diff --git a/cli/go.mod b/cli/go.mod index 6d714930f..450f8b29d 100644 --- a/cli/go.mod +++ b/cli/go.mod @@ -52,7 +52,7 @@ require ( github.com/Microsoft/go-winio v0.6.2 // indirect github.com/Microsoft/hcsshim v0.12.3 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 // indirect + github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 // indirect github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acobaugh/osrelease v0.1.0 // indirect diff --git a/cli/go.sum b/cli/go.sum index 89d9e7472..5b9774ea3 100644 --- a/cli/go.sum +++ b/cli/go.sum @@ -262,8 +262,8 @@ github.com/Microsoft/hcsshim v0.12.3/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 h1:d8TjnmUvMG8up/q+oVxanmAMqj+stbZEChx8FHXA9R8= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 h1:VbPjdBPXkQAW5gMmBPrslfmmppc7nrsq5hnoBo+fUuE= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk= diff --git a/e2e/go.mod b/e2e/go.mod index bb5a69a08..7f592359f 100644 --- a/e2e/go.mod +++ b/e2e/go.mod @@ -61,7 +61,7 @@ require ( github.com/Microsoft/go-winio v0.6.2 // indirect github.com/Microsoft/hcsshim v0.12.3 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 // indirect + github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 // indirect github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect diff --git a/e2e/go.sum b/e2e/go.sum index 72285c3d4..f8e13653a 100644 --- a/e2e/go.sum +++ b/e2e/go.sum @@ -284,8 +284,8 @@ github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDe github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 h1:d8TjnmUvMG8up/q+oVxanmAMqj+stbZEChx8FHXA9R8= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 h1:VbPjdBPXkQAW5gMmBPrslfmmppc7nrsq5hnoBo+fUuE= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk= diff --git a/orchestrator/go.mod b/orchestrator/go.mod index 69cadcd21..7b5fd9e8d 100644 --- a/orchestrator/go.mod +++ b/orchestrator/go.mod @@ -63,7 +63,7 @@ require ( github.com/Microsoft/go-winio v0.6.2 // indirect github.com/Microsoft/hcsshim v0.12.3 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 // indirect + github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 // indirect github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acobaugh/osrelease v0.1.0 // indirect diff --git a/orchestrator/go.sum b/orchestrator/go.sum index 67c9f0022..249a66b4e 100644 --- a/orchestrator/go.sum +++ b/orchestrator/go.sum @@ -283,8 +283,8 @@ github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb0 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 h1:d8TjnmUvMG8up/q+oVxanmAMqj+stbZEChx8FHXA9R8= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 h1:VbPjdBPXkQAW5gMmBPrslfmmppc7nrsq5hnoBo+fUuE= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= github.com/Portshift/go-utils v0.0.0-20220421083203-89265d8a6487 h1:CD9mOTUMX6f33pRJoYUDyI+IDnCWWhwBBoXqxGMrAaQ= github.com/Portshift/go-utils v0.0.0-20220421083203-89265d8a6487/go.mod h1:w2CFHePN1v+p2v/NSpe7aK+cFu0E2+9MrQ3CgB6vydk= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= diff --git a/plugins/runner/cmd/main.go b/plugins/runner/cmd/main.go index 12e0c78e2..56a481c71 100644 --- a/plugins/runner/cmd/main.go +++ b/plugins/runner/cmd/main.go @@ -32,7 +32,7 @@ func main() { // Create plugin runner fmt.Printf("Starting plugin runner\n") config := LoadConfig() - runner, err := runner.New(config) + runner, err := runner.New(ctx, config) if err != nil { fmt.Println(err) return diff --git a/plugins/runner/internal/containermanager/docker/manager.go b/plugins/runner/internal/containermanager/docker/manager.go index 8c605adcf..9ae03b755 100644 --- a/plugins/runner/internal/containermanager/docker/manager.go +++ b/plugins/runner/internal/containermanager/docker/manager.go @@ -61,7 +61,7 @@ type containerManager struct { runningErr atomic.Pointer[error] } -func New(config types.PluginConfig) (containermanager.PluginContainerManager, error) { +func New(ctx context.Context, config types.PluginConfig) (containermanager.PluginContainerManager, error) { // Load docker client client, err := newDockerClient() if err != nil { diff --git a/plugins/runner/runner.go b/plugins/runner/runner.go index 94232ffb5..3303209ce 100644 --- a/plugins/runner/runner.go +++ b/plugins/runner/runner.go @@ -39,10 +39,10 @@ type pluginRunner struct { client runnerclient.ClientWithResponsesInterface } -func New(config types.PluginConfig) (types.PluginRunner, error) { +func New(ctx context.Context, config types.PluginConfig) (types.PluginRunner, error) { // Create docker container // TODO: switch to factory once the support for more container engines is added - manager, err := docker.New(config) + manager, err := docker.New(ctx, config) if err != nil { return nil, fmt.Errorf("failed to create plugin manager: %w", err) } diff --git a/provider/go.mod b/provider/go.mod index a490ae7e1..28d6c3d12 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -72,7 +72,7 @@ require ( github.com/Microsoft/go-winio v0.6.2 // indirect github.com/Microsoft/hcsshim v0.12.3 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 // indirect + github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 // indirect github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acobaugh/osrelease v0.1.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index 311643879..c98e9d1f8 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -280,8 +280,8 @@ github.com/Microsoft/hcsshim v0.12.3/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 h1:d8TjnmUvMG8up/q+oVxanmAMqj+stbZEChx8FHXA9R8= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 h1:VbPjdBPXkQAW5gMmBPrslfmmppc7nrsq5hnoBo+fUuE= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk= diff --git a/scanner/analyzer/syft/syft.go b/scanner/analyzer/syft/syft.go index b4e093e57..f85e3c060 100644 --- a/scanner/analyzer/syft/syft.go +++ b/scanner/analyzer/syft/syft.go @@ -56,14 +56,14 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } } -func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { +func (a *Analyzer) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { src := utils.CreateSource(sourceType, a.localImage) a.logger.Infof("Called %s analyzer on source %s", a.name, src) // TODO platform can be defined // https://github.com/anchore/syft/blob/b20310eaf847c259beb4fe5128c842bd8aa4d4fc/cmd/syft/cli/options/packages.go#L48 source, err := syft.GetSource( - context.Background(), + ctx, userInput, syft.DefaultGetSourceConfig().WithSources(src).WithRegistryOptions(a.config.RegistryOptions), ) @@ -71,13 +71,13 @@ func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { return fmt.Errorf("failed to create source analyzer=%s: %w", a.name, err) } - go func() { + go func(ctx context.Context) { res := &analyzer.Results{} sbomConfig := syft.DefaultCreateSBOMConfig(). WithSearchConfig(cataloging.DefaultSearchConfig().WithScope(a.config.Scope)) - sbom, err := syft.CreateSBOM(context.TODO(), source, sbomConfig) + sbom, err := syft.CreateSBOM(ctx, source, sbomConfig) if err != nil { a.setError(res, fmt.Errorf("failed to write results: %w", err)) return @@ -110,7 +110,7 @@ func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { a.logger.Infof("Sending successful results") a.resultChan <- res - }() + }(ctx) return nil } diff --git a/scanner/analyzer/trivy/trivy.go b/scanner/analyzer/trivy/trivy.go index 454982c2a..56cc16407 100644 --- a/scanner/analyzer/trivy/trivy.go +++ b/scanner/analyzer/trivy/trivy.go @@ -62,7 +62,7 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } // nolint:cyclop -func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { +func (a *Analyzer) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { a.logger.Infof("Called %s analyzer on source %v %v", a.name, sourceType, userInput) tempFile, err := os.CreateTemp(a.config.TempDir, "trivy.sbom.*.json") @@ -75,7 +75,7 @@ func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { return fmt.Errorf("unable to get db options: %w", err) } - go func() { + go func(ctx context.Context) { defer os.Remove(tempFile.Name()) res := &analyzer.Results{} @@ -139,7 +139,7 @@ func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { // Ensure we're configured for private registry if required trivyOptions = trivy.SetTrivyRegistryConfigs(a.config.Registry, trivyOptions) - err = artifact.Run(context.TODO(), trivyOptions, trivySourceType) + err = artifact.Run(ctx, trivyOptions, trivySourceType) if err != nil { a.setError(res, fmt.Errorf("failed to generate SBOM: %w", err)) return @@ -182,7 +182,7 @@ func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { a.logger.Infof("Sending successful results") a.resultChan <- res - }() + }(ctx) return nil } diff --git a/scanner/analyzer/windows/windows.go b/scanner/analyzer/windows/windows.go index 4dc428dff..0852aa430 100644 --- a/scanner/analyzer/windows/windows.go +++ b/scanner/analyzer/windows/windows.go @@ -16,6 +16,7 @@ package windows import ( + "context" "fmt" log "github.com/sirupsen/logrus" @@ -42,7 +43,7 @@ func New(_ string, _ job_manager.IsConfig, logger *log.Entry, resultChan chan jo } // nolint:cyclop -func (a *Analyzer) Run(sourceType utils.SourceType, userInput string) error { +func (a *Analyzer) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { a.logger.Infof("Called %s analyzer on source %v %v", a.name, sourceType, userInput) go func() { diff --git a/scanner/families/exploits/exploitdb/exploitdb.go b/scanner/families/exploits/exploitdb/exploitdb.go index 41ead2991..488c59846 100644 --- a/scanner/families/exploits/exploitdb/exploitdb.go +++ b/scanner/families/exploits/exploitdb/exploitdb.go @@ -16,6 +16,7 @@ package exploitdb import ( + "context" "fmt" log "github.com/sirupsen/logrus" @@ -45,8 +46,8 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } } -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := common.Results{ ScannedInput: userInput, ScannerName: ScannerName, @@ -63,7 +64,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { } // get exploits (get request to exploit db) - exploits, err := a.getExploitsFromCVEIDs(cveIDs) + exploits, err := a.getExploitsFromCVEIDs(ctx, cveIDs) if err != nil { a.sendResults(retResults, fmt.Errorf("failed to get exploits from cve ids: %w", err)) return @@ -71,7 +72,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Exploits = exploits a.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/exploits/exploitdb/utils.go b/scanner/families/exploits/exploitdb/utils.go index 5bde46203..d48a4573b 100644 --- a/scanner/families/exploits/exploitdb/utils.go +++ b/scanner/families/exploits/exploitdb/utils.go @@ -67,13 +67,13 @@ func stringToArray(str string) []string { return cveIDs } -func (a *Scanner) getExploitsFromCVEIDs(cveIDs []string) ([]common.Exploit, error) { +func (a *Scanner) getExploitsFromCVEIDs(ctx context.Context, cveIDs []string) ([]common.Exploit, error) { var ret []common.Exploit prefix, err := url.JoinPath(a.config.BaseURL, "cves") if err != nil { return nil, fmt.Errorf("failed to join URLPath: %w", err) } - responses, err := getExploitsViaHTTP(cveIDs, prefix) + responses, err := getExploitsViaHTTP(ctx, cveIDs, prefix) if err != nil { return nil, fmt.Errorf("failed to get exploits via HTTP: %w", err) } @@ -102,7 +102,7 @@ const ( taskTimeoutSec = 30 ) -func getExploitsViaHTTP(cveIDs []string, urlPrefix string) ([]exploitResponse, error) { +func getExploitsViaHTTP(ctx context.Context, cveIDs []string, urlPrefix string) ([]exploitResponse, error) { var responses []exploitResponse numCVEs := len(cveIDs) @@ -127,7 +127,7 @@ func getExploitsViaHTTP(cveIDs []string, urlPrefix string) ([]exploitResponse, e return } log.Debugf("HTTP Request to %s", URL) - httpGetExploit(URL, req, resChan, errChan) + httpGetExploit(ctx, URL, req, resChan, errChan) } } @@ -150,13 +150,13 @@ func getExploitsViaHTTP(cveIDs []string, urlPrefix string) ([]exploitResponse, e return responses, nil } -func httpGetExploit(url string, req exploitRequest, resChan chan<- exploitResponse, errChan chan<- error) { +func httpGetExploit(ctx context.Context, url string, req exploitRequest, resChan chan<- exploitResponse, errChan chan<- error) { var body string var resp *http.Response var maxRetries uint64 = 3 requestFn := func() error { - ctx, cancel := context.WithTimeout(context.Background(), taskTimeoutSec*time.Second) + ctx, cancel := context.WithTimeout(ctx, taskTimeoutSec*time.Second) defer cancel() r, err := http.NewRequest(http.MethodGet, url, nil) diff --git a/scanner/families/exploits/family.go b/scanner/families/exploits/family.go index 5bcf0ede0..686ace2f2 100644 --- a/scanner/families/exploits/family.go +++ b/scanner/families/exploits/family.go @@ -64,7 +64,7 @@ func (e Exploits) Run(ctx context.Context, res *results.Results) (interfaces.IsR