filepath.Ext(file) == ".json" diff --git a/pkg/fanal/analyzer/buildinfo/content_manifest_test.go b/pkg/fanal/analyzer/buildinfo/content_manifest_test.go index 61ad8ebde1cb..4ef87bebbeb6 100644 --- a/pkg/fanal/analyzer/buildinfo/content_manifest_test.go +++ b/pkg/fanal/analyzer/buildinfo/content_manifest_test.go @@ -73,12 +73,22 @@ func Test_contentManifestAnalyzer_Required(t *testing.T) { want bool }{ { - name: "happy path", + name: "happy path root dir", filePath: "root/buildinfo/content_manifests/nodejs-12-container-1-66.json", want: true, }, { - name: "sad path", + name: "happy path usr dir", + filePath: "usr/share/buildinfo/nodejs-12-container-1-66.json", + want: true, + }, + { + name: "sad path wrong dir", + filePath: "foo/bar/nodejs-12-container-1-66.json", + want: false, + }, + { + name: "sad path wrong extension", filePath: "root/buildinfo/content_manifests/nodejs-12-container-1-66.xml", want: false, },