-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Container Scanning: Adds Os Release Information Parsers #1001
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good to me, but only as someone who hasn't written a parser yet. If you want to get a more nuanced review you might want to ask someone else to take a quick look.
One general question is were you able to test this against an actual /bin/busybox
binary? If you did, can you add the steps to do that in a testing plan.
asum | ||
( map (`Map.lookup` properties) ["ID"] | ||
++ [Just "linux"] -- We should default to linux as last resort per spec! | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, TIL asum
-- >> parseTest propertiesParser "A=B\nC=D" = fromList [(A, B), (C, D)] | ||
-- >> parseTest propertiesParser "A=B\n\nC=D" = fromList [(A, B), (C, D)] | ||
propertiesParser :: Parser (Map.Map Text Text) | ||
propertiesParser = Map.fromList <$> many (lexeme propertyParser) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like these inline comments showing what these functions concretely do!
Co-authored-by: Jessica Black <kit@kitified.dev>
8b1b97f
to
4971539
Compare
Overview
This PR adds Os Release parser as part of container scanning scaffolding works.
Acceptance criteria
Testing plan
I have added unit tests. As native container scanning is not configured E/E it cannot be tested manually yet.
Risks
N/A
References
https://fossa.atlassian.net/browse/ANE-284
Checklist
docs/
.Changelog.md
. If this PR did not mark a release, I added my changes into an# Unreleased
section at the top..fossa.yml
orfossa-deps.{json.yml}
, I updateddocs/references/files/*.schema.json
. You may also need to update these if you have added/removed new dependency type (e.g.pip
) or analysis target type (e.g.poetry
).