var exploitsResults Results for _, input := range e.conf.Inputs { startTime := time.Now() - managerResults, err := manager.Run(utils.SourceType(input.InputType), input.Input) + managerResults, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for exploits: %w", input.Input, err) } diff --git a/scanner/families/infofinder/family.go b/scanner/families/infofinder/family.go index 4fe2616af..f91a6f2ba 100644 --- a/scanner/families/infofinder/family.go +++ b/scanner/families/infofinder/family.go @@ -44,7 +44,7 @@ func (i InfoFinder) Run(ctx context.Context, _ *results.Results) (interfaces.IsR manager := job_manager.New(i.conf.ScannersList, i.conf.ScannersConfig, logger, job.Factory) for _, input := range i.conf.Inputs { startTime := time.Now() - managerResults, err := manager.Run(utils.SourceType(input.InputType), input.Input) + managerResults, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for info: %w", input.Input, err) } diff --git a/scanner/families/infofinder/sshtopology/scanner.go b/scanner/families/infofinder/sshtopology/scanner.go index 28b2455d8..0cd3fd126 100644 --- a/scanner/families/infofinder/sshtopology/scanner.go +++ b/scanner/families/infofinder/sshtopology/scanner.go @@ -55,8 +55,8 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } // nolint:cyclop,gocognit -func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (s *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { s.logger.Debugf("Running with input=%v and source type=%v", userInput, sourceType) retResults := types.ScannerResult{ ScannerName: ScannerName, @@ -69,7 +69,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { return } - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { s.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -163,7 +163,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { } s.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/malware/clam/clam.go b/scanner/families/malware/clam/clam.go index 89d62e177..2f77552d3 100644 --- a/scanner/families/malware/clam/clam.go +++ b/scanner/families/malware/clam/clam.go @@ -48,8 +48,8 @@ type Scanner struct { } // nolint: cyclop -func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (s *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := common.Results{ Source: userInput, ScannerName: ScannerName, @@ -107,7 +107,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { } s.logger.Infof("freshclam has finished running: %s", string(freshclamOut)) - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { s.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -157,7 +157,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Summary = summary s.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/malware/family.go b/scanner/families/malware/family.go index 46cfd3e55..5cfc92f94 100644 --- a/scanner/families/malware/family.go +++ b/scanner/families/malware/family.go @@ -44,7 +44,7 @@ func (m Malware) Run(ctx context.Context, _ *results.Results) (interfaces.IsResu for _, input := range m.conf.Inputs { startTime := time.Now() - resultArr, err := manager.Run(utils.SourceType(input.InputType), input.Input) + resultArr, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for malware: %w", input.Input, err) } diff --git a/scanner/families/malware/yara/yara.go b/scanner/families/malware/yara/yara.go index e5009c9cc..9ffa32255 100644 --- a/scanner/families/malware/yara/yara.go +++ b/scanner/families/malware/yara/yara.go @@ -55,8 +55,8 @@ type Scanner struct { } // nolint: gocognit,cyclop -func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (s *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := common.Results{ Source: userInput, ScannerName: ScannerName, @@ -83,7 +83,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { s.logger.Debugf("Yara rules URL: %s", s.config.CompiledRuleURL) s.logger.Debugf("Yara rules file path: %s", s.compiledRuleFile) - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { s.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -164,7 +164,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Summary = &common.ScanSummary{} s.