From 2881985ae5bb40b13026c3cdd6279b3a2b3faae0 Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Fri, 6 Oct 2023 17:49:42 +0000 Subject: [PATCH 1/6] apiversion Signed-off-by: Sertac Ozercan --- go.mod | 2 ++ go.sum | 2 -- main.go | 9 +++++---- main_test.go | 2 +- types.go | 1 + 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index 3253f3e..06082ff 100644 --- a/go.mod +++ b/go.mod @@ -3,3 +3,5 @@ module github.com/project-copacetic/scanner-parser-template go 1.21 require github.com/project-copacetic/copacetic v0.4.1-0.20231005165324-7be10281f967 + +replace github.com/project-copacetic/copacetic => ../copacetic diff --git a/go.sum b/go.sum index e0acc41..e69de29 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +0,0 @@ -github.com/project-copacetic/copacetic v0.4.1-0.20231005165324-7be10281f967 h1:nCsHeOSWU3zNsda7tPWe+5Ku9SYCgs5l1O7033KDS0I= -github.com/project-copacetic/copacetic v0.4.1-0.20231005165324-7be10281f967/go.mod h1:4wRPxYvBjAQwSwmNa1f5WwugRcuwN8uxeOSd5rK2Qmk= diff --git a/main.go b/main.go index 7f94b16..c98e9e3 100644 --- a/main.go +++ b/main.go @@ -5,7 +5,7 @@ import ( "fmt" "os" - "github.com/project-copacetic/copacetic/pkg/types" + v1alpha1 "github.com/project-copacetic/copacetic/pkg/types/v1alpha1" ) type FakeParser struct{} @@ -29,7 +29,7 @@ func NewFakeParser() *FakeParser { return &FakeParser{} } -func (k *FakeParser) Parse(file string) (*types.UpdateManifest, error) { +func (k *FakeParser) Parse(file string) (*v1alpha1.UpdateManifest, error) { // Parse the fake report report, err := parseFakeReport(file) if err != nil { @@ -37,7 +37,8 @@ func (k *FakeParser) Parse(file string) (*types.UpdateManifest, error) { } // Create the standardized report - updates := types.UpdateManifest{ + updates := v1alpha1.UpdateManifest{ + APIVersion: v1alpha1.APIVersion, OSType: report.OSType, OSVersion: report.OSVersion, Arch: report.Arch, @@ -47,7 +48,7 @@ func (k *FakeParser) Parse(file string) (*types.UpdateManifest, error) { for i := range report.Packages { pkgs := &report.Packages[i] if pkgs.FixedVersion != "" { - updates.Updates = append(updates.Updates, types.UpdatePackage{ + updates.Updates = append(updates.Updates, v1alpha1.UpdatePackage{ Name: pkgs.Name, InstalledVersion: pkgs.InstalledVersion, FixedVersion: pkgs.FixedVersion, diff --git a/main_test.go b/main_test.go index 7c89ccf..fe1aeef 100644 --- a/main_test.go +++ b/main_test.go @@ -4,7 +4,7 @@ import ( "reflect" "testing" - "github.com/project-copacetic/copacetic/pkg/types" + types "github.com/project-copacetic/copacetic/pkg/types/v1alpha1" ) func Test_parseFakeReport(t *testing.T) { diff --git a/types.go b/types.go index dcbc02c..b4bcdb0 100644 --- a/types.go +++ b/types.go @@ -1,3 +1,4 @@ +// Type definitions for fake scanner report package main // FakeReport contains OS, Arch, and Package information From 8702f4cb3b720e64638f4e1d922510efe1e87b79 Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Fri, 6 Oct 2023 20:05:15 +0000 Subject: [PATCH 2/6] update readme Signed-off-by: Sertac Ozercan --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4e804b0..7a27d8b 100644 --- a/README.md +++ b/README.md @@ -1 +1,10 @@ -# scanner-parser-template \ No newline at end of file +# Copacetic Scanner Plugin Template + +This is a template repo for creating a scanner plugin for [Copacetic](https://github.com/project-copacetic/copacetic). + +## Development + +1. Clone this repo +2. Rename the `scanner-plugin-template` directory to the name of your plugin +3. Update applicable types for `FakeReport` to match your plugin's report +4. Update the `README.md` to match your plugin's usage From 64f9e62e02aaa1f183ccb6c6018b8be70aed592f Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Fri, 6 Oct 2023 20:25:17 +0000 Subject: [PATCH 3/6] add example usage Signed-off-by: Sertac Ozercan --- README.md | 32 ++++++++++++++++++++++++++++---- main.go | 8 ++++---- 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 7a27d8b..014f814 