Skip to content

Commit

Permalink
fix(server): add licenses to BlobInfo message (#5382)
Browse files Browse the repository at this point in the history
  • Loading branch information
nikpivkin authored Nov 2, 2023
1 parent 9a6e125 commit 520830b
Show file tree
Hide file tree
Showing 8 changed files with 2,796 additions and 331 deletions.
1,912 changes: 1,854 additions & 58 deletions integration/testdata/fluentd-multiple-lockfiles.cdx.json.golden

Large diffs are not rendered by default.

121 changes: 107 additions & 14 deletions pkg/rpc/convert.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package rpc

import (
"strings"
"time"

"github.com/samber/lo"
Expand All @@ -18,6 +17,35 @@ import (
"github.com/aquasecurity/trivy/rpc/scanner"
)

var LicenseCategoryMap = map[common.LicenseCategory_Enum]ftypes.LicenseCategory{
common.LicenseCategory_UNSPECIFIED: "",
common.LicenseCategory_FORBIDDEN: ftypes.CategoryForbidden,
common.LicenseCategory_RESTRICTED: ftypes.CategoryRestricted,
common.LicenseCategory_RECIPROCAL: ftypes.CategoryReciprocal,
common.LicenseCategory_NOTICE: ftypes.CategoryNotice,
common.LicenseCategory_PERMISSIVE: ftypes.CategoryPermissive,
common.LicenseCategory_UNENCUMBERED: ftypes.CategoryUnencumbered,
common.LicenseCategory_UNKNOWN: ftypes.CategoryUnknown,
}

var LicenseTypeMap = map[common.LicenseType_Enum]ftypes.LicenseType{
common.LicenseType_UNSPECIFIED: "",
common.LicenseType_DPKG: ftypes.LicenseTypeDpkg,
common.LicenseType_HEADER: ftypes.LicenseTypeHeader,
common.LicenseType_LICENSE_FILE: ftypes.LicenseTypeFile,
}

// ByValueOr returns the key from the map of the first matched value,
// or default key if the value is not present.
func ByValueOr[K, V comparable](m map[K]V, val V, d K) K {
for k, v := range m {
if v == val {
return k
}
}
return d
}

// ConvertToRPCPkgs returns the list of RPC package objects
func ConvertToRPCPkgs(pkgs []ftypes.Package) []*common.Package {
var rpcPkgs []*common.Package
Expand Down Expand Up @@ -113,6 +141,37 @@ func ConvertToRPCSecretFindings(findings []ftypes.SecretFinding) []*common.Secre
return rpcFindings
}

func ConvertToRPCLicenseFiles(licenses []ftypes.LicenseFile) []*common.LicenseFile {
var rpcLicenses []*common.LicenseFile

for _, lic := range licenses {
rpcLicenses = append(rpcLicenses, &common.LicenseFile{
LicenseType: ConvertToRPCLicenseType(lic.Type),
FilePath: lic.FilePath,
PkgName: lic.PkgName,
Fingings: ConvertToRPCLicenseFindings(lic.Findings),
Layer: ConvertToRPCLayer(lic.Layer),
})
}

return rpcLicenses
}

func ConvertToRPCLicenseFindings(findings ftypes.LicenseFindings) []*common.LicenseFinding {
var rpcFindings []*common.LicenseFinding

for _, f := range findings {
rpcFindings = append(rpcFindings, &common.LicenseFinding{
Category: ConvertToRPCLicenseCategory(f.Category),
Name: f.Name,
Confidence: float32(f.Confidence),
Link: f.Link,
})
}

return rpcFindings
}

// ConvertFromRPCPkgs returns list of Fanal package objects
func ConvertFromRPCPkgs(rpcPkgs []*common.Package) []ftypes.Package {
var pkgs []ftypes.Package
Expand Down Expand Up @@ -296,13 +355,13 @@ func ConvertFromRPCResults(rpcResults []*scanner.Result) []types.Result {
Packages: ConvertFromRPCPkgs(result.Packages),
CustomResources: ConvertFromRPCCustomResources(result.CustomResources),
Secrets: ConvertFromRPCSecretFindings(result.Secrets),
Licenses: ConvertFromRPCLicenses(result.Licenses),
Licenses: ConvertFromRPCDetectedLicenses(result.Licenses),
})
}
return results
}

func ConvertFromRPCLicenses(rpcLicenses []*common.DetectedLicense) []types.DetectedLicense {
func ConvertFromRPCDetectedLicenses(rpcLicenses []*common.DetectedLicense) []types.DetectedLicense {
var licenses []types.DetectedLicense
for _, l := range rpcLicenses {
severity := dbTypes.Severity(l.Severity)
Expand All @@ -319,11 +378,12 @@ func ConvertFromRPCLicenses(rpcLicenses []*common.DetectedLicense) []types.Detec
return licenses
}