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/misconfiguration/cisdocker/scanner.go b/scanner/families/misconfiguration/cisdocker/scanner.go index 166723f0c..06d5a275a 100644 --- a/scanner/families/misconfiguration/cisdocker/scanner.go +++ b/scanner/families/misconfiguration/cisdocker/scanner.go @@ -16,6 +16,7 @@ package cisdocker import ( + "context" "fmt" dockle_run "github.com/Portshift/dockle/pkg" @@ -47,8 +48,8 @@ func New(_ string, c job_manager.IsConfig, logger *logrus.Entry, resultChan chan } } -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := types.ScannerResult{ ScannerName: ScannerName, } @@ -61,7 +62,11 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { } a.logger.Infof("Running %s scan...", a.name) - assessmentMap, err := dockle_run.RunFromConfig(createDockleConfig(a.logger, sourceType, userInput, a.config)) + config := createDockleConfig(a.logger, sourceType, userInput, a.config) + ctx, cancel := context.WithTimeout(ctx, config.Timeout) + defer cancel() + + assessmentMap, err := dockle_run.RunWithContext(ctx, config) if err != nil { a.sendResults(retResults, fmt.Errorf("failed to run %s scan: %w", a.name, err)) return @@ -72,7 +77,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Misconfigurations = parseDockleReport(sourceType, userInput, assessmentMap) a.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/misconfiguration/fake/scanner.go b/scanner/families/misconfiguration/fake/scanner.go index 7b8b35c1b..0bcf7529e 100644 --- a/scanner/families/misconfiguration/fake/scanner.go +++ b/scanner/families/misconfiguration/fake/scanner.go @@ -16,6 +16,8 @@ package fake import ( + "context" + log "github.com/sirupsen/logrus" misconfigurationTypes "github.com/openclarity/vmclarity/scanner/families/misconfiguration/types" @@ -39,7 +41,7 @@ func New(_ string, _ job_manager.IsConfig, logger *log.Entry, resultChan chan jo } } -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { go func() { retResults := misconfigurationTypes.ScannerResult{ ScannerName: ScannerName, diff --git a/scanner/families/misconfiguration/family.go b/scanner/families/misconfiguration/family.go index 75402e703..16a015475 100644 --- a/scanner/families/misconfiguration/family.go +++ b/scanner/families/misconfiguration/family.go @@ -44,7 +44,7 @@ func (m Misconfiguration) Run(ctx context.Context, _ *results.Results) (interfac manager := job_manager.New(m.conf.ScannersList, m.conf.ScannersConfig, logger, job.Factory) for _, input := range m.conf.Inputs { startTime := time.Now() - managerResults, err := manager.Run(utils.SourceType(input.InputType), input.Input) + managerResults, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for misconfigurations: %w", input.Input, err) } diff --git a/scanner/families/misconfiguration/lynis/scanner.go b/scanner/families/misconfiguration/lynis/scanner.go index dd5408749..fc1ca55b5 100644 --- a/scanner/families/misconfiguration/lynis/scanner.go +++ b/scanner/families/misconfiguration/lynis/scanner.go @@ -55,8 +55,8 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } // nolint: cyclop -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := types.ScannerResult{ ScannerName: ScannerName, } @@ -94,7 +94,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { reportPath := path.Join(reportDir, "lynis.dat") - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { a.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -151,7 +151,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { } a.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/plugins/family.go b/scanner/families/plugins/family.go index e61956b47..d2ed85da4 100644 --- a/scanner/families/plugins/family.go +++ b/scanner/families/plugins/family.go @@ -53,7 +53,7 @@ func (p *Plugins) Run(ctx context.Context, res *results.Results) (interfaces.IsR var pluginsResults Results for _, input := range p.conf.Inputs { startTime := time.Now() - managerResults, err := manager.Run(utils.SourceType(input.InputType), input.Input) + managerResults, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for plugins: %w", input.Input, err) } diff --git a/scanner/families/plugins/runner/runner.go b/scanner/families/plugins/runner/runner.go index abe179014..2c6bb11a1 100644 --- a/scanner/families/plugins/runner/runner.go +++ b/scanner/families/plugins/runner/runner.go @@ -52,9 +52,9 @@ func New(name string, c job_manager.IsConfig, logger *logrus.Entry, resultChan c } } -func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { - ctx, cancel := context.WithCancel(context.Background()) +func (s *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { + ctx, cancel := context.WithCancel(ctx) defer cancel() retResults := common.Results{ @@ -68,7 +68,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { return } - rr, err := runner.New(types.PluginConfig{ + rr, err := runner.New(ctx, types.PluginConfig{ Name: s.name, ImageName: s.config.ImageName, InputDir: userInput, @@ -79,13 +79,13 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { return } defer func() { - if err := rr.Stop(context.Background()); err != nil { + if err := rr.Stop(ctx); err != nil { s.logger.WithError(err).Errorf("failed to stop runner") } // TODO: add short wait before removing to respect container shutdown procedure - if err := rr.Remove(context.Background()); err != nil { + if err := rr.Remove(ctx); err != nil { s.logger.WithError(err).Errorf("failed to remove runner") } }() //nolint:errcheck @@ -146,7 +146,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Findings = findings retResults.Output = pluginResult s.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/rootkits/chkrootkit/chkrootkit.go b/scanner/families/rootkits/chkrootkit/chkrootkit.go index 4c6802873..6a5e6b193 100644 --- a/scanner/families/rootkits/chkrootkit/chkrootkit.go +++ b/scanner/families/rootkits/chkrootkit/chkrootkit.go @@ -42,8 +42,8 @@ type Scanner struct { resultChan chan job_manager.Result } -func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (s *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := common.Results{ ScannedInput: userInput, ScannerName: ScannerName, @@ -67,7 +67,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { } s.logger.Debugf("found chkrootkit binary at: %s", chkrootkitBinaryPath) - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { s.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -98,7 +98,7 @@ func (s *Scanner) Run(sourceType utils.SourceType, userInput string) error { retResults.Rootkits = toResultsRootkits(rootkits) s.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/rootkits/family.go b/scanner/families/rootkits/family.go index ba8d3703a..65a79d8d9 100644 --- a/scanner/families/rootkits/family.go +++ b/scanner/families/rootkits/family.go @@ -45,7 +45,7 @@ func (r Rootkits) Run(ctx context.Context, _ *familiesresults.Results) (families var rootkitsResults Results for _, input := range r.conf.Inputs { startTime := time.Now() - results, err := manager.Run(utils.SourceType(input.InputType), input.Input) + results, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for rootkits: %w", input.Input, err) } diff --git a/scanner/families/sbom/family.go b/scanner/families/sbom/family.go index ff2faf220..4dc7b2dd1 100644 --- a/scanner/families/sbom/family.go +++ b/scanner/families/sbom/family.go @@ -61,7 +61,7 @@ func (s SBOM) Run(ctx context.Context, _ *familiesresults.Results) (interfaces.I var sbomResults Results for _, input := range s.conf.Inputs { startTime := time.Now() - results, err := manager.Run(utils.SourceType(input.InputType), input.Input) + results, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to analyzer input %q: %w", s.conf.Inputs[0].Input, err) } diff --git a/scanner/families/secrets/family.go b/scanner/families/secrets/family.go index c15a0b327..891614318 100644 --- a/scanner/families/secrets/family.go +++ b/scanner/families/secrets/family.go @@ -45,7 +45,7 @@ func (s Secrets) Run(ctx context.Context, _ *familiesresults.Results) (interface var secretsResults Results for _, input := range s.conf.Inputs { startTime := time.Now() - results, err := manager.Run(utils.SourceType(input.InputType), input.Input) + results, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to scan input %q for secrets: %w", input.Input, err) } diff --git a/scanner/families/secrets/gitleaks/gitleaks.go b/scanner/families/secrets/gitleaks/gitleaks.go index 7c2e9e8d9..ead7a3cda 100644 --- a/scanner/families/secrets/gitleaks/gitleaks.go +++ b/scanner/families/secrets/gitleaks/gitleaks.go @@ -53,8 +53,8 @@ func New(_ string, c job_manager.IsConfig, logger *log.Entry, resultChan chan jo } } -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { - go func() { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { + go func(ctx context.Context) { retResults := common.Results{ Source: userInput, ScannerName: ScannerName, @@ -86,7 +86,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { }() reportPath := file.Name() - fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(context.TODO(), sourceType, userInput) + fsPath, cleanup, err := familiesutils.ConvertInputToFilesystem(ctx, sourceType, userInput) if err != nil { a.sendResults(retResults, fmt.Errorf("failed to convert input to filesystem: %w", err)) return @@ -128,7 +128,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { return } a.sendResults(retResults, nil) - }() + }(ctx) return nil } diff --git a/scanner/families/vulnerabilities/family.go b/scanner/families/vulnerabilities/family.go index 58543d884..060c90147 100644 --- a/scanner/families/vulnerabilities/family.go +++ b/scanner/families/vulnerabilities/family.go @@ -83,7 +83,7 @@ func (v Vulnerabilities) Run(ctx context.Context, res *results.Results) (interfa var vulResults Results for _, input := range v.conf.Inputs { startTime := time.Now() - runResults, err := manager.Run(utils.SourceType(input.InputType), input.Input) + runResults, err := manager.Run(ctx, utils.SourceType(input.InputType), input.Input) if err != nil { return nil, fmt.Errorf("failed to run for input %v of type %v: %w", input.Input, input.InputType, err) } diff --git a/scanner/go.mod b/scanner/go.mod index 6a37a89e2..6ce438c75 100644 --- a/scanner/go.mod +++ b/scanner/go.mod @@ -4,7 +4,7 @@ go 1.22.2 require ( github.com/CycloneDX/cyclonedx-go v0.8.0 - github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 + github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 github.com/anchore/clio v0.0.0-20240606161808-779b8d1ce2db github.com/anchore/grype v0.78.0 github.com/anchore/stereoscope v0.0.3-0.20240501181043-2e9894674185 diff --git a/scanner/go.sum b/scanner/go.sum index 01eead83d..4176a8159 100644 --- a/scanner/go.sum +++ b/scanner/go.sum @@ -262,8 +262,8 @@ github.com/Microsoft/hcsshim v0.12.3/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7 h1:d8TjnmUvMG8up/q+oVxanmAMqj+stbZEChx8FHXA9R8= -github.com/Portshift/dockle v0.3.2-0.20240508131533-4f3b165086b7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7 h1:VbPjdBPXkQAW5gMmBPrslfmmppc7nrsq5hnoBo+fUuE= +github.com/Portshift/dockle v0.3.2-0.20240611055957-53ff8586f9c7/go.mod h1:FUpB0D5B7AaKtY3Xt1kvO5QlJV2OifG3NNmvisDMla8= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk= diff --git a/scanner/job_manager/job.go b/scanner/job_manager/job.go index 1e2ec2c94..8c5af0ea1 100644 --- a/scanner/job_manager/job.go +++ b/scanner/job_manager/job.go @@ -16,9 +16,11 @@ package job_manager // nolint:revive,stylecheck import ( + "context" + "github.com/openclarity/vmclarity/scanner/utils" ) type Job interface { - Run(sourceType utils.SourceType, source string) error + Run(ctx context.Context, sourceType utils.SourceType, source string) error } diff --git a/scanner/job_manager/manager.go b/scanner/job_manager/manager.go index ee695c883..4d65869b0 100644 --- a/scanner/job_manager/manager.go +++ b/scanner/job_manager/manager.go @@ -16,6 +16,7 @@ package job_manager // nolint:revive,stylecheck import ( + "context" "fmt" "github.com/hashicorp/go-multierror" @@ -40,7 +41,7 @@ func New(jobNames []string, config IsConfig, logger *logrus.Entry, factory *Fact } } -func (m *Manager) Run(sourceType utils.SourceType, userInput string) (map[string]Result, error) { +func (m *Manager) Run(ctx context.Context, sourceType utils.SourceType, userInput string) (map[string]Result, error) { nameToResultChan := make(map[string]chan Result, len(m.jobNames)) // create jobs @@ -57,7 +58,7 @@ func (m *Manager) Run(sourceType utils.SourceType, userInput string) (map[string // start jobs for _, j := range jobs { - err := j.Run(sourceType, userInput) + err := j.Run(ctx, sourceType, userInput) if err != nil { return nil, fmt.Errorf("failed to run job: %w", err) } diff --git a/scanner/scanner/grype/local_grype.go b/scanner/scanner/grype/local_grype.go index 9021f9eb4..b0d149edc 100644 --- a/scanner/scanner/grype/local_grype.go +++ b/scanner/scanner/grype/local_grype.go @@ -16,6 +16,7 @@ package grype import ( + "context" "errors" "fmt" @@ -66,7 +67,7 @@ func newLocalScanner(conf *config.Config, logger *log.Entry, resultChan chan job } } -func (s *LocalScanner) Run(sourceType utils.SourceType, userInput string) error { +func (s *LocalScanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { go s.run(sourceType, userInput) return nil @@ -122,7 +123,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) { }, } - packages, context, _, err := pkg.Provide(source+":"+userInput, providerConfig) + packages, grypeContext, _, err := pkg.Provide(source+":"+userInput, providerConfig) if err != nil { ReportError(s.resultChan, fmt.Errorf("failed to analyze packages: %w", err), s.logger) return @@ -131,7 +132,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) { s.logger.Infof("Found %d packages", len(packages)) vulnerabilityMatcher := createVulnerabilityMatcher(vulnerabilityStore) - allMatches, ignoredMatches, err := vulnerabilityMatcher.FindMatches(packages, context) + allMatches, ignoredMatches, err := vulnerabilityMatcher.FindMatches(packages, grypeContext) // We can ignore ErrAboveSeverityThreshold since we are not setting the FailSeverity on the matcher. if err != nil && !errors.Is(err, grypeerr.ErrAboveSeverityThreshold) { ReportError(s.resultChan, fmt.Errorf("failed to find vulnerabilities: %w", err), s.logger) @@ -140,7 +141,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) { s.logger.Infof("Found %d vulnerabilities", len(allMatches.Sorted())) id := clio.Identification{} - doc, err := grype_models.NewDocument(id, packages, context, *allMatches, ignoredMatches, vulnerabilityStore.MetadataProvider, nil, dbStatus) + doc, err := grype_models.NewDocument(id, packages, grypeContext, *allMatches, ignoredMatches, vulnerabilityStore.MetadataProvider, nil, dbStatus) if err != nil { ReportError(s.resultChan, fmt.Errorf("failed to create document: %w", err), s.logger) return diff --git a/scanner/scanner/grype/remote_grype.go b/scanner/scanner/grype/remote_grype.go index a8da57188..6bd662580 100644 --- a/scanner/scanner/grype/remote_grype.go +++ b/scanner/scanner/grype/remote_grype.go @@ -16,6 +16,7 @@ package grype import ( + "context" "encoding/json" "fmt" "os" @@ -55,7 +56,7 @@ func newRemoteScanner(conf *config.Config, logger *log.Entry, resultChan chan jo } } -func (s *RemoteScanner) Run(sourceType utils.SourceType, userInput string) error { +func (s *RemoteScanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { // remote-grype supports only SBOM as a source input since it sends the SBOM to a centralized grype server for scanning. if sourceType != utils.SBOM { s.logger.Infof("Ignoring non SBOM input. type=%v", sourceType) diff --git a/scanner/scanner/trivy/scanner.go b/scanner/scanner/trivy/scanner.go index 04ccb5cbb..9acbf858b 100644 --- a/scanner/scanner/trivy/scanner.go +++ b/scanner/scanner/trivy/scanner.go @@ -154,7 +154,7 @@ func (a *Scanner) createTrivyOptions(output string, userInput string) (trivyFlag } // nolint:cyclop -func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { +func (a *Scanner) Run(ctx context.Context, sourceType utils.SourceType, userInput string) error { a.logger.Infof("Called %s scanner on source %v %v", ScannerName, sourceType, userInput) tempFile, err := os.CreateTemp(a.config.CacheDir, "trivy.scan.*.json") @@ -162,7 +162,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { return fmt.Errorf("failed to create temp file: %w", err) } - go func() { + go func(ctx context.Context) { defer os.Remove(tempFile.Name()) var hash string @@ -212,7 +212,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { // Ensure we're configured for private registry if required trivyOptions = utilsTrivy.SetTrivyRegistryConfigs(a.config.Registry, trivyOptions) - err = artifact.Run(context.TODO(), trivyOptions, trivySourceType) + err = artifact.Run(ctx, trivyOptions, trivySourceType) if err != nil { a.setError(fmt.Errorf("failed to scan for vulnerabilities: %w", err)) return @@ -226,7 +226,7 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { a.logger.Infof("Sending successful results") a.resultChan <- a.CreateResult(file, hash, metadata) - }() + }(ctx) return nil }