github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/applier/applier.go (about)

     1  package applier
     2  
     3  import (
     4  	"golang.org/x/xerrors"
     5  
     6  	"github.com/devseccon/trivy/pkg/fanal/analyzer"
     7  	"github.com/devseccon/trivy/pkg/fanal/cache"
     8  	ftypes "github.com/devseccon/trivy/pkg/fanal/types"
     9  )
    10  
    11  // Applier defines operation to scan image layers
    12  type Applier interface {
    13  	ApplyLayers(artifactID string, blobIDs []string) (detail ftypes.ArtifactDetail, err error)
    14  }
    15  
    16  type applier struct {
    17  	cache cache.LocalArtifactCache
    18  }
    19  
    20  func NewApplier(c cache.LocalArtifactCache) Applier {
    21  	return &applier{cache: c}
    22  }
    23  
    24  func (a *applier) ApplyLayers(imageID string, layerKeys []string) (ftypes.ArtifactDetail, error) {
    25  	var layers []ftypes.BlobInfo
    26  	for _, key := range layerKeys {
    27  		blob, _ := a.cache.GetBlob(key) // nolint
    28  		if blob.SchemaVersion == 0 {
    29  			return ftypes.ArtifactDetail{}, xerrors.Errorf("layer cache missing: %s", key)
    30  		}
    31  		layers = append(layers, blob)
    32  	}
    33  
    34  	mergedLayer := ApplyLayers(layers)
    35  
    36  	imageInfo, _ := a.cache.GetArtifact(imageID) // nolint
    37  	mergedLayer.ImageConfig = ftypes.ImageConfigDetail{
    38  		Packages:         imageInfo.HistoryPackages,
    39  		Misconfiguration: imageInfo.Misconfiguration,
    40  		Secret:           imageInfo.Secret,
    41  	}
    42  
    43  	if !mergedLayer.OS.Detected() {
    44  		return mergedLayer, analyzer.ErrUnknownOS // send back package and apps info regardless
    45  	} else if mergedLayer.Packages == nil {
    46  		return mergedLayer, analyzer.ErrNoPkgsDetected // send back package and apps info regardless
    47  	}
    48  
    49  	return mergedLayer, nil
    50  }