func ConvertFromRPCLicenseCategory(rpcCategory common.DetectedLicense_LicenseCategory) ftypes.LicenseCategory {
if rpcCategory == common.DetectedLicense_UNSPECIFIED {
return ""
}
return ftypes.LicenseCategory(strings.ToLower(rpcCategory.String()))
func ConvertFromRPCLicenseCategory(rpcCategory common.LicenseCategory_Enum) ftypes.LicenseCategory {
return lo.ValueOr(LicenseCategoryMap, rpcCategory, "")
}

func ConvertFromRPCLicenseType(rpcLicenseType common.LicenseType_Enum) ftypes.LicenseType {
return lo.ValueOr(LicenseTypeMap, rpcLicenseType, "")
}

// ConvertFromRPCCustomResources converts array of cache.CustomResource to fanal.CustomResource
Expand Down Expand Up @@ -395,6 +455,37 @@ func ConvertFromRPCSecrets(recSecrets []*common.Secret) []ftypes.Secret {
return secrets
}

func ConvertFromRPCLicenseFiles(rpcLicenses []*common.LicenseFile) []ftypes.LicenseFile {
var licenses []ftypes.LicenseFile

for _, lic := range rpcLicenses {
licenses = append(licenses, ftypes.LicenseFile{
Type: ConvertFromRPCLicenseType(lic.LicenseType),
FilePath: lic.FilePath,
PkgName: lic.PkgName,
Findings: ConvertFromRPCLicenseFindings(lic.Fingings),
Layer: ConvertFromRPCLayer(lic.Layer),
})
}

return licenses
}

func ConvertFromRPCLicenseFindings(rpcFindings []*common.LicenseFinding) ftypes.LicenseFindings {
var findings ftypes.LicenseFindings

for _, finding := range rpcFindings {
findings = append(findings, ftypes.LicenseFinding{
Category: ConvertFromRPCLicenseCategory(finding.Category),
Name: finding.Name,
Confidence: float64(finding.Confidence),
Link: finding.Link,
})
}

return findings
}

// ConvertFromRPCVulns converts []*common.Vulnerability to []types.DetectedVulnerability
func ConvertFromRPCVulns(rpcVulns []*common.Vulnerability) []types.DetectedVulnerability {
var vulns []types.DetectedVulnerability
Expand Down Expand Up @@ -640,6 +731,7 @@ func ConvertFromRPCPutBlobRequest(req *cache.PutBlobRequest) ftypes.BlobInfo {
WhiteoutFiles: req.BlobInfo.WhiteoutFiles,
CustomResources: ConvertFromRPCCustomResources(req.BlobInfo.CustomResources),
Secrets: ConvertFromRPCSecrets(req.BlobInfo.Secrets),
Licenses: ConvertFromRPCLicenseFiles(req.BlobInfo.Licenses),
}
}

Expand Down Expand Up @@ -750,6 +842,7 @@ func ConvertToRPCPutBlobRequest(diffID string, blobInfo ftypes.BlobInfo) *cache.
WhiteoutFiles: blobInfo.WhiteoutFiles,
CustomResources: customResources,
Secrets: ConvertToRPCSecrets(blobInfo.Secrets),
Licenses: ConvertToRPCLicenseFiles(blobInfo.Licenses),
},
}
}
Expand Down Expand Up @@ -820,12 +913,12 @@ func ConvertToRPCLicenses(licenses []types.DetectedLicense) []*common.DetectedLi
return rpcLicenses
}

func ConvertToRPCLicenseCategory(category ftypes.LicenseCategory) common.DetectedLicense_LicenseCategory {
rpcCategory, ok := common.DetectedLicense_LicenseCategory_value[strings.ToUpper(string(category))]
if !ok {
return common.DetectedLicense_UNSPECIFIED
}
return common.DetectedLicense_LicenseCategory(rpcCategory)
func ConvertToRPCLicenseCategory(category ftypes.LicenseCategory) common.LicenseCategory_Enum {
return ByValueOr(LicenseCategoryMap, category, common.LicenseCategory_UNSPECIFIED)
}

func ConvertToRPCLicenseType(ty ftypes.LicenseType) common.LicenseType_Enum {
return ByValueOr(LicenseTypeMap, ty, common.LicenseType_UNSPECIFIED)
}

func ConvertToDeleteBlobsRequest(blobIDs []string) *cache.DeleteBlobsRequest {
Expand Down
Loading

0 comments on commit 520830b

Please sign in to comment.