github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/detection/peek.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/detection/peek.go (about)

     1  package detection
     2  
     3  import (
     4  	"archive/tar"
     5  	"compress/gzip"
     6  	"errors"
     7  	"io"
     8  	"strings"
     9  )
    10  
    11  func IsHelmChartArchive(path string, file io.Reader) bool {
    12  
    13  	if !IsArchive(path) {
    14  		return false
    15  	}
    16  
    17  	var err error
    18  	var fr = file
    19  
    20  	if IsZip(path) {
    21  		if fr, err = gzip.NewReader(file); err != nil {
    22  			return false
    23  		}
    24  	}
    25  	tr := tar.NewReader(fr)
    26  
    27  	if tr == nil {
    28  		return false
    29  	}
    30  
    31  	for {
    32  		header, err := tr.Next()
    33  		if err != nil {
    34  			if errors.Is(err, io.EOF) {
    35  				break
    36  			}
    37  			return false
    38  		}
    39  
    40  		if header.Typeflag == tar.TypeReg && strings.HasSuffix(header.Name, "Chart.yaml") {
    41  			return true
    42  		}
    43  	}
    44  	return false
    45  }
    46  
    47  func IsArchive(path string) bool {
    48  	return strings.HasSuffix(path, ".tar") || IsZip(path)
    49  }
    50  
    51  func IsZip(path string) bool {
    52  	return strings.HasSuffix(path, ".tgz") || strings.HasSuffix(path, ".tar.gz")
    53  }