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,34 @@ -# Copacetic Scanner Plugin Template +# 🏭 Copacetic Scanner Plugin Template This is a template repo for creating a scanner plugin for [Copacetic](https://github.com/project-copacetic/copacetic). +Learn more about Copacetic's scanner plugins [here](https://project-copacetic.github.io/copacetic/). + ## Development +These instructions are for developing a new scanner plugin for [Copacetic](https://github.com/project-copacetic/copacetic) from this template. + 1. Clone this repo -2. Rename the `scanner-plugin-template` directory to the name of your plugin -3. Update applicable types for `FakeReport` to match your plugin's report -4. Update the `README.md` to match your plugin's usage +2. Rename the `scanner-plugin-template` repo to the name of your plugin +3. Update applicable types for [`FakeReport`](types.go) to match your scanner's structure +4. Update [`parse`](main.go) to parse your scanner's report format accordingly +5. Update `CLI_BINARY` in the [`Makefile`](Makefile) to match your scanner's CLI binary name (resulting binary must be prefixed with `copa-`) +5. Update this [`README.md`](README.md) to match your plugin's usage + +## Example Usage + +```shell +# assuming $GOPATH/bin or $GOBIN is in $PATH +go install github.com/project-copacetic/scanner-plugin-template@latest + +# rename binary to copa- (e.g. copa-fake) +mv $GOPATH/bin/scanner-plugin-template $GOPATH/bin/copa-fake + +# test plugin with example config +copa-fake testdata/fake_report.json + +export IMAGE="" + +# run copa with the scanner plugin (copa-fake) and the report file +copa patch -i $IMAGE -r testdata/fake_report.json --scanner fake +``` \ No newline at end of file diff --git a/main.go b/main.go index c98e9e3..51d0271 100644 --- a/main.go +++ b/main.go @@ -25,11 +25,11 @@ func parseFakeReport(file string) (*FakeReport, error) { return &fake, nil } -func NewFakeParser() *FakeParser { +func newFakeParser() *FakeParser { return &FakeParser{} } -func (k *FakeParser) Parse(file string) (*v1alpha1.UpdateManifest, error) { +func (k *FakeParser) parse(file string) (*v1alpha1.UpdateManifest, error) { // Parse the fake report report, err := parseFakeReport(file) if err != nil { @@ -66,12 +66,12 @@ func main() { } // Initialize the parser - fakeParser := NewFakeParser() + fakeParser := newFakeParser() // Get the image report from command line imageReport := os.Args[1] - report, err := fakeParser.Parse(imageReport) + report, err := fakeParser.parse(imageReport) if err != nil { fmt.Printf("error parsing report: %v\n", err) os.Exit(1) From 6fb3528315f687780ebf7e84ec8f027e34d234a8 Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Mon, 16 Oct 2023 23:21:37 +0000 Subject: [PATCH 4/6] update Signed-off-by: Sertac Ozercan --- go.mod | 6 ++---- go.sum | 2 ++ main.go | 12 +++++++++--- main_test.go | 26 ++++++++++++++++---------- 4 files changed, 29 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index 06082ff..d9244a1 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,5 @@ -module github.com/project-copacetic/scanner-parser-template +module github.com/project-copacetic/scanner-plugin-template go 1.21 -require github.com/project-copacetic/copacetic v0.4.1-0.20231005165324-7be10281f967 - -replace github.com/project-copacetic/copacetic => ../copacetic +require github.com/project-copacetic/copacetic v0.4.1-0.20231016231822-4eacf060c778 diff --git a/go.sum b/go.sum index e69de29..657180a 100644 --- a/go.sum +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/project-copacetic/copacetic v0.4.1-0.20231016231822-4eacf060c778 h1:uxqQOhD3oJPwSR/dhsdtrfkoq9NsU7YxCYPyROns1YQ= +github.com/project-copacetic/copacetic v0.4.1-0.20231016231822-4eacf060c778/go.mod h1:MD59QnO9VkVAZKgVZt4aXtz+CvVQIxEt5s8l67YPim8= diff --git a/main.go b/main.go index 51d0271..173da4a 100644 --- a/main.go +++ b/main.go @@ -39,9 +39,15 @@ func (k *FakeParser) parse(file string) (*v1alpha1.UpdateManifest, error) { // Create the