github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/rpm.go (about)

     1  package pkg
     2  
     3  import (
     4  	"sort"
     5  
     6  	"github.com/scylladb/go-set/strset"
     7  
     8  	"github.com/anchore/syft/syft/file"
     9  )
    10  
    11  // RpmDBGlob is the glob pattern used to find RPM DB files. Where:
    12  // - /var/lib/rpm/... is the typical path for most distributions
    13  // - /usr/share/rpm/... is common for rpm-ostree distributions (coreos-like)
    14  // - Packages is the legacy Berkeley db based format
    15  // - Packages.db is the "ndb" format used in SUSE
    16  // - rpmdb.sqlite is the sqlite format used in fedora + derivates
    17  const RpmDBGlob = "**/{var/lib,usr/share,usr/lib/sysimage}/rpm/{Packages,Packages.db,rpmdb.sqlite}"
    18  
    19  // RpmManifestGlob is used in CBL-Mariner distroless images
    20  const RpmManifestGlob = "**/var/lib/rpmmanifest/container-manifest-2"
    21  
    22  var _ FileOwner = (*RpmDBEntry)(nil)
    23  
    24  // RpmArchive represents all captured data from a RPM package archive.
    25  type RpmArchive RpmDBEntry
    26  
    27  // RpmDBEntry represents all captured data from a RPM DB package entry.
    28  type RpmDBEntry struct {
    29  	Name            string          `json:"name"`
    30  	Version         string          `json:"version"`
    31  	Epoch           *int            `json:"epoch"  cyclonedx:"epoch" jsonschema:"nullable"`
    32  	Arch            string          `json:"architecture"`
    33  	Release         string          `json:"release" cyclonedx:"release"`
    34  	SourceRpm       string          `json:"sourceRpm" cyclonedx:"sourceRpm"`
    35  	Size            int             `json:"size" cyclonedx:"size"`
    36  	Vendor          string          `json:"vendor"`
    37  	ModularityLabel *string         `json:"modularityLabel,omitempty"`
    38  	Provides        []string        `json:"provides,omitempty"`
    39  	Requires        []string        `json:"requires,omitempty"`
    40  	Files           []RpmFileRecord `json:"files"`
    41  }
    42  
    43  // RpmFileRecord represents the file metadata for a single file attributed to a RPM package.
    44  type RpmFileRecord struct {
    45  	Path      string      `json:"path"`
    46  	Mode      RpmFileMode `json:"mode"`
    47  	Size      int         `json:"size"`
    48  	Digest    file.Digest `json:"digest"`
    49  	UserName  string      `json:"userName"`
    50  	GroupName string      `json:"groupName"`
    51  	Flags     string      `json:"flags"`
    52  }
    53  
    54  // RpmFileMode is the raw file mode for a single file. This can be interpreted as the linux stat.h mode (see https://pubs.opengroup.org/onlinepubs/007908799/xsh/sysstat.h.html)
    55  type RpmFileMode uint16
    56  
    57  func (m RpmDBEntry) OwnedFiles() (result []string) {
    58  	s := strset.New()
    59  	for _, f := range m.Files {
    60  		if f.Path != "" {
    61  			s.Add(f.Path)
    62  		}
    63  	}
    64  	result = s.List()
    65  	sort.Strings(result)
    66  	return result
    67  }