Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container Scanning: Docker Exported Tarball (1/2) #1011

Merged
merged 7 commits into from
Aug 9, 2022
Merged

Container Scanning: Docker Exported Tarball (1/2) #1011

merged 7 commits into from
Aug 9, 2022

Conversation

meghfossa
Copy link
Contributor

@meghfossa meghfossa commented Aug 8, 2022
edited
Loading

Overview

This PR adds the ability to analyze exported docker tarball files.

Acceptance criteria

  • When running --experiemental-scanner --output works for docker exported tarball
  • When running --experiemental-scanner throws an error (since this requires CORE changes to be merged upstream)

Testing plan

docker save redis:alpine > redis.tar
fossa-dev container analyze redis.tar --experimental-scanner -o
fossa-dev container analyze redis.tar --experimental-scanner -o --debug # see the debug logs

Risks

None

References

https://fossa.atlassian.net/browse/ANE-276

Checklist

  • I added tests for this PR's change (or explained in the PR description why tests don't make sense).
  • If this PR introduced a user-visible change, I added documentation into docs/.
  • If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an # Unreleased section at the top.
  • If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).

@meghfossa meghfossa changed the title Feat/exported docker tarball sourc Container Scanning: Docker Exported Tarball (1/2) Aug 8, 2022
@meghfossa meghfossa marked this pull request as ready for review August 8, 2022 22:16
@meghfossa meghfossa requested a review from a team as a code owner August 8, 2022 22:16
@meghfossa meghfossa requested a review from jssblck August 8, 2022 22:16
jssblck
jssblck approved these changes Aug 9, 2022
View reviewed changes
src/App/Fossa/Container/Sources/DockerTarball.hs Show resolved Hide resolved
src/Container/Docker/Manifest.hs Outdated Show resolved Hide resolved
@meghfossa meghfossa enabled auto-merge (squash) August 9, 2022 12:00
@meghfossa meghfossa merged commit fc517bd into master Aug 9, 2022
@meghfossa meghfossa deleted the feat/exported-docker-tarball-sourc branch August 9, 2022 12:29
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jssblck jssblck jssblck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@meghfossa @jssblck