standardized report updates := v1alpha1.UpdateManifest{ APIVersion: v1alpha1.APIVersion, - OSType: report.OSType, - OSVersion: report.OSVersion, - Arch: report.Arch, + Metadata: v1alpha1.Metadata{ + OS: v1alpha1.OS{ + Type: report.OSType, + Version: report.OSVersion, + }, + Config: v1alpha1.Config{ + Arch: report.Arch, + }, + }, } // Convert the fake report to the standardized report diff --git a/main_test.go b/main_test.go index fe1aeef..f99f633 100644 --- a/main_test.go +++ b/main_test.go @@ -4,7 +4,7 @@ import ( "reflect" "testing" - types "github.com/project-copacetic/copacetic/pkg/types/v1alpha1" + v1alpha1 "github.com/project-copacetic/copacetic/pkg/types/v1alpha1" ) func Test_parseFakeReport(t *testing.T) { @@ -86,8 +86,8 @@ func TestNewFakeParser(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - if got := NewFakeParser(); !reflect.DeepEqual(got, tt.want) { - t.Errorf("NewFakeParser() = %v, want %v", got, tt.want) + if got := newFakeParser(); !reflect.DeepEqual(got, tt.want) { + t.Errorf("newFakeParser() = %v, want %v", got, tt.want) } }) } @@ -101,18 +101,24 @@ func TestFakeParser_Parse(t *testing.T) { name string k *FakeParser args args - want *types.UpdateManifest + want *v1alpha1.UpdateManifest wantErr bool }{ { name: "valid report", k: &FakeParser{}, args: args{file: "testdata/fake_report.json"}, - want: &types.UpdateManifest{ - OSType: "FakeOS", - OSVersion: "42", - Arch: "amd64", - Updates: []types.UpdatePackage{ + want: &v1alpha1.UpdateManifest{ + Metadata: v1alpha1.Metadata{ + OS: v1alpha1.OS{ + Type: "FakeOS", + Version: "42", + }, + Config: v1alpha1.Config{ + Arch: "amd64", + }, + }, + Updates: []v1alpha1.UpdatePackage{ { Name: "foo", InstalledVersion: "1.0.0", @@ -146,7 +152,7 @@ func TestFakeParser_Parse(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := tt.k.Parse(tt.args.file) + got, err := tt.k.parse(tt.args.file) if (err != nil) != tt.wantErr { t.Errorf("FakeParser.Parse() error = %v, wantErr %v", err, tt.wantErr) return From eb996c34711a2e82fffa25de977ad607a11ca56e Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Mon, 16 Oct 2023 23:26:43 +0000 Subject: [PATCH 5/6] update readme Signed-off-by: Sertac Ozercan --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 014f814..ea66c3f 100644 --- a/README.md +++ b/README.md @@ -26,9 +26,11 @@ mv $GOPATH/bin/scanner-plugin-template $GOPATH/bin/copa-fake # test plugin with example config copa-fake testdata/fake_report.json - -export IMAGE="" +# this will print the report in JSON format +# {"apiVersion":"v1alpha1","metadata":{"os":{"type":"FakeOS","version":"42"},"config":{"arch":"amd64"}},"updates":[{"name":"foo","installedVersion":"1.0.0","fixedVersion":"1.0.1","vulnerabilityID":"VULN001"},{"name":"bar","installedVersion":"2.0.0","fixedVersion":"2.0.1","vulnerabilityID":"VULN002"}]} # run copa with the scanner plugin (copa-fake) and the report file copa patch -i $IMAGE -r testdata/fake_report.json --scanner fake +# this is for illustration purposes only +# it will fail with "Error: unsupported osType FakeOS specified" ``` \ No newline at end of file From 9ddb9448e9ddc3dd76295175f1308c2620a1ac9f Mon Sep 17 00:00:00 2001 From: Sertac Ozercan Date: Tue, 17 Oct 2023 00:07:07 +0000 Subject: [PATCH 6/6] update test Signed-off-by: Sertac Ozercan --- main_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/main_test.go b/main_test.go index f99f633..5cb75e5 100644 --- a/main_test.go +++ b/main_test.go @@ -87,7 +87,7 @@ func TestNewFakeParser(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { if got := newFakeParser(); !reflect.DeepEqual(got, tt.want) { - t.Errorf("newFakeParser() = %v, want %v", got, tt.want) + t.Errorf("NewFakeParser() = %v, want %v", got, tt.want) } }) } @@ -109,6 +109,7 @@ func TestFakeParser_Parse(t *testing.T) { k: &FakeParser{}, args: args{file: "testdata/fake_report.json"}, want: &v1alpha1.UpdateManifest{ + APIVersion: v1alpha1.APIVersion, Metadata: v1alpha1.Metadata{ OS: v1alpha1.OS{ Type: "FakeOS",